On Mar 13, 2012 5:38 PM, "Brian E Carpenter" <[email protected]>
wrote:
>
> On 2012-03-14 11:25, Fred Baker wrote:
> ...
> > First is a personal experience. At my home, I have a standing load of
about 25 (plus or minus) packets per second that are discarded by the
firewall. I don't know what they are, and I don't honestly care. They don't
have my permission to be in my network, and I have to assume that if they
were to get into it, the hosts in my network would have to deal with them.
>
> From time to time I look at TCPView to see what's going on. At this
> instant, to my knowledge, I'm doing nothing on my machine except typing
> this email. TCPView tells me I have 63 endpoints (sockets) open, with
> 18 established TCP connections, and 14 sockets listening. Admittedly
> some of these sockets are connected to the loopback address, but even
> so, it's scary. What are all those .exe files listening on a socket
> all day?
>
> Windows Firewall is dropping about 3 UDP packets per second, and that's
> behind our campus firewall.
>
> That's reality, and much as I love the e2e principle I think the ordinary
> citizen is better off behind default-deny.
>

I am not trying to be dense, but why?

What is the negative scenario of not having a homenet firewall on? Using
real examples from the last 5 years .... I would like to know how a cpe
firewall protects against real threats to modern software.

> Personally I haven't run without an on-board firewall since I got my
> first wireless card (late 1999?). But we can't assume that applies to
> every home device.
>

Most PC software has shipped with a firewall on for the last ~10 years

Cb
>   Brian
> _______________________________________________
> homenet mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to