Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ?

On Tue, 22 Sep 2009 11:29:20 PDT, Steven Anders said:

I have always thought that having a computer behind the router (since router
has firewall) is generally safe, but I would love to hear insights or

In general, that's true. Most of the current popular infection vectors are
connected with web browsers or e-mail. It's pretty hard to whack a Windows
box that's just sitting there behind a firewall. But all bets are off once
you start surfing websites...

And remember - although Firefox has a somewhat better security history

2. If a Windows box is behind a router, could a botnet be installed to it ?
Assuming, the end user does not install/download any applications from the
Internet and always use Firefox.

Yes, if the user uses Firefox to hit a site that has malware that will use a
Firefox bug (see above), you can get a botnet on it. Most firewalls/routers
are configured to automatically pass all outbound traffic, so the botnet
software can easily phone home to get further instructions/updates.

Attachment: pgpNUcSN4u2u2.pgp
Description: PGP signature

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -