Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause

["Wes Noonan" <mailinglists () wjnconsulting com>]

> On Fri, 16 Jan 2004, Wes Noonan wrote:
>
> > This is not quite correct. Nachia and Blaster, as well as Code Red and
> its
> > variants are all detectable and preventable with virus protection.
>
> All of those are Windows viruses, no?

Sure, but the statement, mistakenly made, was that virus protection does
nothing to protect against worms. I felt that it was worth pointing out that
your apparent anti-MS religion caused you to make an incorrect statement
(actually, it caused you to make a lot of incorrect statements, but folks
have already pointed that out). Perhaps you should spend a little bit of
time learning how to harden a windows system before you go advising folks
what they should be doing.
 
> > While
> > they may not stop the worm on the network, they can and do stop systems
> from
> > becoming infected and propagating the worm.
>
> So does mounting /tmp noexec, and it doesn't involve shelling out money
> to AV vendors.  Mounting /tmp noexec also protects against future threats,
> not just ones that happen to be in the AV database.
>
> (I know that someone recently released code to do a "user-space" exec,
> so mounting /tmp noexec is not 100% foolproof, but it's pretty good
> protection.)

Well then, IMO you might want to invest in virus protection. 

I'm curious, why is your solution which is not 100% foolproof "pretty good
protection", but installing virus protection which is not 100% foolproof is
a sham?

Really, it seems to me that a number of the "anti-virus scan" positions (and
indeed most of the anti-microsoft, ant-personal firewall, etc positions)
seem to have little substance beyond "I don't want to spend money".

Wes Noonan
mailinglists () wjnconsulting com
http://www.wjnconsulting.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html