Linked by Eugenia Loli on Sun 13th Nov 2005 06:38 UTC, submitted by DKR
Windows This guide contains the practical security measures to secure your Windows desktop at home. This guide is not necessarily intended for business or enterprise use, but it might come in handy for some.
Thread beginning with comment 59758
To view parent comment, click here.
To read all comments associated with this story, please click here.
jziegler
Member since:
2005-07-14

Think outside the box: Any network app may have an exploitable hole -- not just Outlook/Outlook Express. It could be an instant messaging client, a USENET binary downloader client, a web server, or anything. .

Yes. Any network app can have an exploitable hole. The point about which I and the other poster are arguing are the involved TCP/IP semantics.

1) the application has to be running. unless it is a server daemon, it implies that
1a) somebody is using the computer
1b) it mostly does not have an internet-accessible port, on which it listents. E.g. Bittorent clients are an exception to this, but that is connected to 1a)

2) Most home firewalls permit all outbound connections and allow no inbound connections. Company firewalls ar e often stricter on outbound connections, but allow inbound connnections to specific ports.

Company firewalls, they should be administered by professionals, who know what inbound stuff they allow, why, and how to secure it.

So we have firewalls, which leave something or all outbound, nothing inbound. Hence, all connections must be initiated from the inside, by a user. From there comes the comment that someone is required to use the computer. So an idle computer, with user logged off, behind a firewall is not accessible from the Internet and therefore a worm cannot reach it.

One notable exception is the already mentioned Bittorent client, but I have not yet heard about an remote exploit in any of the implementations.

That's all I wanted to say. I'm not claiming anti-virus or anti-bad-sw-* software in general is useless.

If you can tell me about a worm, which can infect a computer, which has not any open socket reachable from the internet, I'd be delighted to hear. This is what I meant by my first "please elaborate" question.

Reply Parent Score: 1