Linked by Eugenia Loli on Sun 13th Nov 2005 06:38 UTC, submitted by DKR
Windows This guide contains the practical security measures to secure your Windows desktop at home. This guide is not necessarily intended for business or enterprise use, but it might come in handy for some.
Thread beginning with comment 59805
To view parent comment, click here.
To read all comments associated with this story, please click here.
Bit_Rapist
Member since:
2005-11-13

That my claim that worms spreading through firewalled systems was not "FUD" and that antivirus sofware is needed even when you have a firewall.

In that case I agree. Although the scanning can be done at different places, such as an email server or other proxy gateway that controls access to the internet. I'm online right now with no virus scanner running, sure one is installed *just in case* but my computer isn't wasting cycles with it running.

So what? It's still a worm that could go right through firewalls. I'll agree that a computer is secure if it isn't on, but that's hardly a viable security solution.

In my book a firewall (software based like norton and all the consumer ones on the market) are strictly for people who have no clue about is running on their system.

Think outside the box: Any network app may have an exploitable hole -- not just Outlook/Outlook Express. It could be an instant messaging client, a USENET binary downloader client, a web server, or anything.

I already think outside the box and honestly it dosen't worry me as I've got a fine track record at securing my operating systems to date.

And what happens when the next exploit isn't through e-mail? Or what if your e-mail server has a remotely exploitable buffer overflow and the server itself becomes the conduit for a worm? Without antivirus software, you'd be at risk.

Usually an exploit on that scale is going to put you at risk anyway. Blaster for instance, it exploited a buffer flaw in RPC on windows. No virus scanner helped with that one.

Reply Parent Score: 1

fmaxwell Member since:
2005-11-13

In my book a firewall (software based like norton and all the consumer ones on the market) are strictly for people who have no clue about is running on their system.

I'd have to disagree -- and I've got a lot of professional computer and network security expertise.

The advantage that a software firewall has is catching and stopping egress traffic that no hardware firewall can recognize. Something like ZoneAlarm cat tell what application is trying to access the network. You install something that tries to surreptitiously "call home" and ZoneAlarm pops up a box in which you can choose to let the application access the Internet, the trusted zone, and/or act as a server. The hardware firewall doesn't know if it's your browser trying to contact a site on port 80 or if it's spyware, a keylogger, or some other piece of malware.

I already think outside the box and honestly it dosen't worry me as I've got a fine track record at securing my operating systems to date.

I prefer not to take chances. When you write security plans for sensitive government data and it has to be approved by three-letter-agencies, you'll find that "so-far-so-good" doesn't go very far at all.

Reply Parent Score: 1