Re: What is the Pattern here ?

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 08/17/04

Date: Tue, 17 Aug 2004 11:40:48 -0500

In article <OZuQc.177148$>,
@*.com wrote:

[Sorry about the delay - was on vacation, and then doing catchup]

>Many Sheep didn't have a choice because all the new software was
>comparable only with Windows for the home user.
>Those of us that wanted to sick with DOS were left high and dry for a
>long time.

First, most home users don't really need a full computer. A crude email
tool, and a moderately capable web browser is about all of the network
services needed. They are simply not capable of running any server
application. Yeah, DOS is probably adaquate, maybe with Trumpet WinSock
to allow minimalist networking.

>But the worm turns.
>Now Security and Stability have become more of an Issue today and that's
>come back to bite MS in the butt.

Monday morning's news cast - the news-droid is interviewing the klown who
hosts the Saturday morning computer talkshow about SP-2. While the normal
mode is screaming at people to keep their systems up to date with all of
the security fixes, the message now is "don't do it now - turn off
automatic updates", and watch what happens to other people over the next
month or two. Why? Well, the service pack may break your computer big
time. That's the same advice I heard 18 months ago, when the Slammer worm
knocked off the net because _they_ didn't update - because
the patch broke things big time, and they didn't want to risk installing

>At the moment I only allow Echo Request (out), Reply (in) and Time
>Exceeded (in).
>Type 3 I don't think I need and is abused by some ISP's if I remember right.

Read RFC2923. ISPs don't abuse this - it's the skript kiddiez who don't
have anything better to do.

>I don't have a newtork here and a Router isn't really a firewall but
>does a good job filling the holes.

The appliance or device called a router may not be a firewall, but the
word router has a different meaning in networking - it means the device
that connects two or more networks. There may _also_ be a firewall
_application_ running on that device, but the box itself could be
anything from a monster from Cisco, 3Com, BayNetworks, etc., on down to
a Cobalt "Cube" or even a clapped out laptop with a network card and modem.
My home box is an underclocked 386SX-16 with 8 Megs of RAM running off a
write protected 210 Meg hard drive. It runs a basic firewall and the
routing stuff is built into the (Linux) kernel.

>> As long as it's dropped, and no one on the inside of the firewall is not
>> complaining about broken services, then that's fine.
>True and also if I were on a network.
>I didn't like not seeing it Logged as Blocked or Permitted though.
>If I didn't have a Log All Rule at the end of the list to see what went
>by I would never have known that was happening.

As long as no one on the inside of the firewall is complaining, you
don't waste your time worrying about it. It's a non-issue. As far as
worrying about what ports the worms, trojans, and skript kiddiez out on
the Big Bad Internet(tm) are trying to connect to - who cares? If you've
got your systems secured, and your users are not blindly downloading (or
trying to) every cracked piece of software they find on the pr0n sites
they're visiting, then you are not going to be responding to the crap
from outside. It's a non-problem that doesn't need a solution.

>> If you have nothing better to do than to look at each and every packet you
>> see - that's fine. People like me don't have time for that.
>If you have them turned on all the time yes but when you want as much
>information on a Port's Services and Abuses.

Why? I know what services are allowed. I know what ports are needed for
those services. That rarely changes. We don't allow our users to install
software (and that includes worms/trojans/spybots), so there won't be "new"
ports that need to be opened. I don't _care_ what's trying to connect from
the outside to ports here that offer no service.

>What OS is best to replace Windows for the home User that may or may not
>be connected to a network.

That's like asking what motor vehicle people should buy. Some would find
a motorbike is fine - others need a 2 seat econobox - others need a
vehicle the size of a small armored fighting vehicle, or a five ton truck.
Depends on what they need to use the computer for. Many people don't need
anything more than a Sony Playstation (if that much).

>I see Lindows gaining but with so many from Redhat and others which one
>is best for home use ?

"Lindows" has a very bad reputation, because it purposely circumvents many
of the security mechanisms that are the basis of any multi-user O/S. As
such, it probably doesn't offer enough to make up for the limited learning
curve. I certainly can't recommend it. But there are other choices, some of
which have a fairly shallow learning curve. As far as the other
distributions of Linux (there are more than 80 available for free download
on sunsite _alone_), it's like ice cream. Which is best? Vanilla?
Chocolate? Strawberry? Black Cherry? And don't forget the BSD clones
(BSD86, FreeBSD, NetBSD, OpenBSD) that also run on wintel class boxes.
Linux (or any UNIX) is not a desktop OS for people whose VCRs are still
flashing "12:00". You really do need to open a book and do some reading.
It's the same as asking someone who only has driven cars with an
automatic transmission to suddenly start driving a vehicle with a clutch.
IT DOESN'T HAPPEN INSTANTLY. Many of the skills needed are the same, but...

And does that make it better, or worse? Opinions, remember?

Another thing to think about is that (unlike Windows) this isn't a
monolithic mess. Speaking only of Linux here (though it applies to
just about all UNIX), "Linux" is just the O/S, and has nothing to do with
the common tools that come with it, or the display manager, or the desktop,
or the applications that run (either from the command line, or on the
variopus desktops). The word is "choice". Remember the bad old days
when you had Word Perfect, WordStar, MultiMate (and others) in addition
to MS-Word? Guess What! And just to tweak you further, most all of
the choices come on the same CD set, and if you want more choice - it's
available on the internet for free. In fact, that is probably a reason
that many people _don't_ want to use *nix. They would have to _choose_
which one - look at how many browsers are available for windoze, yet
nearly everyone is using Lookout or Lookout Distress because that was
what installed by default. Nevermind that the default crap has intentional
holes large enough to fly 8 Boeing 747s through in line abreast formation.

>I should have added I was using Win98se.

Then I guess you won't be having the problems with the XP SP2 today. ;-)

        Old guy