Microsoft to ship new versions with firewall enabled

• Previous message (by thread): Microsoft to ship new versions with firewall enabled
• Next message (by thread): East Coast outage?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 10:00 AM 8/14/2003, Daniel Senie wrote:

>At 12:39 PM 8/14/2003, Matthew Watkins wrote:
>
>>Apple have the right idea... I'd say all the vendors need to take a
>>carefully balanced approach to security in the default configurations of
>>their software. Leave services exposed to the network disabled by default,
>>where possible.
>>
>>By all means, configure firewalls by default to block all non-established
>>incoming connections to low port numbers, but for heaven's sake don't also
>>block access to those ports from the local subnet as well.
>
>Define "local subnet."
>
>Go sit in a Starbucks and use Wifi. Is the person at the next table, or 
>sitting on the bench outside with their laptop considered on the "local 
>subnet?" Do you trust that person?

Hold on a second, and let me ask him.  :-)

>This is just an example of how a policy like the one you suggest can be 
>dangerous.

He said "What's a subnet?"

heh

jc

• Previous message (by thread): Microsoft to ship new versions with firewall enabled
• Next message (by thread): East Coast outage?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]