On Sat, 23 Jun 2001, Greg Kettmann wrote:
> IMHO it's far better to pay $129 bucks (or less if you can get a good
> deal) and let another company, that specializes in building a security
> machine, manage the headaches.
One thing I've already stated but wish to reiterate is: Just because you
have a firewall does not mean your system is safe. There is a long list of
network client software exploits which can be used even if you are behind a
first-class firewall.
Examples of such potentially vulnerable software include:
- Netscape Navigator (and related software)
- Microsoft Internet Explorer
- Microsoft Outlook (and related software)
- Microsoft Windows Media Player
- Microsoft Internet Information Server
- Apache
- AOL/Mirabalis ICQ
- Real Player
- Macromedia Shockwave Flash
- mIRC
- xchat
- gftp
- nsftp
- Pine
I am willing to bet good money that anyone here with a "home Internet
connection" uses at least one of these programs every time they connect. If
you do, you are not secure unless you keep the software constantly up-to-date.
If you connect to the Internet, you are taking a risk.
You can never eliminate that risk.
Regardless of OS.
Regardless of vendor.
Regardless of firewall.
You *can* minimize that risk, however. Much like protecting your car from
theft, you do not need to have a perfectly secure system. You simply need to
be more secure than the next guy. One of the best ways to do that is by
keeping your software patches up-to-date. The next guy does not; he will be
cracked while you will not. However, some effort is *always* required. If
you are not willing to invest that effort, than do not connect.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
