Worms versus Bots
Chris Woodfield
rekoil at semihuman.com
Tue May 11 16:41:31 UTC 2004
Simple solution...build the on-NIC firewall to not use uPnP, or at least require
a password before changing rulesets. :)
Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted
to make a product out of it yet.
-C
On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks at vt.edu wrote:
> On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
>
> > A better solution would be a NIC with a built-in SI firewall...manageable from a host
> > app, but physically separate from the OS running on the PC.
>
> Gaak. No. ;)
>
> What's the point of a firewall, if the first piece of malware that does manage
> to sneak in (via a file-sharing program, or a webpage that installs malware, or
> an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to
> tell the firewall "Shield DOWN!"?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040511/e3df2e18/attachment.sig>
More information about the NANOG
mailing list