Re: Most Popular Hardware Firewalls?

snertking wrote:

>> Yeah, it's breaking everything. And pretty soon the users allows this or
>> that, or if something doesn't work he disables it temporarily. Pretty
>> unavoidable with such crappy default settings. And as long as IE, OE, MS
>> Office, MSN Messenger, mIRC or other crap is allowed, you'll get the
>> malware anyway.
>
> Not true with a decent firewall that does IPS.

Most IPSs are crap, besides they offer wonderful possibilities of Self-DoS.

>> So, blocking all JavaScript, CSS, all Links containing "ftp:", Objects
>> and (I)Frames?
>>
>
> No. Siganture based detection. Blockeing PARTICULAR javascript exploits,
> etc.

Ever heard something named "encoding"? Just
eval(unescape($escape-encoded exploit)) is usually sufficient to
circumvent it, and this is comparably simple to the real exploits out there.
Received on Mon May 1 00:53:41 2006