Re: [fw-wiz] Home firewall/NAT appliances - summary
From: Dave Piscitello (dave_at_corecom.com)
To: firstname.lastname@example.org Date: Thu, 17 Jul 2003 09:04:44 -0400
Thanks, I received about 20 replies.
*All* SOHO firewall/NAT _appliances_ known to folks who
responded default to allow any outbound. I asked to confirm
what I believe true on behalf of a friend who is designing a
home product that may require some remote access: since
most home users don't configure firewall inbound policy (which
is almost always deny ALL inbound, one possibility is to have
the product "all home", (like certain trojans and zombies and
*Lots* of folks say this makes sense.
I won't start a thread about this, I'm sure we've endured
enough "security vs. ease of installation" discussions.
If you want to take this up with me, do so offline and save
Some folks responded with experience from personal firewall
software. Several of these do indeed block all outbound
applications by default and some interact with the user
on a per application basis to customize a policy. I'm not
convinced every home user responds knowledgeably
to "notarookit.exe wants to connect to the internet, is this OK?",
but at least it's not wide open.
At 10:14 AM 7/17/2003 +1000, Michael Still wrote:
> > Most every home firewall/NAT appliance I've configured
> > comes with an out-of-the-box default policy of "allow any outbound".
> > Is this everyone's experience?
>Pretty much. For homes, it makes a lot of sense.
>Michael Still (email@example.com) | Stage 1: Steal underpants
>http://www.stillhq.com | Stage 2: ????
>UTC + 10 | Stage 3: Profit
firewall-wizards mailing list