Security Basics mailing list archives
Re: Windows 98 box is 'owned'; Re:
From: GuidoZ <uberguidoz () gmail com>
Date: Tue, 5 Oct 2004 15:46:38 -0700
Sending this to the list as well - it seems the topic is still hot in debate. =)
*nodnod* I'm new on the list, I may have missed some of the original commentary.... Since I'm no longer at Lumeta, I wanted to keep my 'fingers in' what the communities are looking at for security products & discussion--I mean I can still bounce things off of Ches and Tal, but still--it's good to read other perspectives too! :)
I'm fairly new to this list myself (just this year). I've been around others (BugTraq, FD, etc) for quite some time. (I'd imagine the late 90's, but to be honest I don't remember exactly.) This list seems like a very good place to not only help out those new to the industry, but also learn new things. Very intelligent people ready and reply here. I look forward to it!
*nodnodnod* I fully agree. At least some of them put out things resembling them :) I'm much happier with the Netgear than I was with the DLink, personally.
Same here. I prefer LinkSys over them all - mostly to brand loyalty. (It's never lead me wrong yet...) I consider NetGear and LinkSys to be about equals with D-Link being the "value conscious" buy. I shy away from it unless the customer is serious about saving small amounts of $$$. I've never been fond of D-Links web interface and options, though frequently impressed with LinkSys. (NetGear has gone both ways - sometimes I've been frustrated at the interface and options while other times I've been relieved.) Google "linux on linksys" for some interesting adventures.
Yeah--I've been doing over-ICQ troubleshooting with a friend who has DSL and one of the Netgears. Finally I told him he needed to just call Netgear--they'd get the router to log into the DSL accounts, and then everything would be hunky-dory--he had "a friend" come over--and though everything's plugged into the right ports (thank the gods), the guy never did anything about having the *router* do the log-in to the service. *sigh*
Unfortunately I've found that "friends" of clients/customers have proved to bring me one of two things, in most cases: Frustration and/or more business. They either mess something up so I have to come over and fix it, or they mess something up to badly that I have to spend a large amount of time finding the problem, then fixing it. I shouldn't complain though - I got my start as one of those "friends" to many as well, then watching how the professionals fixed what I broke. =) Good call on the NetGear doing as much work as possible. Less for the end-user to break.
*nod* I just know that one of the guys at Lumeta (Karl Siil) swore by it. *shrug*--I've always had ZoneAlarm, personally. I haven't heard of/played with Kerio yet--or Sygate. I fully agree with Norton & McAfee--however, a lot of people buy them because of the name.
It's a common misconception, made by many that should know better. It's possible they've changed their product since it was drilled into my head, however I've never found a reason to go back to it. ZA was my #1 choice for a long time running as well. I liked Sygate over it because it offered some more advanced features (packet contents, advanced rules, etc) that I liked. ZA is still perfect for the average home user who would only have the new Windows Firewall (or nothing) instead. Kerio seems pretty reliable. I'm not sure how much I like the difference between their "simple" and "advanced" operation modes. I wish they included an "Intermediate" as well. (The simple does basically everything for you. I can see how this could be exploited. The Advanced gets anoying, prompting for EVERYTHING - even when an MSI install calls on the setup.exe file, etc.) Norton and McAfee are popular for the same reason AOL "is #1". They are recognized and included with many, many things as OEM or "free trials". Just like AOL, it certainly doesn't mean it's the best just because it's popular.
Hear Hear!!!! Unfortunately, people don't "get" that it's so damn evil :-/
Very unfortunate indeed. Many of the current problems (spyware being one of the biggest) wouldn't be such an issue if it wasn't for ActiveX. The most popular choices for installation (besides piggy-backing on an install) is deception with an ActiveX prompt. Though, I guess if ActiveX wasn't around, they would of found another way to abuse the system.
Hmm. So they're looking to run an applet on the client side via a webpage? Java/script would be less evil than ActiveX....(not by much but...) Whenever I wanted to run stuff client-side, I just used a WSH script--if it's all internal-stuff, then the WSH script can be run off of a domain controller, and the output (if any) could be saved on whatever internal server it would have access to.... At least it's *not* ActiveX... (granted, it can still be evil, however.. My point is, I'd rather trust *my* evil to do the right thing, than trust an ActiveX applet to do the right thing...)
I like it. I'm not up on my scripting host (VB) programming, though I understand some basic concepts. I'll talk to the company who is currently supporting the ActiveX and see what can be done. Thanks. =) Hope all is well. -- Peace. ~G On Tue, 05 Oct 2004 13:38:23 -0400, Glenn Sieb <ges () wingfoot org> wrote:
GuidoZ said the following on 10/5/2004 1:56 AM:Hello again. =):)Completely agree, 100%. I'd never expect a home user to have a need for a true hardware firewall. (I also noted in my original reply to the list that a router like those mentioned would be plenty for his mother.) The NetGear is a good choice. I'm usually one to recommend a LinkSys, however NetGear is my 2nd choice. =)*nodnod* I'm new on the list, I may have missed some of the original commentary.... Since I'm no longer at Lumeta, I wanted to keep my 'fingers in' what the communities are looking at for security products & discussion--I mean I can still bounce things off of Ches and Tal, but still--it's good to read other perspectives too! :)My argument wasn't that home users needed a true hardware firewall. It was that LinkSys, NetGear and D-link don't make true hardware firewalls. Terminology, nothing more. ;) I've been in this industry far to long to let something like that get by. Too many people already have it confused.*nodnodnod* I fully agree. At least some of them put out things resembling them :) I'm much happier with the Netgear than I was with the DLink, personally.I would also like to emphasize a point you made - if it's not possible for them to use correctly (even if it is just a router), then having it is a waste. You could have the best tools in the world at your disposal, but if you have no clue how to use them, it's meaningless. Very good point.Yeah--I've been doing over-ICQ troubleshooting with a friend who has DSL and one of the Netgears. Finally I told him he needed to just call Netgear--they'd get the router to log into the DSL accounts, and then everything would be hunky-dory--he had "a friend" come over--and though everything's plugged into the right ports (thank the gods), the guy never did anything about having the *router* do the log-in to the service. *sigh*Don't get me started on BlackICE! =) It's an IDS, not a true software firewall. (Google it for more info - Steve Gibson has a good write up on it.) ZoneAlarm is a good choice. So is Kerio. Both are free, easy to use, and work. Aside from the freebie class, I'm a big fan of Sygate. I do NOT like Norton Internet Security and McAfee anything. Both are resource hogs and frankly are unnecessary. Why pay so much for something you can get for free?*nod* I just know that one of the guys at Lumeta (Karl Siil) swore by it. *shrug*--I've always had ZoneAlarm, personally. I haven't heard of/played with Kerio yet--or Sygate. I fully agree with Norton & McAfee--however, a lot of people buy them because of the name.Amen. I swear by FireFox/Mozilla products and have since the old Netscape days. Luckily, I started converting those whom I had influence over years before IE started having all the recent problems. (Just back when it was having the other problems. =P )LOL! :)When the time came that it simply wasn't safe to use IE anymore, they switched without much fuss. The only thing missing when it comes to functionality is something no one should of started relying on in the first place - ActiveX.Hear Hear!!!! Unfortunately, people don't "get" that it's so damn evil :-/One of the organizations I support based an application on the .NET framework and was using an ActiveX applet to do some client side scripting. Unfortunately nothing but IE will work for them. If you have any suggestions, I'm quite willing to listen. ;)Hmm. So they're looking to run an applet on the client side via a webpage? Java/script would be less evil than ActiveX....(not by much but...) Whenever I wanted to run stuff client-side, I just used a WSH script--if it's all internal-stuff, then the WSH script can be run off of a domain controller, and the output (if any) could be saved on whatever internal server it would have access to.... At least it's *not* ActiveX... (granted, it can still be evil, however.. My point is, I'd rather trust *my* evil to do the right thing, than trust an ActiveX applet to do the right thing...)Again, see my first paragraph. I wasn't trying to convince Tom, Dick, and Harry to go out and get a SonicWall. I was only stating that there is a big difference between NAT and a hardware firewall. Not only would it be way overkill, but it would also be a waste as they coudl never figure out how to use it properly. A poorly configured firewall is worse then none at all - it gives a false sense of security. A problem often overlooked by too many that should know better!*nodnodnod* We eventually gave up on the Nokia (couldn't get some things to work like DHCP forwarding--long story), and ended up building a FreeBSD/ipf solution which (to my knowledge) is still serving them to this day.One firewall that could be considered both a hardware and software firewall (and even an enterprise class one at that) is the Linux based Smoothwall. It's free to download and only needs two NICs<snip>Defanitely check it out if you haven't already: http://www.smoothwall.org (Google it for myraids of configuration tips, scripts and tweaks.)Nice! I'll have to look into it :)Likewise. =) I always appreciate intelligent conversation.Ditto :)) Best, G. -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." ~Benjamin Franklin, Historical Review of Pennsylvania, 1759
Current thread:
- Re: Windows 98 box is 'owned', (continued)
- Re: Windows 98 box is 'owned' Nazeeh ElDirghami (Sep 30)
- RE: Windows 98 box is 'owned' OTTO, DOUGLAS P. (Sep 30)
- RE: Windows 98 box is 'owned' Randy Williams (Sep 30)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 04)
- RE: Windows 98 box is 'owned' Randy Williams (Oct 04)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 04)
- Message not available
- Re: Windows 98 box is 'owned' GuidoZ (Oct 05)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 04)
- Re: Windows 98 box is 'owned' Glenn Sieb (Oct 04)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 05)
- Re: Windows 98 box is 'owned' GuidoZ (Oct 05)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 06)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 06)
- Message not available
- Message not available
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 06)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 07)
- Re: Windows 98 box is 'owned'; Re: Glenn Sieb (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 08)
- Re: Windows 98 box is 'owned'; Re: xyberpix (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 12)
- Re: Windows 98 box is 'owned'; Re: Ansgar -59cobalt- Wiechers (Oct 08)
- Re: Windows 98 box is 'owned'; Re: GuidoZ (Oct 12)
- Re: Windows 98 box is 'owned'; Re: Ansgar -59cobalt- Wiechers (Oct 13)