Security Basics mailing list archives
Re: Potetial Outpost Conflicts?
From: H C <keydet89 () yahoo com>
Date: Fri, 17 Jan 2003 12:57:46 -0800 (PST)
James, Well-stated response...
Forgive me, but I'm not too sure why you want to run either 2 firewalls or 2 anti-virus engines on the
same
machine for than matter. I think that there may be
too
much of a focus on the technology/paranoia and less
on
the cost/time of administration, doubling the number
of possible application vulnerabilities and causing undue processing.
I agree, whole-heartedly. There should be no need to run 2 of anything, really. Particularly on Win98. Worried about someone gaining access to your system? Think about how intrusions occur...a service, something listening for connections, has to be compromised...a vulnerability in the service is exploited. By default, Win98 has...how many services running? One, as far as I remember, and if you simply disable File and Print Sharing, you're pretty much done. In essence, there's nothing left to exploit. Take it a step further and unbind NetBEUI from the interface. That way, only TCP/IP is bound to it. Keeping the system patched will protect against many DoS issues. Two f/w's means you have to keep up on vulnerabilities to two disparate applications. That means not only watching BugTraq and VulnDev, but also the vendor sites. This is in addition to watching for updates and patches to the os. Colin mentioned security in depth...but there's much, much more to that than simply loading two f/w and two A/V apps on your system. And I find it odd that Colin would even mention security in depth, given the os he's using...given that there is no native logging facility to Win98, nor can ACLs natively be set on the file system. Given that this is a home system, the processing issue really becomes a matter of preference, I would think.
Having double the precautions does not give you
double
the protection.
This is true. Say, for the sake of argument, on A/V product detects 98% of known viruses, and the other detects 99%. That doesn't necessarily push you up to 99.99999% coverage, as there are bound to be a great deal of duplicates. What does work? Take a look at the email application you're using, as well as your habits. Do you simply click on anything and everything you receive as an attachment, regardless of who sends it to you? __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- Potetial Outpost Conflicts? Colin Rous (Jan 16)
- RE: Potetial Outpost Conflicts? Tim V - DZ (Jan 17)
- Re: Potetial Outpost Conflicts? James Taylor (Jan 17)
- Re: Potetial Outpost Conflicts? alaskan (Jan 21)
- Re: Potetial Outpost Conflicts? Colin Rous (Jan 21)
- Re: Potetial Outpost Conflicts? James Taylor (Jan 23)
- Re: Potetial Outpost Conflicts? Colin Rous (Jan 21)
- Re: Potetial Outpost Conflicts? GSimmonds (Jan 22)
- <Possible follow-ups>
- RE: Potetial Outpost Conflicts? Doug McFarland (Jan 17)
- Re: Potetial Outpost Conflicts? H C (Jan 21)
- RE: Potetial Outpost Conflicts? adi diz (Jan 23)