Re: Stopping open proxies and open relays

[Valdis.Kletnieks () vt edu]

On Sat, 07 Feb 2004 12:03:22 GMT, =?iso-8859-1?Q?Gu=F0bj=F6rn_Hreinsson?= <gsh () centrum is>  said:

> Maybe we should first have laws that prohibit making and selling computers
> without firewalls? In this context I should be fine making cars without

This is going in the Very Wrong Direction.

Consider that no firewall would have stopped MyDoom from spreading, unless
it was sufficiently anal-retentive as to stomp on *outbound* SYN packets to
anyplace except the user's preferred SMTP server (and even then, it would only
slow things down, and is prone to "adjustment" by the worm similar to the
way some malware turns off A/V software).

When did Microsoft start *shipping* a firewall?  Why are there still problems?
Because it was shipped disabled.  And they're doing the right thing and
shipping with it enabled - but now there will be support calls on how to
get a port open so XYZ will work...

I wouldn't recommend trying to expand it to "prohibit making and selling
computers that are insecure", since no computer is 100% secure, and there's
no objective "secure enough" standard - closest you will get there is
probably Dell's offer to ship machines pre-hardened to Center for Internet
Security guidelines.

Attachment: _bin
Description: