On 2012-03-14 11:25, Fred Baker wrote: ... > First is a personal experience. At my home, I have a standing load of about > 25 (plus or minus) packets per second that are discarded by the firewall. I > don't know what they are, and I don't honestly care. They don't have my > permission to be in my network, and I have to assume that if they were to get > into it, the hosts in my network would have to deal with them.
>From time to time I look at TCPView to see what's going on. At this instant, to my knowledge, I'm doing nothing on my machine except typing this email. TCPView tells me I have 63 endpoints (sockets) open, with 18 established TCP connections, and 14 sockets listening. Admittedly some of these sockets are connected to the loopback address, but even so, it's scary. What are all those .exe files listening on a socket all day? Windows Firewall is dropping about 3 UDP packets per second, and that's behind our campus firewall. That's reality, and much as I love the e2e principle I think the ordinary citizen is better off behind default-deny. Personally I haven't run without an on-board firewall since I got my first wireless card (late 1999?). But we can't assume that applies to every home device. Brian _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet