RE: [fw-wiz] Annoying pop-ups

From: R. DuFresne (dufresne@sysinfo.com)
Date: 11/01/02 

From: "R. DuFresne" <dufresne@sysinfo.com>
To: Gregory Austin <gaustin@rkon.com>
Date: Fri Nov  1 16:19:02 2002

Gregory,

>
> I tend to agree with you (as I noted), but that doesn't address my
> question at all. Are you guys saying that the messenger service is
> dangerous/not useful on the LAN? I think I can make a better argument for
> some core network functionality being turned on by default than you guys
> can for turning everything off. Imagine if everything were turned off by
> default, things would definitely be safer--but how bad would that world
> suck for the technically dysfunctional you guys are talking about
> defending? They'd be safer, but their computers would be paperweights to them.
>
> <rant>
> The messenger service is *not* evil. Letting unfiltered Internet traffic
> hit your machine *is* stupid. And if you spill hot coffee on yourself,
> it's *your* fault you got burned, you clumsy dumb-ass.
> </rant>

I think one has to ask this question about the service in question and the
problems faced by yhe original poster:

1> is the service abusable remotely

2> is the service abusable internally

3> does the vendor provide a security mechnism to prevent the abuse of
the service and is that well documented

4> is the service required for systems to be functional on the corp or
home network

I think you answer that in your rant above about unfiltered traffic
hitting the inside machine<s>.

Additionally, considering most home networks consist of a single system,
shared by the family of in the kid's bedrooms, how functional is the
messaging service? But, considering the home/small office networks
consisting of more then one system; does the vendor in question actually
document how the service can be abused and provide information about how
to deal with and prevent such abuses? Not providing such a mechanism and
documentation might well be itself a primary lack of resonsibility as
pertains to their stance on security.

Thanks,

Ron DuFresne

<what you don't know, *can* hurt you> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!

Relevant Pages

  • Re: The Ubuntu Experiment
    ... If by idiot users you mean the average person who is unaware of security ... concerns with running anything Microsoft, ... To ensure that the average users on my home network don't get their ... rack mounted servers in a data center doing less work. ...
    (Ubuntu)
  • Re: suggestions on a good firewall
    ... > much as I can on being a good MCSE ... For a home network, you can't go wrong with one of those little DSL/Cable router/firewalls. ... And with a slightly higher grade of hardware firewall, you can start configuring specific services, etc, through the firewall. ... Thinking About Security Training? ...
    (Security-Basics)
  • Re: Questions...Network Security and Wireless
    ... I am looking to know whether the security of my home network I have is ... I am not able to try a pen test on it. ... I am using a cable modem connected to a DLINK DI-624 wireless router. ... My wireless security is set to WPA2 TKIP. ...
    (Security-Basics)
  • Re: security
    ... With all the "phishing" scams and fake security bulletins running around, ... > I have several computers on a home network that I never have a need to ... > from downloading and installing junk from the internet. ... >> computer with internet capability? ...
    (microsoft.public.security)
  • Two Computers, Linksys Router, I want both to use AIMs Talk/File Transfer....?
    ... "Talk" functionality from both machines on my little home network? ... Same goes for file transfer. ...
    (comp.security.firewalls)