Don Taylor said:
Suppose by some accident your machine has been taken over by a
bot or a rootkit. My understanding, after a fair amount of
digging is that the Linksys does nothing to stop anything
outgoing.
That's why we all use software firewalls in addition; they take care of the
outgoing traffic.
Thus the bazillion of bots spewing pump-n-dump stock spam for
the last few months.
Most of them that infect home machines are viruses/Trojans that use recognized
paths of infection, and are stopped by most current Anti-virus apps.
With a modicum of intelligence in Internet use and a reasonable array of
anti-malware apps, most home users will remain uninfected for years (I think my
last virus infection was in '94 or '95). Unfortunately, those who insist on
downloading stuff from questionable P2P and/or porn sites will be infected much
more readily. I don't know what you expect beyond NAT and SPI from hardware in
the "free/low cost" realm...
If you happen to click on some web page with a variety of net
scum there, doesn't NAT and State happily accept anything that
comes back in response to your outgoing packet requesting the
contents of that web page? That doesn't necessarily say it will
execute arbitrary binary as a response but if I understand
correctly State matching accepts anything back in response to
your out going packet.
Yes, but your browser should be set to deny scripting by default for unknown
sites, so the most likely path of infection is closed. There is very little
that can be accomplished in the way of malware with simple HTML when Active-X
and JavaScript are denied, and automatic installation of plug-ins is disabled.
And once inside if it finds a way to execute it, or gets you to
execute it then a number of the little net vandals disable
software protections on the machines and away you go.
So, corporations spend big bux on dedicated hardware firewalls (that are
essentially computers running more robust and restrictive versions of the
anti-malware we use). I don't think you had that kind of payment in mind...