<Southpark> I call �shenanigans� . </Southpark> --- Larry Smith <lesmith@ecsis.net> wrote:
On Sunday 19 December 2004 16:47, Sean Donelan wrote:
The really scary thing is the infection rate of Home/SOHO computers with AV/firewalls is higher than "naked" computers. This flies in the face of both logic _AND_ my experience in the field.
After the .bomb exploded I did windows stuff to pay the rent, and there were 4 basic �groupings� of infection routes. (from the viewpoint of the infected box) External, uninvited (unpatched /unfiltered windows box) External invited (laptop from home) Internal intentional download/install (gambling, porn players with ad ware) Internal unintentional download (but all I did was install these extra fonts and smiles, I did not want my machine to become a Spam factory) It is probably a �duh� to most of the readers on this list but ill say it now for those that actually go through the archives to look for their answers before posting to NANOG. Just like in a REAL network (one that serves lots of end customers, and vars) security SHOULD follow a layered approach, and be monitored for compliance. Installing a hardware based firewall is the a good first defense, not using silly programs is another. (i.e. IE) people will for the most part follow the �lazy path� that allows them the most pleasure. In the places that I have installed a hardware filter/firewall I have not seen ANY infections that are related to just the machine �being online�, ALL have been the result of the use asking for these programs to be run, (in one form or another).
I am very interested in "where" this informatio is published and how it was obtained....
As am I. Since the price of a simple nat/filter box has come down to under $100 they should(should as defined by RFC) be installed as a �package� with the cable modem/dsl/modem/net hole. Could you please let us know where you got the supporting data for your theory. I know that the infection rate is high for the PC world, but figuring out the invited vs. uninvited infection rate, is of value to the discussion of end user firewall/filter use. The spam/virus issue won�t go away until those who prepare, propagate and profit, are removed from the matter. Either by, filters on the net, jail time/fines, or blood loss, (perhaps proper application of all options) all the people involved in spreading this malware should be discouraged from doing so. Lets clean up our frends/co-workers pc�s this coming year. When ever I go to someone�s house I'm making sure that their antivirus software is installed and up to date, box is patched, and that they have some sort of hardware based firewall. I�ve already given a few away as x-mas presents this year, and installed them. How about you? "less bitchin, more fixin!" -charles -- "champagne for my real friends, real pain for my sham friends" - ed norton