New Computer? Six Steps to Safer Surfing
Charles Cala
charles_cala at yahoo.com
Mon Dec 20 16:20:21 UTC 2004
<Southpark>
I call shenanigans .
</Southpark>
--- Larry Smith <lesmith at ecsis.net> wrote:
> On Sunday 19 December 2004 16:47, Sean Donelan wrote:
> > The really
> > scary thing is the infection rate of Home/SOHO computers with
> > AV/firewalls is higher than "naked" computers.
This flies in the face of both logic _AND_ my experience in the field.
After the .bomb exploded I did windows stuff to pay the rent,
and there were 4 basic groupings of infection routes.
(from the viewpoint of the infected box)
External, uninvited (unpatched /unfiltered windows box)
External invited (laptop from home)
Internal intentional download/install (gambling, porn players with ad ware)
Internal unintentional download (but all I did was install these
extra fonts and smiles, I did not want my machine to become a Spam factory)
It is probably a duh to most of the readers on this list but ill say it now
for those that actually go through the archives to look for their answers
before posting to NANOG.
Just like in a REAL network (one that serves lots of end customers, and vars)
security SHOULD follow a layered approach, and be monitored for compliance.
Installing a hardware based firewall is the a good first defense, not using
silly programs is another. (i.e. IE) people will for the most part follow
the lazy path that allows them the most pleasure.
In the places that I have installed a hardware filter/firewall
I have not seen ANY infections that are related to just the machine
being online, ALL have been the result of the use asking for these
programs to be run, (in one form or another).
>
> I am very interested in "where" this informatio is published and how it was
> obtained....
>
As am I. Since the price of a simple nat/filter box has come down
to under $100 they should(should as defined by RFC) be installed
as a package with the cable modem/dsl/modem/net hole.
Could you please let us know where you got the supporting
data for your theory. I know that the infection rate is high
for the PC world, but figuring out the invited vs. uninvited
infection rate, is of value to the discussion of end user
firewall/filter use.
The spam/virus issue wont go away until those who
prepare, propagate and profit, are removed from the matter.
Either by, filters on the net, jail time/fines, or blood loss, (perhaps
proper application of all options) all the people involved in
spreading this malware should be discouraged from doing so.
Lets clean up our frends/co-workers pcs this coming year.
When ever I go to someones house I'm making sure that their
antivirus software is installed and up to date, box is patched,
and that they have some sort of hardware based firewall.
Ive already given a few away as x-mas presents this year,
and installed them. How about you?
"less bitchin, more fixin!" -charles
--
"champagne for my real friends,
real pain for my sham friends" - ed norton
More information about the NANOG
mailing list