Full Disclosure mailing list archives

RE: Re: January 15 is Personal Firewall Day, help the cause

From: "James Patterson Wicks" <pwicks () oxygen com>
Date: Sat, 17 Jan 2004 14:34:55 -0500

When you say properly configured firewall, does that include IDS?  Does
that mean that the firewall blocks all connection attempts from the
outside but allows established traffic originating on the network
interior?  So if a system receives a Trojan from a web site, it can
communicate with the outside world unmonitored?  The problem with
opening port 80 is that not only HTTP traffic can come in (i.e. Telnet).
If you do not have a device or application looking at traffic about
Layer 4, you could still have problems.  Also, having AV look only at
executables is a mistake.  Just my two cents.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Jim Race
Sent: Saturday, January 17, 2004 1:21 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Re: January 15 is Personal Firewall Day,help
the cause

Since the ping-pong game is far past 21 points...

How safe would you consider:

A WinXP box with all current patches
A properly configured HW firewall
ICF enabled, web services ONLY enabled and all ICMP requests disabled
Apache (latest) installed with no add'l modules (static pages only)
NOT running Outlook or OE
Mozilla with Java and JS disabled in email
An "admin" who knows not to run attachments
No add'l (hated) SW firewalls
No AV stuff running, except when scanning known executables

I am of course, asking for a "friend".

-jim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


This e-mail is the property of Oxygen Media, LLC.  It is intended only for the person or entity to which it is 
addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. 
Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient 
is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to 
postmaster () oxygen com and destroy all electronic and paper copies of this e-mail.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Re: January 15 is Personal Firewall Day, help the cause, (continued)
- RE: Re: January 15 is Personal Firewall Day, help the cause Schmehl, Paul L (Jan 15)
- Re: January 15 is Personal Firewall Day, help the cause Brandon Butterworth (Jan 15)
  - Re: Re: January 15 is Personal Firewall Day, help the cause Gary Flynn (Jan 15)
  - RE: Re: January 15 is Personal Firewall Day, help the cause Richard M. Smith (Jan 15)
- January 15 is Personal Firewall Day, help the cause tlarholm (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 15)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 15)
  - RE: Re: January 15 is Personal Firewall Day, help the cause Nicob (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 16)
- Re: January 15 is Personal Firewall Day, help the cause Ron DuFresne (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause James Patterson Wicks (Jan 17)
  - Message not available
    - Re: Re: January 15 is Personal Firewall Day, help the cause Jim Race (Jan 17)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Jim Race (Jan 17)