On Mar 13, 2012 5:38 PM, "Brian E Carpenter" <[email protected]> wrote: > > On 2012-03-14 11:25, Fred Baker wrote: > ... > > First is a personal experience. At my home, I have a standing load of about 25 (plus or minus) packets per second that are discarded by the firewall. I don't know what they are, and I don't honestly care. They don't have my permission to be in my network, and I have to assume that if they were to get into it, the hosts in my network would have to deal with them. > > From time to time I look at TCPView to see what's going on. At this > instant, to my knowledge, I'm doing nothing on my machine except typing > this email. TCPView tells me I have 63 endpoints (sockets) open, with > 18 established TCP connections, and 14 sockets listening. Admittedly > some of these sockets are connected to the loopback address, but even > so, it's scary. What are all those .exe files listening on a socket > all day? > > Windows Firewall is dropping about 3 UDP packets per second, and that's > behind our campus firewall. > > That's reality, and much as I love the e2e principle I think the ordinary > citizen is better off behind default-deny. >
I am not trying to be dense, but why? What is the negative scenario of not having a homenet firewall on? Using real examples from the last 5 years .... I would like to know how a cpe firewall protects against real threats to modern software. > Personally I haven't run without an on-board firewall since I got my > first wireless card (late 1999?). But we can't assume that applies to > every home device. > Most PC software has shipped with a firewall on for the last ~10 years Cb > Brian > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
