Re: Would you pay more ...

• Previous message: captgoodnight_at_acsalaska.net: "Re: Info HIDS"
• In reply to: Calin Don: "Re: Would you pay more ..."
• Next in thread: John Fastabend: "Re: Would you pay more ..."
• Reply: John Fastabend: "Re: Would you pay more ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 09 Jul 2004 08:27:26 -0400
To: security-basics@securityfocus.com

Big day, two posts.

> Jeff wrote:
>
>> Regarding standard consumer broadband connections ...
>>
>> Would you pay more to only have the following destination ports open
>> to the internet originating from your broadband modem:
>>
>> tcp 21 - ftp
>> tcp 22 - ssh
>> tcp 25 - smtp
>> tcp, udp 53 - dns
>> tcp 80 - www
>> tcp 110 - pop3
>> tcp 119 - nntp
>> udp 123 - ntp
>> tcp 443 - secure www
>>

[snip some ..]

>> I would REALLY like to hear from those of you that work in the ISP
>> field. I have always been on the receiving end of an ISP -- never
>> worked in that trench. But I suspect that this type of firewall could
>> be built into every single cable/dsl modem used at little expense.
>> Indeed, could save lots of money on bandwidth.
>>
>> Consider Grandma now ... she typically isn't a gamer and need other
>> ports open. Nor does she work at home and require a vpn. BUT she is
>> the MOST likely to get hit by some exploit, and it's her damned box
>> (x 1,000,000) uselessly eating up bandwidth because some smart-aleck
>> *&#$ing script kiddie bas(*&#$
>>
>> .... ohm-yelli-mon ... ohm-yelli-mon ... OK, ok, better.
>>
>>
>> Jeff

Jeff,

A easy no. Because of grandma. Your missing the end user experience.
I've had Popeye and olive oil neighbors who came back from the mall with
a gateway, called up road runner and invited me over for pizza. By the
second slice they had asked is this the net? 3 or 4 times.

I stopped back for more pizza a few weeks later .. she was on some talk
pal thing talking to who knows who where about quilts, he showed me all
his WWII buddies he found , their ship www sites and then fired off his
WWII flight game, gift from daughter, connected to a game zone, joined a
private squadron [no cheats] and proceeded to shootem up over a decent
rendering of the French country side .. complete with call signs and
wise crack messaging.

These two did not have a clue about port numbers or protocols nor did
they care.

They were all concerned about the web news they were reading regarding
their machine being attacked by bad guys on the net.

Kind of like going to the bad side of town to a wild bar .. great fun
but need to get back to the car with out being mugged.

With your Idea .. what are they to do ? How does one teach them, work
with them ?

Are you saying they should all wear the same generic clothes because fun
clothes are hard to take care of ? 1984 ? Pass me the soma.

/don

-- 
__________________________________________________________________
Donald W. Voss                                     voss@albany.edu
Sr.Systems Analyst
GIS Geography Department AS218
The University at Albany
Albany, NY, USA 12222
OK, the jokes is over, you can bring back the constitution now.
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: captgoodnight_at_acsalaska.net: "Re: Info HIDS"
• In reply to: Calin Don: "Re: Would you pay more ..."
• Next in thread: John Fastabend: "Re: Would you pay more ..."
• Reply: John Fastabend: "Re: Would you pay more ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]