When you say properly configured firewall, does that include IDS? Does that mean that the firewall blocks all connection attempts from the outside but allows established traffic originating on the network interior? So if a system receives a Trojan from a web site, it can communicate with the outside world unmonitored? The problem with opening port 80 is that not only HTTP traffic can come in (i.e. Telnet). If you do not have a device or application looking at traffic about Layer 4, you could still have problems. Also, having AV look only at executables is a mistake. Just my two cents.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Race Sent: Saturday, January 17, 2004 1:21 PM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Re: January 15 is Personal Firewall Day,help the cause Since the ping-pong game is far past 21 points... How safe would you consider: A WinXP box with all current patches A properly configured HW firewall ICF enabled, web services ONLY enabled and all ICMP requests disabled Apache (latest) installed with no add'l modules (static pages only) NOT running Outlook or OE Mozilla with Java and JS disabled in email An "admin" who knows not to run attachments No add'l (hated) SW firewalls No AV stuff running, except when scanning known executables I am of course, asking for a "friend". -jim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This e-mail is the property of Oxygen Media, LLC. It is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to [EMAIL PROTECTED] and destroy all electronic and paper copies of this e-mail. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html