[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4AB9AB57.90105@cipherpunx.org>
Date: Wed, 23 Sep 2009 00:00:07 -0500
From: OTB <ownthebox@...herpunx.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Dumb question: Is Windows box behind a router
safe ?
Steve really needs to ask himself, if all his pop does is run Firefox
and email, why he's running Windows on that machine at all? Not safer
per se, but a less meaty target. Still needs a nightly auto-update, though.
Also, (hi, John) filtering egress is pretty well moot on $home_router,
most connectbacks these days go out on 80 or 443. IRC control channels
are so last year.
Also, Steve, there's a list for this sort of thing, not that it matters:
http://www.securityfocus.com/archive/105/description
Chris wrote:
> Bullshit.
>
> Screw NAT, screw routers, screw bots.
>
> The *FIRST* thing Steve should be doing is patching his computer. There is absolutely no freaking excuse for having an unpatched or halfway patched computer running Windows whatever. Microsoft has made Windows Update idiotproof...to the point where any average desktop user NOT using it is a moron.
>
> To try to compensate for his lazy, half-assed attitude is just putting a band-aid on the Grand Canyon.
>
> To think that his unpatched and probably already compromised computer is safe just because it sits behind a router, of which he has no idea if it is secured, is the blind leading the blind.
>
> PATCH THAT BOX. Turn on Automatic Updates, set them to install and reboot automatically, Steve. You won't have to do anything except keep living in the fantasyland you live in now...but at least your computers won't be spewing out garbage.
>
>
>> ----- Original Message -----
>> From: "Michael Fritscher" <michael@...tscher.net>
>> To: full-disclosure@...ts.grok.org.uk
>> Subject: Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ?
>> Date: Tue, 22 Sep 2009 20:42:06 +0200 (CEST)
>>
>>
>> Hi Steve,
>>
>> I hope you haven't caused a storm with aggressive mails here^^
>> This maillinglist is more about now detected holes in soft- and hardware...
>>
>> First, you certainly mean not a normal router (which is on most cases 100%
>> transparent in both directions), but a NAT-router.
>>
>> What the NAT blocks (in most cases) are incomings connections - But
>> expecially since XP SP2 this is a very seldom used way to attack
>> computers.
>> Nowadays, most bad software use holes in apps - browser, office, flash and
>> so on which use outgoing connections - which are NOT blocked by a
>> NAT-router.
>> So, yes, a bot connectiong to a botnet could be installed if Firefox or a
>> plugin like Flash, Java, Quicktime and so on has a hole and you browse on
>> a "bad" site.
>>
>> Btw, please read about NAT, routing, current bad software etc in the
>> internet - this will help you understanding the concerns.
>>
>> Sincerly,
>> Michael
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists