Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: A rather newbie question

From: "Ethan Vaughn" <evaughn () levithan net>
Date: Mon, 3 May 2004 11:22:36 -0600 (MDT)
This might be obvious, so i apologize in advance.

I just wanted to point out that this is probably the no.1 security fallacy
I hear among my endlusers.

"Schmidt, Michael R." <Michael.Schmidt () T-Mobile com> wrote:

Thanks,

I use ISA server.  This is my home network, so I probably have nothing
that they would be interested in.  I do have two static IP addresses and
a DSL line.


Yes, there *is* something "they" are interested in: owning your box. Even
the  wimpiest granny-owned win95 box is valuable to a blackhat. Once
"owned" your box becomes a "safe machine" from which a blackhat can launch
anonymous attacks. Any trace will come back to you.

I think of it this way, how would I like my personal machine's IP address
to show up in a DDoS attack log against FBI.org? That usually motivates me
to spend a little extra time on my personal net's securiy.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: