Firewall Wizards mailing list archives
Re: OT: Re: The Morris worm to Nimda, how little we've learned or gained
From: "H. Morrow Long" <morrow.long () yale edu>
Date: Sat, 05 Jan 2002 10:51:07 -0500
Roelof JT Jonkman wrote:
... I believe that one of not so recent developments of personal firewalls has helped considerably in making security more accessible for an average Internet User. (I'm not quite sure, but is Microsoft shipping a personal firewall integrated with the latest windows incarnations?)
Windows XP (Pro and Home) come with a "dumbed-down" version of a personal PC firewall built-in, however it is much reduced from what was envisioned originally and is lacking quite a bit of the full firewall features and functionality which most would want out of a personal PC firewall product (IDS, stateful multi-level inspection, enterprise management, extensive logging, etc.) for which you would really want to purchase a best-of-breed product from a 3rd party vendor for XP. I actually recommend the use of separate external dedicated small (SOHO) NAT routers (ala LinkSys, D-Link, NetGear, etc.) with firewall functionality to home high-speed "always on " cable/dsl Internet users in addition to or instead of software-based host-based firewalls as they are more idiot-proof (harder to misconfigure) and are more fail-safe. The advantage that software/host-based personal PC firewalls have (which is why they are a useful addition) is the ability to verify that the program starting up and attempting to access the Internet is known and authorized to do so. This is a great benefit of ZoneAlarm which can block viruses, worms, spyware and other malicious software from making unauthorized connections to the Internet. In combination with a good commercial and up to date anti-virus package the PC user has a good base for some desktop protection (provided they don't run IE, Outlook, AOL IM, LimeWire, etc.........). - H. Morrow Long
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: The Morris worm to Nimda, how little we've learned or gained Marcus J. Ranum (Jan 03)
- Re: The Morris worm to Nimda, how little we've learned or gained Paul D. Robertson (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Richard Johnson (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Ryan Russell (Jan 05)
- Re: The Morris worm to Nimda, how little we've learned or gained Frederick M Avolio (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Adam Shostack (Jan 04)
- RE: The Morris worm to Nimda, how little we've learned or gained robert_david_graham (Jan 04)
- RE: The Morris worm to Nimda, how little we've learned or gained Ryan Russell (Jan 05)
- OT: Re: The Morris worm to Nimda, how little we've learned or gained Roelof JT Jonkman (Jan 05)
- Re: OT: Re: The Morris worm to Nimda, how little we've learned or gained H. Morrow Long (Jan 06)
- Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained) Robin S. Socha (Jan 06)
- safety of unidirectional NT trusts hermit921 (Jan 15)
- Re: safety of unidirectional NT trusts Jonas Anden (Jan 16)
- Re: safety of unidirectional NT trusts S. Jonah Pressman (Jan 17)
- <Possible follow-ups>
- Re: The Morris worm to Nimda, how little we've learned or gained Rudy_D_Pereda (Jan 12)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 12)
- Re: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 13)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 14)
- Re: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 14)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 15)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 12)