On 30 Jan 2005 at 0:56, Owain Sutton wrote: > David W. Fenton wrote: > > > > No one should connect their PC directly to the Internet. A > > full-scale firewall is not entirely required. A NAT router prevents > > any incoming connections from getting to your computer (unless you > > explicitly redirect the ports involved), and a software firewall on > > the PC will allow you to control outgoing connections in ways that > > dedicated firewall boxes never allow at all (i.e., you can authorize > > outgoing connections by application, which can never be known by an > > external device). > > Unless there's some incentive for ISPs to provide expensive routers > (instead of cheap USB ADSL modems), this won't happen. . . .
There is already a very real incentive for ISPs to do more: zombified PCs connected to their network are chewing up bandwidth and spewing spam across the Internet. > . . . And most > people don't understand that there's a big risk through poor security > - the tiny minority who get stung by dialers or by phishing or > whatever are enough to pay the wages of all the criminals involved. > We 'happy many' just get stuck with endless spam that's eventually > going to pick out those hapless individuals. How, exactly, did people learn to lock their doors at night? By experience. I don't think that it's too much of a stretch to think that the vast majority of people should not be smart enough to know that they need some kind of protection against connecting to the wild- and-woolly Internet. Whether or not ISPs should provide a perimeter defense or not is another question, but from where I sit it looks to me like it would be in their best interests to do so. Including a NAT with a DHCP server in their cable/DSL modems would be more than suffciet, since it would entirely solve the problem of nefarious incoming connections while not in any way compromising the end user experience or requiring any configuration changes on the part of the end user. The cost of standalone NAT routers is now well under $50, so it would surely cost very little for the cable/DSL modems to include the feature (it's a software upgrade, after all, not a hardware issue). Nonetheless, computer users who are so willfully ignorant of reality are getting to the point where they can't even use their computers, so, one way or the other, they're going to figure out that something is needed to fix the problem. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list [email protected] http://lists.shsu.edu/mailman/listinfo/finale
