Re: Di need another firewall as well as the Win XP one?

From: Leythos (void_at_nowhere.lan)
Date: 10/25/05

• Next message: Somebody.: "Re: Question About DMZ"
• Previous message: <----- Which Way ----->: "Re: Ping of Death - Sixty per day...???"
• In reply to: Mike O'Sullivan: "Re: Di need another firewall as well as the Win XP one?"
• Next in thread: appwall: "Re: Di need another firewall as well as the Win XP one?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 25 Oct 2005 20:02:37 GMT

In article <3s7gp8Fmtal8U1@individual.net>, mike@nowhere.com says...
> Leythos wrote:
> >
> > So, does that mean you are using DSL/Cable?
> >
> yes that's right. I'm a home user though, not on a network.

If you are connected to the Internet you are ON a network. If you
install a router/NAT you are still on a network, just a somewhat
protected network.

> excuse my relative ignorance, but can you expand on the outbound element
> a bit? why would I want to block outgoing traffic?

As an example, there is no reason for your computer to open File/Printer
sharing connections to other computers on the Internet - so you block
that outbound. Same with other services. If you block outbound ports to
others, while it does little to help you if compromised, it does have an
impact on your machine infecting others.

As an example of that protection, if everyone blocked outbound
1433/1434, the SQL Slammer worm would not have left their internal
networks and infected other machines.

If you can block SMTP outbound, except to the specific IP of your ISP's
mail server, you can stop your machine from sending (if compromised by a
SMTP enabled virus) the virus directly to other users. It also helps
stop people from using your computer as a SMTP relay if they compromise
it.....

There are ways around the above examples, but it's just another step in
making things a little harder for the malware.

-- 
spam999free@rrohio.com
remove 999 in order to email me

---

• Next message: Somebody.: "Re: Question About DMZ"
• Previous message: <----- Which Way ----->: "Re: Ping of Death - Sixty per day...???"
• In reply to: Mike O'Sullivan: "Re: Di need another firewall as well as the Win XP one?"
• Next in thread: appwall: "Re: Di need another firewall as well as the Win XP one?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Problem configuring NAT to share Internet Connection ... Posting on MS newsgroup will benefit all readers and you may get more help. ... How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com ... Internet protocol is Router V3 ... > finally I have 3 network connections, 2 corresponding with NIC A and NIC B ... (microsoft.public.win2000.ras_routing) Re: what should I do when.... ... You didn't answer my initial question which was, can you show me a firewall that does *secure* a network? ... The fact of the matter is that *most* businesses do not restrict outbound SSL traffic and even less of them decrypt and re-encrypt traffic for the sake of outbound monitoring. ... Not to mention not all of our outbound connections are established over port 443, we can use any port, hell we can even use ICMP or UDP. ... exploited and their computer connected back to me over https. ... (Security-Basics) Re: blaster worm ... The first thing you should do is enable Windows XP's built-in Firewall: ... then click Network Connections. ... internet security package, such as: ... (microsoft.public.windowsxp.security_admin) Re: w.32blaster.worm ... The first thing you should do is enable Windows XP's built-in Firewall: ... then click Network Connections. ... internet security package, such as: ... (microsoft.public.windowsxp.security_admin) Re: Cant stay on line long enough ... then click Network Connections. ... internet security package, such as: ... Norton Internet Security 2003 ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)