| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: mike at suzzal.net (Mike @ Suzzal.net) Subject: Lets discuss, Firewalls... Home and business firewalls Question to ponder: OK, on my home LAN I have set up a windows NT4.0 SP2 box with IIS and SQL Server 7.0. No hot fixes on the box at all. I run a NESSUS scan and I get over 500 available exploits for this box. My outside address is 216.144.100.100 (not really so please do not attack who ever that is) The box on the inside is 192.168.0.100/24 Admin password is blank. All IPC$ shares are there. I can surf the web from the box so it is fine. I have no firewall, just a NAT on the Motorola Surfboard and no 1 to 1 NATing. If you serve NO applications from the inside of your network (no publicly accessible web server, email server, ftp server etc...), and you have a NAT router so your addressing on the inside or your home or business is private (i.e. 192.168.0.x, 10.10.10.x, 172.16.1.x) Can you get to it? How? Do you still need a firewall? Why? Mike -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030829/4bf1b785/attachment.html
Powered by blists - more mailing lists