[<prev] [next>] [day] [month] [year] [list]
Message-ID: <D89E9C009C6E5B4381DCBE89CA703CEE02EF9CA2@MI8NYCMAIL04.Mi8.com>
From: pwicks at oxygen.com (James Patterson Wicks)
Subject: Re: January 15 is Personal Firewall Day,
help the cause
When you say properly configured firewall, does that include IDS? Does
that mean that the firewall blocks all connection attempts from the
outside but allows established traffic originating on the network
interior? So if a system receives a Trojan from a web site, it can
communicate with the outside world unmonitored? The problem with
opening port 80 is that not only HTTP traffic can come in (i.e. Telnet).
If you do not have a device or application looking at traffic about
Layer 4, you could still have problems. Also, having AV look only at
executables is a mistake. Just my two cents.
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Jim Race
Sent: Saturday, January 17, 2004 1:21 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Re: January 15 is Personal Firewall Day,help
the cause
Since the ping-pong game is far past 21 points...
How safe would you consider:
A WinXP box with all current patches
A properly configured HW firewall
ICF enabled, web services ONLY enabled and all ICMP requests disabled
Apache (latest) installed with no add'l modules (static pages only)
NOT running Outlook or OE
Mozilla with Java and JS disabled in email
An "admin" who knows not to run attachments
No add'l (hated) SW firewalls
No AV stuff running, except when scanning known executables
I am of course, asking for a "friend".
-jim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
This e-mail is the property of Oxygen Media, LLC. It is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to postmaster@...gen.com and destroy all electronic and paper copies of this e-mail.
Powered by blists - more mailing lists