Re: Firewall/Router necessary?

"rich" <rsjones20@yahoo.com> wrote in news:1133222749.156587.125010
@o13g2000cwo.googlegroups.com:

> I've been testing for three days with another computer online with
> firewall configured to permit all traffic in - out, set to log.
>
> ---------------------------------
> Win2K, SP4
> Home system, Single computer, dial-up
> RegDefend
> Anti-Executable
> Deep Freeze
> ---------------------------------
>
> All ports except 135 are show closed by the OS on a port scan
> Messenger, DCOM, DTC services off
>
> My test is to see if the computer can be protected this way, and if so,
> to show that a router or firewall is not necessary for inbound
> protection.
>
> So far, I've picked up no alerts from RegDefend, nor Anti-Executable,
> and no suspicious files created/modified on the HD.
>
> I posted logs for the first two days:
>
> http://www.rsjones.net/log/

The problem with running a personal FW is that it can be attacked by
malware if malware can reach the machine and execute. Malware can attack
the PFW solution and take it down, adjust logs, reconfigure it just like
it can attack the O/S.

That's why if I have the option, I'll put the machine behind a NAT router
or a FW appliance that cannot or cannot be attacked that easily as it's
not part of the computer running with the O/S, it has logging of inbound
and outbound connections and other features so that I can clearly see
what's happening with traffic.

But if got no choice but to use a PFW with a direct connection of the
machine to the Internet, then that PFW solution is going to be
supplement. In addition to this I just can't see what's happening like I
want to see, but I do use other tools to help out.

Duane :)
Received on Sat Dec 3 04:18:40 2005