[Gloucs] I-WORM/Opas.A
Guy Edwards
gloucs at mailman.lug.org.uk
Tue Dec 31 01:52:01 2002
On Tue, 2002-12-31 at 01:04, jinxy@firenet.uk.com wrote:
> Not wanting to sound like I know anything but you should be using a
> firewall anyway and NAT aswell if you are letting PCs on the internet.
> Blocking all ports except the ones you need.
(My knowledge of security runs about as far as installing Smoothwall but
here goes anyhow...)
But if it's attached to an email and then spreads on your internal
network once inside then it's going to get past your firewall. I know
there's a million ways to stop that (user education, email filtering,
don't use outlook :-) etc), but there's lots of ways in that can get
past a firewall. (Mark?) e.g. I seem to remember an article on the
register about how a png file could be altered to write to memory
through a flaw in IE.
Firewalls are great but I thought all the most abundant viruses were the
ones that used the social engineering side of it the best, not the most
technical complicated (e.g. exploiting flaws that have been know about
for ages but most MS machines haven't been patched and are hence still
vulnerable, and just use a interesting email subject line to get people
to open the email,)
Out of interest, how many Linux users haven't applied all the security
patches for their distributions? (I take it this is where the Debian
users all look smug and mumble something about apt-get).
> Has anyone done a talk on the firewall/NAT distros you can get and how to
> set one up on a normal distro?
Not as far as I know. Want to give it a go? I can bring along a box with
Smoothwall and a laptop to network to it.
Guy