Simple solution...build the on-NIC firewall to not use uPnP, or at least require a password before changing rulesets. :) Seriously, this is such a stupidly simple solution that I'm amazed no one's attempted to make a product out of it yet. -C On Tue, May 11, 2004 at 12:21:29PM -0400, Valdis.Kletnieks@vt.edu wrote:
On Tue, 11 May 2004 11:38:33 EDT, Chris Woodfield said:
A better solution would be a NIC with a built-in SI firewall...manageable from a host app, but physically separate from the OS running on the PC.
Gaak. No. ;)
What's the point of a firewall, if the first piece of malware that does manage to sneak in (via a file-sharing program, or a webpage that installs malware, or an "ooh! Shiny!" email attachment) just does the network Plug-N-Play call to tell the firewall "Shield DOWN!"?