Re: Potetial Outpost Conflicts?

[H C <keydet89 () yahoo com>]

James,

Well-stated response...

> Forgive me, but I'm not too sure why you want to run
> either 2 firewalls or 2 anti-virus engines on the
same 
> machine for than matter. I think that there may be
too 
> much of a focus on the technology/paranoia and less
on 
> the cost/time of administration, doubling the number

> of possible application vulnerabilities and causing 
> undue processing.

I agree, whole-heartedly.  There should be no need to
run 2 of anything, really.  Particularly on Win98. 
Worried about someone gaining access to your system? 
Think about how intrusions occur...a service,
something listening for connections, has to be
compromised...a vulnerability in the service is
exploited.  By default, Win98 has...how many services
running?  One, as far as I remember, and if you simply
disable File and Print Sharing, you're pretty much
done.  In essence, there's nothing left to exploit. 
Take it a step further and unbind NetBEUI from the
interface.  That way, only TCP/IP is bound to it. 
Keeping the system patched will protect against many
DoS issues.

Two f/w's means you have to keep up on vulnerabilities
to two disparate applications.  That means not only
watching BugTraq and VulnDev, but also the vendor
sites.  This is in addition to watching for updates
and patches to the os.

Colin mentioned security in depth...but there's much,
much more to that than simply loading two f/w and two
A/V apps on your system.  And I find it odd that Colin
would even mention security in depth, given the os
he's using...given that there is no native logging
facility to Win98, nor can ACLs natively be set on the
file system.

Given that this is a home system, the processing issue
really becomes a matter of preference, I would think.

> Having double the precautions does not give you
double 
> the protection.  

This is true.  Say, for the sake of argument, on A/V
product detects 98% of known viruses, and the other
detects 99%.  That doesn't necessarily push you up to
99.99999% coverage, as there are bound to be a great
deal of duplicates.

What does work?  Take a look at the email application
you're using, as well as your habits.  Do you simply
click on anything and everything you receive as an
attachment, regardless of who sends it to you?  



__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com