[76653] in North American Network Operators' Group
Re: New Computer? Six Steps to Safer Surfing
daemon@ATHENA.MIT.EDU (Barney Wolff)
Sun Dec 19 19:04:45 2004
Date: Sun, 19 Dec 2004 19:04:18 -0500
From: Barney Wolff <barney@databus.com>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: nanog@merit.edu
In-Reply-To: <871xdldg48.fsf@deneb.enyo.de>
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Dec 20, 2004 at 12:26:31AM +0100, Florian Weimer wrote:
> * Barney Wolff:
>
> > Perhaps, then, one should not be so quick to disparage software-based
> > firewalls, resident on the computer itself.
>
> Yes, but it's only a real obstacle if the malware doesn't run with
> SYSTEM privileges. If it's impossible for home users to work with
> reduced privileges, a host-based filter is no good (unless it's a very
> obscure brand which is not targeted by the malware 8-).
In general, home firewalls are better at preventing infection than
containing it. That's true no matter where the firewall resides.
> By the way, do you know if these "hardware firewalls" have a
> management interface on a factory-default IP address?
192.168.0.1 admin/admin is a good bet.
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
