Re: Intrusion detection

From: news (geerge_at_yahoo.com)
Date: 06/23/04


Date: Wed, 23 Jun 2004 11:37:34 GMT


"Wolfgang Kueter" <wolfgang@shconnect.de> wrote in message
news:cbbnnt$2h7$1@news.shlink.de...
> news wrote:
>
> > I just use my computer for email, browsing
>
> Use safe client sofwtare.
>
> > and for access to some data services.
>
> You mean file sharing (kazaa etc)? Simply forget security when using file
> sharing services.
>
> > I am a little confused.
>
> That happens when firewall placebos are confronted with basics about
network
> communication.
>
> > Let's see.. But it is better to close a program
> > that holds a port open than to try to block ip:s?
>
> Yes. A not existing service can neither be connected nor be expolited.
>
> > Since you apparently can get around by spoofing.
>
> IP spoofing is difficult with tcp, easy with udp.
>
> > So if my computer is on and online but all softwares are closed, not
even
> > the best hacker can communicate with it?
>
> Right, as lonf as there are no vulnerabilities in the network protocol
stack
> of your operating system. You have to trust the vendor of the OS up to
that
> point.
>
> > They can't start a program and continue from there?
>
> How should anyone be able to start a software on a box that he cannot even
> connect to?
>
> > Then why do they tell us to install even more softwares?
>
> Which is nonsense. More software means more code, thus more possible
errors.
> Safe systems are small systems.
>
> > :) They want to make money of course.
>
> That might be a reason.
>
> Wolfgang
> --
> A foreign body and a foreign mind
> never welcome in the land of the blind
> Peter Gabriel, Not one of us, 1980

------------------------

No not file sharing for me. Itīs data from a company i subscribe to.

Thanks for helping me with some ?