[ros-general] Re: TDI-Based Open Source Personal Firewall

Richard Campbell eek2121 at comcast.net
Wed Nov 16 00:50:45 UTC 2005 

If you pick up an exploit via a web browser a firewall isn't going to 
help you anyway.  The process needs
only to hook into another process, or install a rootkit, or in the case 
of windows firewall, things can be added
to the firewall 'convincing' it to not say anything.  A firewall may be 
needed for those who don't know what they
are doing, but to say that EVERYONE should run a firewall is ludicrous.  
I've been running firewall free for many
years and i've NEVER gotten exploited.  To say an unprotected windows 
box can be owned in 10 minutes isn't
true.  All new copies of windows xp run at least sp2, which isn't 
subject to the exploits the original release was.

Murphy, Ged (Bolton) wrote:

>I'm sorry, but that's ridiculous, I can assure you that a firewall is
>needed.
>
>I work in computer security, so I'm pretty sure I know how to set up a
>network securely.
>I run, amongst other things, gateway FW, AV, IDS, vunl + rootkit scanners,
>and I don't even have any network services switched on (apart from a
>honeypot in a DMZ at times for fun)
>
>I think the statistics for hooking up an unprotected Windows machine to the
>internet are something like 10 minutes before it becomes infected.
>
>I think I understand the angle your looking at, if you don't run any
>services then effectively nothing can exploit you, but his is just not true.
>Consider you pick up a 0 day via your web browser. This in turn loads
>software which contacts an IRC botnet, installing a trojan turning your
>machine into a zombie. That zombie can now send out whatever data it wants
>unchecked by an outbound checking firewall. The fact you don't use an AV
>means it'll probably never be picked up unless you notice traffic
>congestion, or happen to see it in via 'netstat -a'.
>This is just one scenario out of thousands.
>
>What if you actually wanted to run some services. ROS will one day be used
>in this manner, whether it be for web and mail servers or something else, it
>will certainly need a firewall to control traffic.
>
>If firewalls aren't needed, why does nearly everyone use them, and why is
>Cisco's PIX so popular?
>
>
>
>-----Original Message-----
>From: Richard Campbell [mailto:eek2121 at comcast.net] 
>Sent: 15 November 2005 01:31
>To: ReactOS General List
>Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall
>
>
>That's your opinion.
>
>Do you know that on this box i've never run a firewall or a virus 
>scanner?  Occasionally i'll run a web based scanner to check suspicious 
>files, etc. but i've never found need for a firewall/virus scanner.  As 
>long as you stay up to date and don't run questionable files you are 
>fine.  A firewall is not NEEDED as long as the OS is properly configured 
>and working.
>
>Richard
>
>************************************************************************
>The information contained in this message or any of its
>attachments is confidential and is intended for the exclusive
>use of the addressee. The information may also be legally
>privileged. The views expressed may not be company policy,
>but the personal views of the originator. If you are not the
>addressee, any disclosure, reproduction, distribution or other
>dissemination or use of this communication is strictly prohibited.
>If you have received this message in error, please contact
>postmaster at exideuk.co.uk 
><mailto:postmaster at exideuk.co.uk> and then delete this message. 
>
>Exide Technologies is an industrial and transportation battery
>producer and recycler with operations in 89 countries.
>Further information can be found at www.exide.com
>
>
>_______________________________________________
>ros-general mailing list
>ros-general at reactos.org
>http://www.reactos.org/mailman/listinfo/ros-general
>
>  
>

More information about the Ros-general mailing list