nanog mailing list archives
Re: Block all servers?
From: Petri Helenius <pete () he iki fi>
Date: Sun, 12 Oct 2003 11:33:10 +0300
Terry Baranski wrote:
I would expect most new sophisticated trojans to include this functionality. Most home users run their WinXP with "Local Administrator" rights anyway because othervise many activities would be more complicated to accomplish. Many turn off AV products already.That being said, NAT does break stuff and as has been mentioned, filtering is certainly possible without having to bring NAT into the mix. Microsoft assures us that the Windows firewall will be enabled by default starting with WinXP patches early next year. How easy will it be to turn it off? Will a virus be able to do it for you?
I would also expect the sophisticated trojans to include NATPT like funcitionality when it becomes neccessary to accumulate the needed number of zombies for effective DDoS and other distruptive activities. We already see them utilizing the local
SMTP configuration on the machine to use the relays the user is supposed to. The Road Ahead is to make DDoS and abuse mitigation more efficientand put some real security into the application architechtures without making them unusable.
Pete Pete
Current thread:
- Re: Block all servers?, (continued)
- Re: Block all servers? Stefan Mink (Oct 14)
- Re: Block all servers? Crist Clark (Oct 14)
- Re: Block all servers? Stefan Mink (Oct 14)
- Re: Block all servers? Kee Hinckley (Oct 14)
- Re: Block all servers? Crist Clark (Oct 14)
- Re: Block all servers? Steven M. Bellovin (Oct 14)
- Re: Block all servers? Alex Yuriev (Oct 11)
- Re: Block all servers? Steven M. Bellovin (Oct 11)
- Re: Block all servers? ken emery (Oct 11)
- RE: Block all servers? Terry Baranski (Oct 11)
- Re: Block all servers? Petri Helenius (Oct 12)
- Re: Block all servers? Majdi S. Abbas (Oct 10)
- Re: Block all servers? Adam Selene (Oct 11)
- Re: Block all servers? Petri Helenius (Oct 11)
- Re: Block all servers? Adam Selene (Oct 11)
- Re: Block all servers? Petri Helenius (Oct 11)
- Re: Block all servers? Petri Helenius (Oct 10)
- RE: Block all servers? Christopher Bird (Oct 11)
- Re: Block all servers? jlewis (Oct 11)
- Re: Fw: Re: Block all servers? Chris Brenton (Oct 15)