[70354] in North American Network Operators' Group
Re: Worms versus Bots
daemon@ATHENA.MIT.EDU (Chris Woodfield)
Tue May 11 13:18:57 2004
Date: Tue, 11 May 2004 13:14:21 -0400
From: Chris Woodfield <rekoil@semihuman.com>
To: "Jonathan M. Slivko" <jonathan.slivko@earthlink.net>
Cc: nanog@merit.edu
In-Reply-To: <E1BNaRE-00031N-00@invasion.mail.pas.earthlink.net>
Errors-To: owner-nanog-outgoing@merit.edu
--u3/rZRmxL6MmkK24
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I stand corrected, they're out there. I'm advised that 3com has a on-NIC fi=
rewall=20
product as well.
However, at $299 and $329 respectively, I don't anticipate wide adoption in=
the=20
consumer market...
-C
On Tue, May 11, 2004 at 12:49:05PM -0400, Jonathan M. Slivko wrote:
>=20
> Uh... they have. It's called a Snapgear card :)
> -- Jonathan
>=20
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
> Chris Woodfield
> Sent: Tuesday, May 11, 2004 12:42 PM
> To: Valdis.Kletnieks@vt.edu
> Cc: Petri Helenius; Michael.Dillon@radianz.com; nanog@merit.edu
> Subject: Re: Worms versus Bots
>=20
> Simple solution...build the on-NIC firewall to not use uPnP, or at least
> require=20
> a password before changing rulesets. :)
>=20
> Seriously, this is such a stupidly simple solution that I'm amazed no one=
's
> attempted=20
> to make a product out of it yet.=20
>=20
> -C
>=20
> On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
> > On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
> >=20
> > > A better solution would be a NIC with a built-in SI
> firewall...manageable from a host
> > > app, but physically separate from the OS running on the PC.
> >=20
> > Gaak. No. ;)
> >=20
> > What's the point of a firewall, if the first piece of malware that does
> manage
> > to sneak in (via a file-sharing program, or a webpage that installs
> malware, or
> > an "ooh! Shiny!" email attachment) just does the network Plug-N-Play ca=
ll
> to
> > tell the firewall "Shield DOWN!"?
> >=20
>=20
>=20
>=20
--u3/rZRmxL6MmkK24
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAoQntqP/YiunDNcERArYAAKDgI6t4cOPjM9/bZErCt7z6gFrMHACg5/nI
9hUXL7pPpqBLaprGisqsBzE=
=nyRC
-----END PGP SIGNATURE-----
--u3/rZRmxL6MmkK24--
