[Klug-general] Linux to offer a paradigm-shift in computer security

Peter Childs peterachilds at gmail.com
Wed Nov 28 18:56:04 GMT 2007 

On 28/11/2007, Karl Lattimer <karl at qdh.org.uk> wrote:
>
>
> On Wed, 2007-11-28 at 15:34 +0000, Peter Childs wrote:
> >
> >
> > On 28/11/2007, Karl Lattimer <karl at qdh.org.uk> wrote:
> >         OK, this is bad advice ^^ see bad advice... The firewall in
> >         windows is
> >         the only thing stopping the slammer worm and a bunch of
> >         others. Don't
> >         switch it off because it is added bloat!!!! It isn't, the
> >         standard
> >         windows firewall is an adequate solution its not ideal but it
> >         WORKS for
> >         the purposes it is intended, protecting windows' penchant for
> >         opening
> >         ports on LAN networks.
> >
> >
> > If its a worm the virus protection should have stopped it. A Firewall
> > will not stop a worm.
> >
>
> The biggest load of shit I've ever heard!!!!
>
> A WORM/REMOTE EXPLOIT CAN ATTACK USING A BUFFER OVERFLOW EXPLOIT AGAINST
> AN OPEN PORT FOR INSTANCE, A FIREWALL BLOCKS THIS INITIAL ATTACK RATHER
> THAN REMOVING THE MALWARE AFTER INFECTION HAS TAKEN PLACE!
>
> Anti-virus is a damage limitation tool (and by no means perfect,
> generally leaving a few twitching tendrils of malware), not an active
> interrogator of incoming traffic like DEEP PACKET INSPECTION, firewalls
> ultimately prevent services being exploited in the most part by blocking
> access to certain ports.
>
> > A firewall is a dedicated appliance, or software running on another
> > computer, which inspects network traffic passing through it, and
> > denies or permits passage based on a set of rules.
>
> appliance meaning... a computer with software in it? And why does it
> need to be dedicated? I mean if my web server is in a DMZ its gonna have
> ip tables on it!
>
> > see http://en.wikipedia.org/wiki/Firewall_(networking)
>
> Of course, you get all your knowledge regarding firewalls from
> wikipedia, not erm... I dunno Cisco internetworking systems (great free
> as in beer book) or the netfilter mailing list, or the countless white
> papers on IP Tables you've read.
>
>
Actually this is what I was taught at University. Its the standard
definition of a firewall.

Just like not all things people call viruses are in fact viruses they may be
worms, trojan horses etc etc but all covered by what is a now a standard
tool that protects against many things.

All I'm trying to say is that most windows firewall software is badly set up
and usually people just blindly click Yes when asked.

If used properly its a useful too but most people don't understand whats
what...

Peter.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/kent/attachments/20071128/f0ebd12d/attachment-0001.html

More information about the Kent mailing list