On Tue, 11 May 2004, Chris Woodfield wrote:
> I stand corrected, they're out there. I'm advised that 3com has a
> on-NIC firewall product as well.
>
> However, at $299 and $329 respectively, I don't anticipate wide
> adoption in the consumer market...
This is all silly.. there's no reason opera
> Jonathan M. Slivko
> Uh... they have. It's called a Snapgear card :)
Same as the 3com card, this is not for the consumer market. First, the
consumer is generally afraid of opening the PC. Second, it costs many
times more than a Linksys or other el-cheapo external box.
Michel.
> Chris Woodfield wrote:
> I stand corrected, they're out there. I'm advised that
> 3com has a on-NIC firewall product as well.
> However, at $299 and $329 respectively, I don't anticipate
> wide adoption in the consumer market...
No danger, as it is not worth jack as a standalone product; requir
> Uh... they have. It's called a Snapgear card :)
> -- Jonathan
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Chris Woodfield
> Sent: Tuesday, May 11, 2004 12:42 PM
> To: [EMAIL PROTECTED]
> Cc: Petri Helenius; [EMAIL
While following the thread, I did a bit of Googling, then browsing 3Com's
site:
http://www.3com.com/products/en_US/detail.jsp?tab=features&pathtype=purchase&sku=3CRFW200B
On-NIC firewall w/remote management.
On Tue, 11 May 2004, Chris Woodfield wrote:
:>Simple solution...build the on-NIC fir
t: Re: Worms versus Bots
Simple solution...build the on-NIC firewall to not use uPnP, or at least
require
a password before changing rulesets. :)
Seriously, this is such a stupidly simple solution that I'm amazed no one's
attempted
to make a product out of it yet.
-C
On Tue, May 11
Simple solution...build the on-NIC firewall to not use uPnP, or at least require
a password before changing rulesets. :)
Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted
to make a product out of it yet.
-C
On Tue, May 11, 2004 at 12:21:29PM -0400, [EMAIL P
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
> A better solution would be a NIC with a built-in SI firewall...manageable from a host
> app, but physically separate from the OS running on the PC.
Gaak. No. ;)
What's the point of a firewall, if the first piece of malware that does mana
I think running two separate computers is a wee bit of overkill...
A better solution would be a NIC with a built-in SI firewall...manageable from a host
app, but physically separate from the OS running on the PC.
-C
On Thu, May 06, 2004 at 09:49:37PM +0300, Petri Helenius wrote:
>
> [EMAIL PRO
[EMAIL PROTECTED] wrote:
you can easily fit an entire router into a PC's slimline
case and the router can include a complete SI Firewall
capability. The PC BIOS will allow the initial SI Firewall
config to be done before booting the PC.
They got to it before you did; http://www.giwano.com/
Pete
> On Thu, 6 May 2004 [EMAIL PROTECTED] wrote:
>
> > connectivity, not even wireless. But it does have an internal
> > 100baseTx Ethernet port that uses a non-standard connector.
> > And it also includes a router unit running off the same
> > power supply as the PC but otherwise completely indepen
On Thu, 06 May 2004 11:45:23 +0200, Iljitsch van Beijnum said:
> I object to the idea that requiring a software firewall inside a host
> is a reasonable thing to do. Why on earth would I want to run an
> insecure service and then have a filter to keep it from being used?
You object to it, I obje
On Thu, 6 May 2004 [EMAIL PROTECTED] wrote:
> connectivity, not even wireless. But it does have an internal
> 100baseTx Ethernet port that uses a non-standard connector.
> And it also includes a router unit running off the same
> power supply as the PC but otherwise completely independent.
Urg,
On 5-mei-04, at 0:26, Rob Nelson wrote:
If the person doesn't continue to do acls/nat/firewalls, they'll just
get infected after the next hole is discovered. And yes, there are
plenty of holes that a firewall/nat box won't fix. Still, better than
the user only doing Windows Update on the day of
> "Microsoft is expected to recommend that the "average" Longhorn PC
feature a
> dual-core CPU running at 4 to 6GHz; a minimum of 2 gigs of RAM; up to a
> terabyte of storage; a 1 Gbit, built-in, Ethernet-wired port and an
802.11g
> wireless link; and a graphics processor that runs three times f
--On Wednesday, May 05, 2004 6:04 AM -0400 Matthew Crocker
<[EMAIL PROTECTED]> wrote:
We have all been through this before. Linux out of the box is generally
no more secure than Windows. Linux can also be misconfigured and hacked.
The reason why you don't see as many linux virus/worms is becau
On Tue, 04 May 2004 16:58:40 PDT, chuck goolsbee <[EMAIL PROTECTED]> said:
>
> At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
> >chuck goolsbee wrote:
> >
> >>>However, up to 90% of the users *are* stupid:
>
> I didn't say that, I only quoted (Valdis Kletnieks) it... to which I
> repl
> Matthew Crocker wrote:
> We require a NAT device or true firewall on all DSL
> customer connections. We sell cheap Linksys boxes
> to customers or they can upgrade to a SonicWall.
This makes a lot of sense to me. It's not a
silver bullet, but it does help.
> I still like PPPoE for customer aut
Its not manufacturers who did not caught up (in fact they did and offer
very inexpensive personal dsl routers goes all the way to $20 range),
its
DSL providers who still offer free dsl modem (device at least twice
more
expensive then router) and free network card and complex and
instructions
on
Matthew Crocker wrote:
> We have all been through this before. Linux out of the box is generally
> no more secure than Windows.
I would disagree with that, but that gets into a religious argument.
Really, however, the distribution involved with Linux is more critical
than that it is Linux. Some
On May 5, 2004, at 5:13 AM, Paul Jakma wrote:
On Tue, 4 May 2004, chuck goolsbee wrote:
So maybe they WOULD be better with a "WebTV" model.
Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany,
Evolution and OpenOffice would keep vast majority of the basic
computer users ha
On Tue, 4 May 2004, chuck goolsbee wrote:
> So maybe they WOULD be better with a "WebTV" model.
>
> Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany,
Evolution and OpenOffice would keep vast majority of the basic
computer users happy. Distributions like Fedora[0] are
At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
I didn't say that, I only quoted (Valdis Kletnieks) it... to which I
replied that compensating for stupidity is a zero-sum game.
Seriosuly though, the Internet might be a
Steven M. Bellovin wrote:
However, up to 90% of the users *are* stupid:
Or is it possible there are other explanations?
Don Norman has argued quite eloquently that it's a technology and human
factors failure -- see, for example,
http://www.interesting-people.org/archives/interesting-people/20031
In message <[EMAIL PROTECTED]>, "Laurence F. Sheldon, Jr." writes:
>
>chuck goolsbee wrote:
>
>>> However, up to 90% of the users *are* stupid:
>
>
>> Seriosuly though, the Internet might be a better place for it. After
>> all, 90% of those "stupid" people just want email and HTTP.
>
>Do we have
chuck goolsbee wrote:
However, up to 90% of the users *are* stupid:
Seriosuly though, the Internet might be a better place for it. After
all, 90% of those "stupid" people just want email and HTTP.
Do we have a pointer to a rigorous study that indicates either
assertion?
Or is it possible there ar
> In other words: if one is stupid, one gets worm'ed or bot'ed.
However, up to 90% of the users *are* stupid:
http://www.silicon.com/software/security/0,39024655,39118228,00.htm
Any network security scheme that fails to either (a) lower the stupidity rate
or (b) deliver a system that will protect
On Mon, 03 May 2004 20:53:50 PDT, Michel Py said:
> In other words: if one is stupid, one gets worm'ed or bot'ed.
However, up to 90% of the users *are* stupid:
http://www.silicon.com/software/security/0,39024655,39118228,00.htm
Any network security scheme that fails to either (a) lower the stup
On Mon, 03 May 2004 13:51:35 -0600 Mike Lewinski <[EMAIL PROTECTED]> wrote:
> Then again, I've seen businesses who had sensitive client financial data
> on compromised systems completely ignore this advice, so it's generally
> given without much hope, esp. where the stakes are lower.
ditto. i h
On Mon, 3 May 2004, william(at)elan.net wrote:
> Its possible its a problem on dialup, but in our ISP office I setup new
> win2000 servers and first thing I do is download all the patches. I've yet
> to see the server get infected in the 20-30 minutes it takes to finish it
> (Note: I also disab
ay, May 03, 2004 11:28 PM
To: Eric Krichbaum; [EMAIL PROTECTED]
Subject: RE: Worms versus Bots
Microsoft has said Windows XP SP2 will have the firewall turned on by
default, and that they have "considered"
reissuing the installation CD's such that a new installation will have
the fire
3
> To: Michel Py
> Cc: william(at)elan.net; Rob Thomas; NANOG
> Subject: RE: Worms versus Bots
>
>
> MP> Date: Mon, 3 May 2004 20:53:50 -0700
> MP> From: Michel Py
>
>
> MP> > but in our ISP office I setup new win2000 servers and first
> MP> &
MP> Date: Mon, 3 May 2004 20:53:50 -0700
MP> From: Michel Py
MP> > but in our ISP office I setup new win2000 servers and first
MP> > thing I do is download all the patches. I've yet to see the
MP> > server get infected in the 20-30 minutes it takes to finish
MP>
MP> It can happen in 5 or 10 minu
> William wrote:
> but in our ISP office I setup new win2000 servers and first
> thing I do is download all the patches. I've yet to see the
> server get infected in the 20-30 minutes it takes to finish it
It can happen in 5 or 10 minutes (I've seen it) but only if all of the
following conditions
] On
> Behalf Of
> william(at)elan.net
> Sent: Monday, May 03, 2004 11:49 PM
> To: Sean Donelan
> Cc: Rob Thomas; NANOG
> Subject: Re: Worms versus Bots
>
>
> On Mon, 3 May 2004, Sean Donelan wrote:
>
> > On Mon, 3 May 2004, Rob Thomas wrote:
> > >
On Mon, 3 May 2004, Rob Thomas wrote:
> ] Just because a machine has a bot/worm/virus that didn't come with a
> ] rootkit, doesn't mean that someone else hasn't had their way with it.
>
> Agreed.
Won't help. What's the first thing people do after re-installing
the operating system (still have al
On Mon, 3 May 2004, Sean Donelan wrote:
> On Mon, 3 May 2004, Rob Thomas wrote:
> > ] Just because a machine has a bot/worm/virus that didn't come with a
> > ] rootkit, doesn't mean that someone else hasn't had their way with it.
> >
> > Agreed.
>
> Won't help. What's the first thing people do
Hi, NANOGers.
] Just because a machine has a bot/worm/virus that didn't come with a
] rootkit, doesn't mean that someone else hasn't had their way with it.
Agreed.
A growing trend in the "0wnage" category is the installation of
multiple bots on a single host. This isn't intentional, but a
resu
Sean Donelan wrote:
Other than the obvious, don't let a bot on get on your computer in
the first place, are there any opinions about the best anti-bot tools
for naive computer users? The major virus vendors seem to be having
a bit of trouble dealing with bots, frequently recommending manual
editi
At 11:04 PM 5/2/2004, Sean Donelan wrote:
The antivirus vendors are bemoaning the fact the Sasser worm has been
slow to spread. On the other hand, most of the vulnerable computers
seem to have already been taken over by one or more Bots days or weeks
before the worms arrived.
Other than the obviou
40 matches
Mail list logo