Re: Firewall Stealth Mode?



Leythos wrote:

Wrong, I completely understand what the two samples I was looking at did
and how they worked and why they didn't work. I was not the one
presenting them as a valid test, I just said they didn't work on my
computers. So, if it's a valid test, then why complain when it doesn't
work on my systems.....

You were the one who was claiming that because this specific case
doesn't work the entire concept behind it would be wrong.

But if you follow the microsoft instructions on how to setup a secure
machine, the POC doesn't work, nothing special needed.

So, who usually does?

Exploiters only win when the target doesn't understand the threat.

This is about a threat you cannot combat. The fact that Windows features
enormous ways of scriptable interaction so Application Control doesn't work.

Nope, I was talking about the same thing, and you've missed it a couple
times, I don't say that a NAT router or PFW will secure anyone, I've
said that in order of preference I would do it this way: NAT Router, PFW
solution, Windows Firewall.

Still the question: Why? What can a NAT Router or a PFW achieve what the
Windows Firewall can't? Expect compromise?

At least we do the same things - I don't allow unnecessary services,
etc.. when I setup a solution, but there are times when a user needs
some protection other than just disabling services, and a PFW "Can"
help.

Huh? What else can a PFW do except packet filtering? But please, only
serious answers! Non-working trials don't count.

Yea, I bet you think that a usable computer, by a typical home user,
running games, quickbooks, MS Office, could be fully secured while
directly connected to the Internet without the PFW, Windows Firewall, or
even NAT.

Yeah, works quite well. At least not worse than with a PFW, Windows
Firewall, NAT or whatsoever, as they don't address any threat that
cannot be easier addressed without them.

BTW, MS Office is always a stupid idea, whatever you do.

You've got to be kidding if you believe that some form of
protection isn't needed when a user actually uses the computer too.

And you must be kidding is the ways of protection you're suggesting
would help any bit.
.



Relevant Pages

  • Re: Is there a risk with firewalls?
    ... What does PFW stand for? ... Among the many responses I found your explanation and advice most ... It appears that a NAT router is the safest way to protect my or any PC ... there first before the PFW is up and running on the network connection. ...
    (comp.security.firewalls)
  • Re: NIS will not let me synchronize the PC Date/Time
    ... additional bullshit trials, ... As a restricted user you cannot control Windows Firewall. ... but how could a PFW change that? ... about something when malware is running. ...
    (comp.security.firewalls)
  • Re: NAT Router
    ... Would I just be better off connecting this computer to a "NAT Router" ... I use a PFW on my laptop when it's not connected to my network. ... Linux machine, because I have a FW appliance that will meet those specs. ...
    (comp.security.firewalls)
  • Re: Is there a risk with firewalls?
    ... With using a PFW with a machine that has a direct connection to the modem, which will have a direct connection to the Internet, there is the time during the boot process, that unsolicted inbound traffic can get there first before the PFW is up and running on the network connection. ... If the machine is connected to the NAT router, then this vulnerabilty is eliminated if you boot the computer, as it's stopping all unsolicted inbound traffic. ...
    (comp.security.firewalls)
  • Re: Norton Personall Firewall 2006 Problem
    ... What does it take to configure a NAT router for home usage, ... You wouldn't need a PFW and setting some kind of worthless APP Control rules ... application running on the machine exposed to the Internet. ...
    (comp.security.firewalls)