Full Disclosure mailing list archives
RE: Re: January 15 is Personal Firewall Day, help the cause
From: "James Patterson Wicks" <pwicks () oxygen com>
Date: Sat, 17 Jan 2004 14:34:55 -0500
When you say properly configured firewall, does that include IDS? Does that mean that the firewall blocks all connection attempts from the outside but allows established traffic originating on the network interior? So if a system receives a Trojan from a web site, it can communicate with the outside world unmonitored? The problem with opening port 80 is that not only HTTP traffic can come in (i.e. Telnet). If you do not have a device or application looking at traffic about Layer 4, you could still have problems. Also, having AV look only at executables is a mistake. Just my two cents. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Jim Race Sent: Saturday, January 17, 2004 1:21 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Re: January 15 is Personal Firewall Day,help the cause Since the ping-pong game is far past 21 points... How safe would you consider: A WinXP box with all current patches A properly configured HW firewall ICF enabled, web services ONLY enabled and all ICMP requests disabled Apache (latest) installed with no add'l modules (static pages only) NOT running Outlook or OE Mozilla with Java and JS disabled in email An "admin" who knows not to run attachments No add'l (hated) SW firewalls No AV stuff running, except when scanning known executables I am of course, asking for a "friend". -jim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This e-mail is the property of Oxygen Media, LLC. It is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to postmaster () oxygen com and destroy all electronic and paper copies of this e-mail. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: January 15 is Personal Firewall Day, help the cause, (continued)
- RE: Re: January 15 is Personal Firewall Day, help the cause Schmehl, Paul L (Jan 15)
- Re: January 15 is Personal Firewall Day, help the cause Brandon Butterworth (Jan 15)
- Re: Re: January 15 is Personal Firewall Day, help the cause Gary Flynn (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause Richard M. Smith (Jan 15)
- January 15 is Personal Firewall Day, help the cause tlarholm (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause Nicob (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 16)
- Re: January 15 is Personal Firewall Day, help the cause Ron DuFresne (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 17)
- Message not available
- Re: Re: January 15 is Personal Firewall Day, help the cause Jim Race (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause Jim Race (Jan 17)
- Message not available