Full Disclosure mailing list archives
Re: Dumb question: Is Windows box behind a router safe ?
From: OTB <ownthebox () cipherpunx org>
Date: Wed, 23 Sep 2009 00:00:07 -0500
Steve really needs to ask himself, if all his pop does is run Firefox and email, why he's running Windows on that machine at all? Not safer per se, but a less meaty target. Still needs a nightly auto-update, though. Also, (hi, John) filtering egress is pretty well moot on $home_router, most connectbacks these days go out on 80 or 443. IRC control channels are so last year. Also, Steve, there's a list for this sort of thing, not that it matters: http://www.securityfocus.com/archive/105/description Chris wrote:
Bullshit. Screw NAT, screw routers, screw bots. The *FIRST* thing Steve should be doing is patching his computer. There is absolutely no freaking excuse for having an unpatched or halfway patched computer running Windows whatever. Microsoft has made Windows Update idiotproof...to the point where any average desktop user NOT using it is a moron. To try to compensate for his lazy, half-assed attitude is just putting a band-aid on the Grand Canyon. To think that his unpatched and probably already compromised computer is safe just because it sits behind a router, of which he has no idea if it is secured, is the blind leading the blind. PATCH THAT BOX. Turn on Automatic Updates, set them to install and reboot automatically, Steve. You won't have to do anything except keep living in the fantasyland you live in now...but at least your computers won't be spewing out garbage.----- Original Message ----- From: "Michael Fritscher" <michael () fritscher net> To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ? Date: Tue, 22 Sep 2009 20:42:06 +0200 (CEST) Hi Steve, I hope you haven't caused a storm with aggressive mails here^^ This maillinglist is more about now detected holes in soft- and hardware... First, you certainly mean not a normal router (which is on most cases 100% transparent in both directions), but a NAT-router. What the NAT blocks (in most cases) are incomings connections - But expecially since XP SP2 this is a very seldom used way to attack computers. Nowadays, most bad software use holes in apps - browser, office, flash and so on which use outgoing connections - which are NOT blocked by a NAT-router. So, yes, a bot connectiong to a botnet could be installed if Firefox or a plugin like Flash, Java, Quicktime and so on has a hole and you browse on a "bad" site. Btw, please read about NAT, routing, current bad software etc in the internet - this will help you understanding the concerns. Sincerly, Michael _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Dumb question: Is Windows box behind a router safe ? Chris (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? OTB (Sep 22)
- <Possible follow-ups>
- Re: Dumb question: Is Windows box behind a router safe ? Chris (Sep 22)
- Re: Dumb question: Is Windows box behind a router safe ? Elonym (elone) (Sep 23)
- Re: Dumb question: Is Windows box behind a router safe ? Jeff Kell (Sep 23)
- Re: Dumb question: Is Windows box behind a router safe ? Mary Landesman (Sep 24)
- Re: Dumb question: Is Windows box behind a router safe ? Elonym (elone) (Sep 23)
- Re: Dumb question: Is Windows box behind a router safe ? john s (Sep 23)