Steve really needs to ask himself, if all his pop does is run Firefox and email, why he's running Windows on that machine at all? Not safer per se, but a less meaty target. Still needs a nightly auto-update, though.
Also, (hi, John) filtering egress is pretty well moot on $home_router, most connectbacks these days go out on 80 or 443. IRC control channels are so last year. Also, Steve, there's a list for this sort of thing, not that it matters: http://www.securityfocus.com/archive/105/description Chris wrote: > Bullshit. > > Screw NAT, screw routers, screw bots. > > The *FIRST* thing Steve should be doing is patching his computer. There is > absolutely no freaking excuse for having an unpatched or halfway patched > computer running Windows whatever. Microsoft has made Windows Update > idiotproof...to the point where any average desktop user NOT using it is a > moron. > > To try to compensate for his lazy, half-assed attitude is just putting a > band-aid on the Grand Canyon. > > To think that his unpatched and probably already compromised computer is safe > just because it sits behind a router, of which he has no idea if it is > secured, is the blind leading the blind. > > PATCH THAT BOX. Turn on Automatic Updates, set them to install and reboot > automatically, Steve. You won't have to do anything except keep living in > the fantasyland you live in now...but at least your computers won't be > spewing out garbage. > > >> ----- Original Message ----- >> From: "Michael Fritscher" <[email protected]> >> To: [email protected] >> Subject: Re: [Full-disclosure] Dumb question: Is Windows box behind a router >> safe ? >> Date: Tue, 22 Sep 2009 20:42:06 +0200 (CEST) >> >> >> Hi Steve, >> >> I hope you haven't caused a storm with aggressive mails here^^ >> This maillinglist is more about now detected holes in soft- and hardware... >> >> First, you certainly mean not a normal router (which is on most cases 100% >> transparent in both directions), but a NAT-router. >> >> What the NAT blocks (in most cases) are incomings connections - But >> expecially since XP SP2 this is a very seldom used way to attack >> computers. >> Nowadays, most bad software use holes in apps - browser, office, flash and >> so on which use outgoing connections - which are NOT blocked by a >> NAT-router. >> So, yes, a bot connectiong to a botnet could be installed if Firefox or a >> plugin like Flash, Java, Quicktime and so on has a hole and you browse on >> a "bad" site. >> >> Btw, please read about NAT, routing, current bad software etc in the >> internet - this will help you understanding the concerns. >> >> Sincerly, >> Michael >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
