Re: Slippery intruder -- please advise

chris_at_nospam.com
Date: 10/04/04

• Next message: Zarggg: "Re: I am REALLY Getting Tired of Lars M. Hansen"
• Previous message: Lars M. Hansen: "Re: REALLY Tired of Posts from Leythos and Lars M. Hansen"
• In reply to: Lars M. Hansen: "Re: Slippery intruder -- please advise"
• Next in thread: Lassi Hippeläinen: "Re: Slippery intruder -- please advise"
• Reply: Lassi Hippeläinen: "Re: Slippery intruder -- please advise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 04 Oct 2004 01:55:51 GMT

On Sun, 03 Oct 2004 07:16:05 -0400, Lars M. Hansen
<badnews@hansenonline.net> wrote:

>On Sun, 03 Oct 2004 02:12:37 GMT, chris@nospam.com spoketh
>
>>
>>NAT isn't a firewall. By default, though it prevents incoming
>>connections without an existing outgoing connection (which arn't
>>blocked).
>
>I never claimed that it was. However, that fact remains that many people
>do refer to these types of cheap routers as "firewalls", and since the
>OP doesn't specify what sort of "firewall" he has, we're left to
>speculate.
>
>>
>>
>>> * Software or personal firewalls could potentially have a rule clash,
>>>one where Skype is allowed to make any outbound connection and one where
>>>all access to a give IP address (or range) is denied. In this case, it
>>>appears that the wrong rule wins (the allow-rule) rather than the more
>>>restrictive (and correct) deny rule...
>>
>>The Windows XP SP2 firewall doesn't block outgoing connections and in
>>fact has some connections open by default. Some personal firewall
>>software is just as useless.
>>
>
>Again, I never claimed that it did.

Sorry, my comments weren't meant as criticism for you. I made them
towards the OP, whom I suspected didn't fully understand the
limitations of a NAT router and the XP firewall.

It's a pet peeve that people keep referring to NAT as a firewall.
Even worse, some think that the XP firewall prevents unsolicted
outbound connections from spy/adware.

-Chris

• Next message: Zarggg: "Re: I am REALLY Getting Tired of Lars M. Hansen"
• Previous message: Lars M. Hansen: "Re: REALLY Tired of Posts from Leythos and Lars M. Hansen"
• In reply to: Lars M. Hansen: "Re: Slippery intruder -- please advise"
• Next in thread: Lassi Hippeläinen: "Re: Slippery intruder -- please advise"
• Reply: Lassi Hippeläinen: "Re: Slippery intruder -- please advise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: What is the Pattern here ? ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ... (comp.security.firewalls) Re: NAT with IP Filters ... connections which I mean, from a private interface). ... Static NAT connection on purpose. ... you have disabled the firewall if you aren't filtering specific ports. ... (microsoft.public.windows.server.networking) Re: Black Ice confesses faulty program!!! ... > outgoing connections or traffic except in cases where these connections ... > "dangerous/suspicious" traffic by the BlackICE program. ... > get into your machine then even a PC *without* a firewall is completely ... If you don't think "Spyware" is a problem for computer ... (comp.security.firewalls) Re: Port 135 ... The patch doesn't disable DCOM / RPC, so connections can still be made. ... That's why you need a firewall. ... the patch is not the thing to control ... control over your TCP/IP ports and services, ... (microsoft.public.security) Re: Networking/Security Question... ... The router itself will be a Cisco 1721. ... >setup is very simple... ... XP sp2 having the firewall on by default. ... > # but deny established connections that don't have a dynamic rule. ... (freebsd-net)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint