If you pick up an exploit via a web browser a firewall isn't going to help you anyway. The process needs only to hook into another process, or install a rootkit, or in the case of windows firewall, things can be added to the firewall 'convincing' it to not say anything. A firewall may be needed for those who don't know what they are doing, but to say that EVERYONE should run a firewall is ludicrous. I've been running firewall free for many years and i've NEVER gotten exploited. To say an unprotected windows box can be owned in 10 minutes isn't true. All new copies of windows xp run at least sp2, which isn't subject to the exploits the original release was.
Murphy, Ged (Bolton) wrote:
I'm sorry, but that's ridiculous, I can assure you that a firewall is needed.
I work in computer security, so I'm pretty sure I know how to set up a network securely. I run, amongst other things, gateway FW, AV, IDS, vunl + rootkit scanners, and I don't even have any network services switched on (apart from a honeypot in a DMZ at times for fun)
I think the statistics for hooking up an unprotected Windows machine to the internet are something like 10 minutes before it becomes infected.
I think I understand the angle your looking at, if you don't run any services then effectively nothing can exploit you, but his is just not true. Consider you pick up a 0 day via your web browser. This in turn loads software which contacts an IRC botnet, installing a trojan turning your machine into a zombie. That zombie can now send out whatever data it wants unchecked by an outbound checking firewall. The fact you don't use an AV means it'll probably never be picked up unless you notice traffic congestion, or happen to see it in via 'netstat -a'. This is just one scenario out of thousands.
What if you actually wanted to run some services. ROS will one day be used in this manner, whether it be for web and mail servers or something else, it will certainly need a firewall to control traffic.
If firewalls aren't needed, why does nearly everyone use them, and why is Cisco's PIX so popular?
-----Original Message----- From: Richard Campbell [mailto:eek2121@comcast.net] Sent: 15 November 2005 01:31 To: ReactOS General List Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster@exideuk.co.uk mailto:postmaster@exideuk.co.uk and then delete this message.
Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general