Re: Can Windows attack my Linux
From: prg (rdgentry1_at_cablelynx.com)
Date: 01/10/05
- Next message: Rolf Arne Schulze: "Re: ssh : password against keys"
- Previous message: prg: "Re: IPtables block BT"
- In reply to: Ray Green: "Can Windows attack my Linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 10 Jan 2005 09:10:11 -0800
Ray Green wrote:
> I currently only use Linux and do not possess Windows in any shape or
form.
>
> However, I intend to get a new pc with two drives, one for Linux and
one
> with Windows XP which my job needs because I occassionally need to
boot
> Windows to run Internet Explorer to view a couple of websites I look
after.
> I don't want to waste effort and money keeping XP patched up but am
> concerned that if XP gets infected with something nasty it can
destroy my
> Linux installation. Is this a real concern and if so what can I do to
> protect myself?
>
> (I'm not bothered if XP destroys itself because I'll just reinstall
it)
[and overwrite the MBR _every_ time :( ]
Any -- that's _any_ -- computer connected to the internet needs to be
protected for both your protection, the protection of the computers you
connect to and for the rest of us, as an unprotected XP box would make
a great platform for laundering/launching attacks onto the net. Where
do you think all your spam comes from?
As others have said there are cheaper/better(?) solutions, but you may
want/need a new machine just to treat yourself ;-)
XP's SP2 includes a (wholesale?) reworking of the firewall (now called
WF -- Windows Firewall) and it's a pretty decent _host_ fw. Disables
the UPnP announcements, is statefull, allows much better management of
packet filtering rules, and used in conjunction with a network fw --
you are using one aren't you? -- would go a long way to protect
youself. If not pre-loaded insist they include an SP2 CD so you don't
have to download and burn your own copy.
To avoid the temptation of using XP's IE to do some surfing, only allow
outgoing http traffic to the _sites_ you _need_ to work with and
disallow _all_ other outgoing connection attempts (except for DHCP and
maybe DNS). Do _not_ allow _all_ IE based traffic out by using the App
Allowed Exceptions.
Incoming connection attempts are automatically (default) blocked, but
double check that your changes have not opened a hole.
Also, there is _much_ better, customizable logging with the new fw so
you can monitor yourself (and your box).
Firewall links:
http://www.microsoft.com/technet/community/columns/cableguy/cg0104.mspx#EHAA
http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;886185
BTW, this is not an ad for MS or advocating that you go this route --
strictly background so you know what's up. Personally, I wouldn't
trust IE/Outlook even disconnected from the net.
But whatever you do, don't connect a Win box on the net without some
protection. There's enough spam out there already ;-)
hth,
prg
email above disabled
- Next message: Rolf Arne Schulze: "Re: ssh : password against keys"
- Previous message: prg: "Re: IPtables block BT"
- In reply to: Ray Green: "Can Windows attack my Linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
