Re: [fw-wiz] Firewalls that generate new packets..
- From: Darren Reed <Darren.Reed@xxxxxxx>
- Date: Tue, 27 Nov 2007 21:07:11 -0800
Paul D. Robertson wrote:
On Tue, 27 Nov 2007, Paul Melson wrote:
in both directions. State tables allow your firewall to have a deny-all
default inbound policy and an allow-all default outbound policy. They allow
With today's proliferation of Trojans and Spyware, anyone with a
Windows user population above three who has an allow-all default outbound
policy is an idiot and populations of one to three are likely candidates
for the club if not associate members.
To give you an idea of how bad this problem is, I recently did a
fresh install of Microsoft Windows XP + Service pack 2 (I hadn't
caught up with all of the patches yet) and experimented with
surfing the Internet like a normal user - default security settings
for Internet Exploder.
Half a dozen web sites later - no more - and spyware had installed
itself into winlogin. Removal? Safest bet will be a format. How did
it get there? I suspect some popup ad with nasty javascript/activex.
Now what percentage of the Internet population does this represent?
Port 80/443 restrictions mean nothing.
Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] Firewalls that generate new packets..
- From: Timothy Shea
- Re: [fw-wiz] Firewalls that generate new packets..
- References:
- Re: [fw-wiz] Firewalls that generate new packets..
- From: Paul D. Robertson
- Re: [fw-wiz] Firewalls that generate new packets..
- Prev by Date: Re: [fw-wiz] Firewalls that generate new packets..
- Next by Date: Re: [fw-wiz] Firewalls that generate new packets..
- Previous by thread: Re: [fw-wiz] Firewalls that generate new packets..
- Next by thread: Re: [fw-wiz] Firewalls that generate new packets..
- Index(es):
Relevant Pages
|
Loading
