Re: Zone Alarm affects my online gaming

From: Alec (alec_at_nospam.com)
Date: 06/08/04 

Date: Tue, 08 Jun 2004 17:51:38 GMT

"Eirik Seim" <eirik@mi.uib.no> wrote in message
news:slrnccahq1.gsd.eirik@kain.mi.uib.no...
> On Mon, 07 Jun 2004 22:21:20 GMT, Bjørnar Bolsøy wrote:

> > Just a note, but the latest breed of viruses, like Sasser,
> > spreads through your ports, not email, making a firewall
> > more essential than ever.
>
> "latest breed"? Where were you in '88? There is nothing new to
> Sasser except for a relatively new vulnerability (patch+advisory
> shipped 13. of April, Sasser observed the 30.). People should
> stop running services on the internet unless they are aware of it.

I think the point simply was that there are, in fact, ways for viruii and
other malicious attacks to occur other than simply through email.

> Operating system vendors need to re-think their strategies (as
> they do) and start shipping systems locked down by default. This
> would help far more than any firewall.

True, OS providers do need to tighten default settings. However, 1) they
largely are moving in the right direction, 2) backward compatibility can be
problematic, and 3) still there would remain instances were it may make
sense to have some services open for LAN access that clearly have no place
being open for WAN access. Firewalls will remain a critical part of any well
considered, layered approach to security; essentially irregardless of any
security improvements made by OS vendors.

>
> - Eirik
> --
> New and exciting signature!
>

Relevant Pages

  • Re: Zone Alarm affects my online gaming
    ... > stop running services on the internet unless they are aware of it. ... > would help far more than any firewall. ... sense to have some services open for LAN access that clearly have no place ... security improvements made by OS vendors. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Question about Viruses on parallels using Windows XP
    ... The real risk is with worms and automated scripts that target specific open ports and services running on Linux systems - scripts that do brute-force password cracking, take advantage of buffer overflow vector vulnerabilities and the like, rather than viruses. ... If you are wise, you'll make sure your Linux system is kept completely up-to-date with system patches and software updates, and you will place a firewall between your Linux system and the internet - preferably a firewall that runs on some other system. ... Not if said computer isn't running services that leave ports open, and if said computer is operating behind a true state packet inspection firewall. ...
    (comp.sys.mac.system)
  • Re: OT [Kinda] All in one adsl/cable modem/router thingies.
    ... > adsl and cable connections (smoothwall, RH, Slackware etc) and these ... > boxes seem to be vulnerable due to old services or BIND exploits or ... > if you just want a basic firewall and NAT with maybe a VPN tunnel they ... Just as vulnerable as anything else running services. ...
    (comp.os.linux.security)
  • Re: OT [Kinda] All in one adsl/cable modem/router thingies.
    ... >> if you just want a basic firewall and NAT with maybe a VPN tunnel they ... > would be running services on a firewall? ... Any service, maybe except ssh? ... These integrated units commonly run as a firewall, a router, a DHCP server, ...
    (comp.os.linux.security)
  • Re: Making Linux Easy for Newbies
    ... And even if you are running services, if they are only listening on ... trusted devices (like the loopback device, or a VPN device) you don't ... need a firewall either. ... the only open port anyway, and deny access to all closed ports. ...
    (alt.os.linux)
Quantcast