firewall test and NAT

[ToddAndMargo]

It was not that you were attacking Microsoft that prompted my response - it
was/is the inferrence of "you'll be safe if you don't use IE" in the
statement you made I was referring to. A little to specific to ring true.
If you had said the same thing about Opera or FireFox - the response would
have been no different.

"Safer." Not completely safe. It is like you are about to
choose a plane to fly on. You could go with the one with
both wings about to fall off or the one with the bad seats.

"Safer". I never meant to imply complete safely. If I am
remembering the charts I have looked at, IE is about 4 times
more likely to have security holes than FF. FF also fixed
security holes much, much faster.

And FF is not the file system. IE and Windows Explorer (WE)
are the same thing. Compromise IE and you have compromised
your file system. Now that deserves the title of "stupid".
You can do a lot more damage with IE/WE than you can FF.

You can still be blind-sided and that changes every day.

True. I think I will pick the plane with the bad seats.

-T

 

[Shenan Stanley]

<snipped>
Read the entire conversation:
http://groups.google.com/group/micr...p.general/browse_frm/thread/3c579a58e5ce5a68/




Leythos wrote:

With all of the issues that have been in the media, anyone getting
malware has just got to be stupid, at least for the most part.

<snip>

<snipped>

ToddAndMargo wrote:

My only disagreement with Leythos was the stupid comment. All you
have to do is "visit" an compromised web site with Internet
Explorer and you are infected. The users has no control over it,
except stop using IE.

<snip>

Seriously?

I am surprised (given your other comments) you can say something
like, "The users has no control over it, except stop using IE." Not all
problems center around Microsoft created anything. You can
(and people do) get infested/infected using all sorts of different
browsers. ;-)

I do disagree with the Leythos quote (above - although I haven't
checked to confirm it was actually Leythos who posted it) in that
people can be intelligent and even careful and still get
infested/infected; but for you to say that the users have no
control over such things except to stop using Internet Explorer -
that does show some level of at least self-inflicted blindness on
your part.

I personally use Firefox and Internet Explorer just about evenly. I use
IE7 for the most part but have 'upgraded' to IE8 on several
machines. In many ways - some of the features others may find
useful, I find a bit annoying - but I am sure I will get used to
them and even probably miss them eventually on non-'upgraded'
machines.

For the most part - users of the machines I help manage utilize
IE7. They have the option (always have) of using Firefox - but
some (could because of limitations of web pages and plugins they
have to use) don't use it at all and others only click on it
infrequently (sometimes I think out of curiosity or strange
accident.) There are some that use it a lot, excluding when they
need to use the certain pages I alluded to.

*None* have become infected/infested. They've had scares (in both
cases) - but thanks to the setup (which consists mainly of them
being 'user-level' and protected by AV/AS with the built-in
firewall enabled and most behind a drawbridge firewall - the latter
two of which has little effect in this discussion of spyware/adware
infection via web pages) they have not been infested/infected in
the years I have been around and helping to manage them.

I like to use several overlapping security features to protect
my users. One of them is to get off IE. IE has a L-O-N-G soiled
reputations for being security swiss cheese. And, yes, if a
user lands on a compromised site, he typically has no control
over it, depending on the virus.

By the way, Mozilla pays for security bugs last I heard. And,
they usually fix them in two days. Compare that with IE, which
is a week to never.

There is no religious extremism here. It is just the way it
is. IE is just bad (security) code. There are all sorts of
charts out on the Internet comparing security problems in
Firefox to IE. They will open your eyes. Microsoft makes
other good stuff -- don't get your nickers in a twist.

Let's do clarify one thing - if Microsoft disappeared tomorrow
completely - I could care less. No celebration, no mourning - just
a different day.
It was not that you were attacking Microsoft that prompted my
response - it was/is the inferrence of "you'll be safe if you don't
use IE" in the statement you made I was referring to. A little too
specific to ring true. If you had said the same thing about Opera
or FireFox - the response would have been no different.

Reputations (good and bad) are often exaggerated to ridiculous
proportions by such blanket statements such as the one you made. I
just wanted to chime in before someone read it and took it as
gospel.
While I personally will (and have) recommend people use alternative
browsers (to Internet Explorer) for various reasons, including
security - the statement you made should have been broader, IMO.

'These days, all you have to do is "visit" a compromised web site
and you may get infected/infested.'

You may be using the latest Firefox, the latest Opera, the latest
Internet Explorer with the latest patches on each of them. You
might even have other protections in place beyond that afforded to
you by the browsers themselves. You can still be blind-sided and
that changes every day.
Give and take.

"Safer." Not completely safe. It is like you are about to
choose a plane to fly on. You could go with the one with
both wings about to fall off or the one with the bad seats.

"Safer". I never meant to imply complete safely. If I am
remembering the charts I have looked at, IE is about 4 times
more likely to have security holes than FF. FF also fixed
security holes much, much faster.

And FF is not the file system. IE and Windows Explorer (WE)
are the same thing. Compromise IE and you have compromised
your file system. Now that deserves the title of "stupid".
You can do a lot more damage with IE/WE than you can FF.

True. I think I will pick the plane with the bad seats.

The possibility of mis-interpretation of your original statement is lowered
greatly now. Thanks.

However - if you would like to provide web links to these charts you looked
at - that would be great.

 

[ToddAndMargo]

However - if you would like to provide web links to these charts you looked
at - that would be great.

Just do a Google Search.

Here is one: http://news.cnet.com/8301-1009_3-10190206-83.html
Note the days it took IE to fix their bugs. The red ones were not
patched as on 12/31/08.

-T

 

[Jim]

To ToddandMargo - please realise there is a person that writes here
impersonating MVP`s and gives bad advice .

 

[Leythos]

It was not that you were attacking Microsoft that prompted my response - it
was/is the inferrence of "you'll be safe if you don't use IE" in the
statement you made I was referring to. A little to specific to ring true.
If you had said the same thing about Opera or FireFox - the response would
have been no different.

I have thousands of customers that use IE and have never been
compromised. While IE is an exploit path, it's not bad enough in a
properly secured environment that you have to stop using it.

If you employ block-lists of most non-US countries, content filtering at
your firewall, basic Windows security measures, and you keep your
patches updated along with a quality AV solution, there is little real
chance that you will become compromised.

That being said, using IE or Fire Fox, if you ignore all of the warnings
from the last decade, you WILL be compromised.

 

[Twayne]

Sorry, you're right, I failed to check the headers to verify it was
you before I hit send in my reply.

Not a problem; let it flail away. But thanks for the comeback; nice to
see manners in this group; they're getting scarce with "it" around.
Twayne

 

[Twayne]

ToddAndMargo wrote:
....

w7 really, really cleaned Vista up (except for XP program
compatibility, but they are working an an "XP" box).

-T

What pray tell is "working on an "XP" box"? Completely news to me.

Citations, URL, any verifiable reference at all please?

Regards,

Twayne

 

[ToddAndMargo]

ToddAndMargo wrote:
...

What pray tell is "working on an "XP" box"? Completely news to me.

Citations, URL, any verifiable reference at all please?

Regards,

Twayne

Since Twayne is rather well mannered, I presume this is the
impostor. But anyway, if anyone is interested, here is some
good reading material along those lines:

Windows 'XP mode': The new DOS box
http://ifwnewsletters.newsletters.infoworld.com/t/4959983/121124681/188332/0/

Windows 7's 'XP mode': Glitches and annoyances
http://ifwnewsletters.newsletters.infoworld.com/t/4959983/121124681/188333/0/

Microsoft's Windows 7 release candidate goes public
http://ifwnewsletters.newsletters.infoworld.com/t/4959983/121124681/188334/0/


-T

 

[ToddAndMargo]

I have thousands of customers that use IE and have never been
compromised. While IE is an exploit path, it's not bad enough in a
properly secured environment that you have to stop using it.

Hi Leythos,

I see computers compromised by IE *all-the-time*.
I recently dispatched, Sinowal which was a really fun one
(it's an MBR virus).

Your use of layered security is a really good
practice. Since IE is far more likely to be compromised
(just do a Google search on "security firefox Internet
explorer") than Firefox, Firefox would be another good layer
for you to add.

Firefox also has "Larry" the traffic cop, which keeps
you off of bad pages -- another good layer of security.
This, especially with AV products going down the dumpers!
(See: http://www.anti-malware-test.com/)

Not that I'd ever recommend this, but I had one
customer who had a three year expired Norton, who
used Firefox because I told her to, never caught a
virus in that three years. Last week I had another
user that I told to use Firefox go a year with
no antivirus at all and not catch anything. (To
come clean, both users were behind NAT.)

In the end, it is about what is the best for the
customer, not in defending one vendor or another's
pride. Except for the IE part, your layering is
a really good practice.

-T

 

[ToddAndMargo]

Hi All,

I posted a question about appliance firewall over on
comp.os.linux.networking. A fascinating dialog insured.
On one of them, a responder gives an extremely scholarly
description on how to protect a Windows network.
Another posted actually excised one of those viruses
this infects web pages. And he gives code and lots of
details. (If you are an apologist for IE and/or Outlook,
I do not recommend you read this, as it will make your
blood boil.)

Start of the dialog:
http://groups.google.com/group/comp...977806cda8265?q=toddandmargo#ba0977806cda8265

The firewall how to for Windows:
http://groups.google.com/group/comp...06cda8265?hide_quotes=no#msg_60d9b83112945772

The IFRAME exploit:
http://groups.google.com/group/comp.os.linux.networking/msg/d440ef7f9f620f78?dmode=source

-T

 

[Twayne]

Hi All,

I posted a question about appliance firewall over on
comp.os.linux.networking. A fascinating dialog insured.
On one of them, a responder gives an extremely scholarly
description on how to protect a Windows network.
Another posted actually excised one of those viruses
this infects web pages. And he gives code and lots of
details. (If you are an apologist for IE and/or Outlook,
I do not recommend you read this, as it will make your
blood boil.)

Not likely to boil my blood; anyone can post anything they want to, real
or imagined, factual or not. There is little supporting information of
any kind that can't be found on the 'net. It's not exactly new to
reference self-serving links, after all.

 

[Barry Schwarz]

Forget my last post I was wrong, you need to format your hd and reinstall
windows.

For the archives, this is a forged post and the advice is bogus.