Full Disclosure mailing list archives

Re: Dumb question: Is Windows box behind a router safe ?

From: Rohit Patnaik <quanticle () gmail com>
Date: Tue, 22 Sep 2009 15:10:23 -0500

No, I would not consider your father's box to be safe.  There are enough 
drive-by-download attacks and e-mail scams to make infection a very real 
possibility even if the automated worm route is blocked by a NAT 
router.  However, if you installed SP2 with default settings, it 
probably enabled the auto-update functionality in Windows.  Similarly, 
recent versions of Firefox have a similar auto-update feature.  So, even 
if you don't think the box is being updated, it might still be receiving 
security patches.

--Rohit Patnaik

Steven Anders wrote:

I received great responses and am very grateful to the help from 
community of this list. Thank you.
 
 
I have a dumb question: Is a Windows box behind a router safe ? 
 
It is my father's PC and the Windows OS was not updated regularly. The 
Windows box was connected through wire (RJ45) to the router. The 
router is then connected to the DSL modem.
The Windows Box has SP2 installed and the default Windows firewall 
enabled - and I think was last updated from Windows Update on in 2008. 
It has AVG anti virus.
The PC was never moved anywhere and is always behind the router. The 
router has default settings, which I believe has no ports open.
 
He never installed any applications or downloads anything off the net 
- mainly it is used for emails and general web browsing (using 
Firefox, not IE). I informed him to use Firefox, since IE has so many 
security issues.


My questions are:

1.  There are many exploits and vulnerabilities of Windows, but I was 
wondering if outdated Windows box behind router generally safe ?  
Since, the Windows box was not updated with the latest updates.

I have always thought that having a computer behind the router (since 
router has firewall) is generally safe, but I would love to hear 
insights or thoughts. 
 
 
2. If a Windows box is behind a router, could a botnet be installed to 
it ? Assuming, the end user does not install/download any applications 
from the Internet and always use Firefox.
 
 
Thank you all in advance.
steve
 
------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Dumb question: Is Windows box behind a router safe ?, (continued)
- - - Re: Dumb question: Is Windows box behind a router safe ? Dave (Sep 22)
    - Re: Dumb question: Is Windows box behind a router safe ? vulcanius (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? G. D. Fuego (Sep 22)
  - Re: Dumb question: Is Windows box behind a router safe ? john s (Sep 22)
    - Re: Dumb question: Is Windows box behind a router safe ? G. D. Fuego (Sep 22)
    - Re: Dumb question: Is Windows box behind a router safe ? john s (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Valdis . Kletnieks (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? a.kuriger (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Robert Portvliet (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Elonym (elone) (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Rohit Patnaik (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Michael Fritscher (Sep 22)
  - Re: Dumb question: Is Windows box behind a router safe ? Steven Anders (Sep 22)
    - Re: Dumb question: Is Windows box behind a router safe ? Camilo Uribe (Sep 23)
- Re: Dumb question: Is Windows box behind a router safe ? Chris (Sep 22)