Why you must install a firewall NOW

TheMSsForum.com: The Microsoft Software Forum

http://www.zdnet.com/anchordesk/stories/story/0,10738,2914667,00.html

"MSBlast, the recent worm that exploited the buffer overflow in Windows's
DCOM RPC protocol, wasn't the sort of e-mail-borne pest that antivirus
software is good at catching. Instead, it infiltrated computers directly
through their Internet connections.

Although installing the latest Microsoft patches should prevent infections
from this sort of worm, a simple software firewall will do the trick, too,
whether or not you have antivirus software installed. "
Top

Re: Why you must install a firewall NOW by Bill

Bill
Thu Sep 18 12:56:31 CDT 2003

You can firewall everything, especially the laptop. Opening such firewalls
for file and print sharing nullifies a lot of the protection, but not all.

You can invest in Windows Server 2003 and use it's quarantine feature.

There's no simple fix for this one, and I'm not the most experienced here to
give this answer--hope someone else chimes in. User education is key here.
There are lots of stories of folks who depended on a single firewall on the
external connection and didn't patch--you need both, and maybe you need
firewalls on all internal nics as well.

"Sue" <sue-diefenderfer@smh.com> wrote in message
news:0bef01c37e0b$18d729c0$a001280a@phx.gbl...
> What do you do to control people who take their laptops
> home and bring it in from there?
>
> >-----Original Message-----
> >http://www.zdnet.com/anchordesk/stories/story/0,10738,291
> 4667,00.html
> >
> >"MSBlast, the recent worm that exploited the buffer
> overflow in Windows's
> >DCOM RPC protocol, wasn't the sort of e-mail-borne pest
> that antivirus
> >software is good at catching. Instead, it infiltrated
> computers directly
> >through their Internet connections.
> >
> >Although installing the latest Microsoft patches should
> prevent infections
> >from this sort of worm, a simple software firewall will
> do the trick, too,
> >whether or not you have antivirus software installed. "
> >
> >.
> >


Top

Re: Why you must install a firewall NOW by dont

dont
Thu Sep 18 23:15:39 CDT 2003

"YoKenny" <YKnot@home.invalid> writes:
>http://www.zdnet.com/anchordesk/stories/story/0,10738,2914667,00.html

>"MSBlast, the recent worm that exploited the buffer overflow in Windows's
>DCOM RPC protocol, wasn't the sort of e-mail-borne pest that antivirus
>software is good at catching. Instead, it infiltrated computers directly
>through their Internet connections.

>Although installing the latest Microsoft patches should prevent infections
>from this sort of worm, a simple software firewall will do the trick, too,
>whether or not you have antivirus software installed. "

I'm puzzled by this and perhaps someone can explain this to me and to
everyone else.

If I, for example, go buy Norton Firewall and install it then I'm pretty
sure it doesn't delete ALL the software written by Microsoft that has to
do with networking (good and bad, bugs and quality code) and replace it
with good known reliable code to handle all the networking.

So how does this firewall protect us from bugs in Microsoft written
network code that is running our systems.?

I think I can understand how buying an external router with built-in
firewall could provide this protection, the bad packets don't ever
get through the router to the Microsoft code.

I think I can understand how running BSD unix on an old 486 under the
table and having it set up as the router could do the same.

But it isn't clear to me how turning on Microsoft's firewall, or any
other firewall that is running on the same box and that doesn't erase
the existing network software protects us from bugs in the existing
network software. There must be something in this I don't understand

Thank you for any enlightenment
Top

Re: Why you must install a firewall NOW by YoKenny

YoKenny
Fri Sep 19 09:54:03 CDT 2003

Don Taylor wrote:
> "YoKenny" <YKnot@home.invalid> writes:
>> http://www.zdnet.com/anchordesk/stories/story/0,10738,2914667,00.html
>
>> "MSBlast, the recent worm that exploited the buffer overflow in
>> Windows's DCOM RPC protocol, wasn't the sort of e-mail-borne pest
>> that antivirus software is good at catching. Instead, it infiltrated
>> computers directly through their Internet connections.
>
>> Although installing the latest Microsoft patches should prevent
>> infections from this sort of worm, a simple software firewall will
>> do the trick, too, whether or not you have antivirus software
>> installed. "
>
> I'm puzzled by this and perhaps someone can explain this to me and to
> everyone else.
>
> If I, for example, go buy Norton Firewall and install it then I'm
> pretty sure it doesn't delete ALL the software written by Microsoft
> that has to do with networking (good and bad, bugs and quality code)
> and replace it with good known reliable code to handle all the
> networking.

Norton Firewall does not delete or replace any Microsoft code.

> So how does this firewall protect us from bugs in Microsoft written
> network code that is running our systems.?

See below.

> I think I can understand how buying an external router with built-in
> firewall could provide this protection, the bad packets don't ever
> get through the router to the Microsoft code.
>
> I think I can understand how running BSD unix on an old 486 under the
> table and having it set up as the router could do the same.
>
> But it isn't clear to me how turning on Microsoft's firewall, or any
> other firewall that is running on the same box and that doesn't erase
> the existing network software protects us from bugs in the existing
> network software. There must be something in this I don't understand
>
> Thank you for any enlightenment

Read these
http://www.firewallguide.com/
http://grc.com/su-firewalls.htm

Top