[70352] in North American Network Operators' Group
RE: Worms versus Bots
daemon@ATHENA.MIT.EDU (Jonathan M. Slivko)
Tue May 11 12:50:15 2004
From: "Jonathan M. Slivko" <jonathan.slivko@earthlink.net>
To: "'Chris Woodfield'" <rekoil@semihuman.com>
Cc: <nanog@merit.edu>
Date: Tue, 11 May 2004 12:49:05 -0400
In-Reply-To: <20040511164131.GD5194@semihuman.com>
Errors-To: owner-nanog-outgoing@merit.edu
Uh... they have. It's called a Snapgear card :)
-- Jonathan
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Chris Woodfield
Sent: Tuesday, May 11, 2004 12:42 PM
To: Valdis.Kletnieks@vt.edu
Cc: Petri Helenius; Michael.Dillon@radianz.com; nanog@merit.edu
Subject: Re: Worms versus Bots
Simple solution...build the on-NIC firewall to not use uPnP, or at least
require
a password before changing rulesets. :)
Seriously, this is such a stupidly simple solution that I'm amazed no one's
attempted
to make a product out of it yet.
-C
On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
> On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
>
> > A better solution would be a NIC with a built-in SI
firewall...manageable from a host
> > app, but physically separate from the OS running on the PC.
>
> Gaak. No. ;)
>
> What's the point of a firewall, if the first piece of malware that does
manage
> to sneak in (via a file-sharing program, or a webpage that installs
malware, or
> an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call
to
> tell the firewall "Shield DOWN!"?
>
