said:
>I've read several articles on computer security, lately. One of them is:
> http://www.pcworld.com/reviews/article/0,aid,115939,00.asp
>Perhaps you should read it.
There's nothing wrong with the article. As it states with respect to
routers and firewalls:
Hardware router
* Using NAT1 masks IP address from port scans.
* Blocks unsolicited incoming communications.
* Does not protect against most malware, such as Trojan horses,
viruses, e-mail worms, and spyware.
Software firewall
* Prevents backdoor apps, Trojan horses, and unwanted applications
from sending data from the PC.
* Protects a laptop on public wired and wireless networks.
* Can block some malware, but can't remove it.
>One of the points that the article made was
>that you need protection on the inside of your LAN, in case an adware or
>spyware program, of which you are not aware, attempts to contact someone
>outside to upload mined personal information (now, I know that this is
>mostly a Windows problem, not OS/2-ECS).
Don't be so sure. Given that Mozilla's XPI is fully programmable, I can
easily envision someone using it for spyware eventually. Also, OS/2 is
not 100% immune to all forms of spyware/adware. These annoyances
typically phone home via port 80, the very same port you must leave open
to do normal browsing. To shut these down you need to use some form of
URL or IP blocking. This is part of what the spyware/adware blockers do.
>Nevertheless, the article makes
>the point that a good software firewall (which I have) can protect you
>against such threats.
Actually that's not how I interpret what the article says. The
firewall/router can prevent traffic on the non-standard ports. It does
little or nothing to prevent traffic on the open ports. That's why WinXX
users need so many additional tools to fight these other threats. These
other threats typically communicate over the standard ports.
>My Injoy firewall allows me to configure it on many levels. For example,
>I can block outgoing communications to all ports, except those that I
>know and want (FTP, SMTP, WWW, etc.). And that's what I'm attempting to
>do.
Beware of false security.
>Remember, I will REALLY want to do this on my Windows computers.
I know this. Joan runs a Win2K box. Every time she boots, she does a
virus update, a windows update, a spyware blocker update, etc. etc.
Finally, she can browse and read email. What a waste of potentially
useful time.
Steven
--
----------------------------------------------------------------------
"Steven Levine" MR2/ICE 2.47 #10183 Warp4/FP15/14.093c_W4
www.scoug.com irc.fyrelizard.com #scoug (Wed 7pm PST)
----------------------------------------------------------------------
=====================================================
To unsubscribe from this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-help".
For problems, contact the list owner at
"rollin@scoug.com".
=====================================================
<< Previous Message <<
>> Next Message >>
Return to [ 26 |
July |
2004 ]
The Southern California OS/2 User Group
P.O. Box 26904
Santa Ana, CA 92799-6904, USA
Copyright 2001 the Southern California OS/2 User Group. ALL RIGHTS
RESERVED.
SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group.
OS/2, Workplace Shell, and IBM are registered trademarks of International
Business Machines Corporation.
All other trademarks remain the property of their respective owners.
