[plug] Advantages of Linux-based firewalls?

James Bromberger james at rcpt.to
Tue Feb 27 21:20:14 WST 2001


On Tue, Feb 27, 2001 at 08:52:54PM +0800, Bernard Blackham wrote:
> > My question is: does anyone know of any compelling reasons to switch? 
> > Yes, I've already tried the standard "more stable and secure" lines, 
> > but they don't seem to care. I've also (I think) used the "open source 
> > -> better all round" but they don't buy that either.
 
Scary thing I heard on the way to the forum...

New file sharing tool that has been developed. You fire up tool, and supply 
it with an IP or a range of IP addresses. Connects to a windows machine and 
examines all the shares on there, and then publishes the list of files and 
the IP address to a newsgroup. 

Obviously this is nothing new, having port 139 accessible on unsuspecting 
machines, but now it is very easy for someone to find you and publish your 
details and have your files accidentally leaked onto the net because you have 
a Win98SE machine that does connection sharing and has a comple of file shares 
that you use at home.

Especially with people connecting with ADSL *having* to use Windows! So 
you will find a large number of these high speed links are on machines that 
are very insecure. Can you risk your data? ;)

Easy solution is to disable it (remove shares, remove redundant protocols). 
But the scary prospect is that a large number of people just don't know how 
to use it properly or that they even have it enabled in such a way as to pose 
a threat to them.

So, I would say that it adds a *huge* layer of security to your home network. 
Even if you do want to share stuff over the net, you can do it with some 
degree of restriction and *logging*.

Yours,

  James
-- 
 James Bromberger <james_AT_rcpt.to> www.rcpt.to/~james
   IT, Pelican Manufacturing - www.pelicanmanufacturing.com.au
   Snr Web Systems Admin, JDV - www.jdv.com  *  www.hartleypoynton.com.au
       * *  C u in Bordeaux - 1st Debian Conference, July 2001 * * 
 Remainder moved to http://www.rcpt.to/~james/james/sig.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20010227/22b7a0f3/attachment.pgp>


More information about the plug mailing list