Re: Higher-End Home FW Question

From: Charles Newman (charlesnewman1_at_comcast.net.spammers.will.be.shot.on.sight)
Date: 12/11/04 

Date: Fri, 10 Dec 2004 15:12:03 -0800

"Leythos" <void@nowhere.org> wrote in message
news:MPG.1c23e6c51f39068989c44@news-server.columbus.rr.com...
> In article <R-mdndnbc5bilifcRVn-uQ@comcast.com>, charlesnewman1
> @comcast.net.spammers.will.be.shot.on.sight says...
> > I advocate ICS, becuase it is
> > very much like what I was taught when I was in college. They did not
> > teach about hardware firewalls, becuase we were taught that software
> > based NAT and firewalls were superior.
>
> And a lot of what you were taught in College concerning computers is
> currently out-dated, in fact, much of what it taught in College is out
> of date while it's being taught.
>
> Firewall appliances are superior for home users and unmanaged
> environments, and even in most managed environments, as the primary
> border protection device.
>
> Since we're talking about home systems in this thread, we'll talk about
> firewall software running on a system that the user is also running
> their applications from - which means that the firewall/NAT can be
> compromised easily and is also subject to daily misconfiguration by the
> user.

    Well, what I am talking about is setting one computer up as an
ICS box, and then connecting client machines behind it. Tiny
Personal Firewall can sunccessfully shut down Kazaa, where your
hardware appliances cannot. Its just simply a matter of restricting
what the Socks and HTTP proxies can do. On my network, I just
simply told Tiny to not allow the application running the Socks
proxy to do outgoing connections on ports 80, and on
1000-5300. That effectively shuts Kazaa down. The only
outbound connection on port 80 allowed is on the HTTP
proxy.
    Because Kazaa has no central server, there is no one
address you can use to shut down Kazaa, so the only
way is to require everything to use Socks/HTTP proxies,
and then wholesale shut down calls to ports 80 and 1000-5300
from the Socks server. I have tested this, and with those ports
blocked, there is no way Kazaa can connect.

Relevant Pages

  • Re: Higher-End Home FW Question
    ... > very much like what I was taught when I was in college. ... becuase we were taught that software ... And a lot of what you were taught in College concerning computers is ... Firewall appliances are superior for home users and unmanaged ...
    (comp.security.firewalls)
  • Re: Full text of "Early history of the University of Virginia"
    ... Letters of Thomas Jefferson and Joseph C. Cabell, ... Place of Publication: Richmond ... sion of subjects to be taught. ... change of name to Central College. ...
    (alt.religion.christian)
  • Re: Why does 1:3 relationsihp require another table?
    ... when high-school grad comes to college he/she hears: ... taught in college and listen here ... > userID int not null primary key, ...
    (microsoft.public.sqlserver.programming)
  • Re: I blame the teacher
    ... He said he'd taught at other colleges. ... then faced with a question about the building or a college admin point ... in encouraging the group to acknowledge some level of anxiety at the ... being a bit of a mixed bag and anxiety would be one of the feelings in ...
    (uk.media.radio.archers)
  • RE: [PHP] while-question
    ... I say "next to worthless" only because what they taught really wasn't ... I doubt if any college courses are keeping up with ... One of these days I hope from graduating from just looking at the pictures, but right now the pictures are oh so enticing!. ...
    (php.general)