"I have a professional, ethical, moral and legal duty to conduct and use my computer in a manner that does not comprise or expose the data of my clients." And what I'm getting at is we all have different perceptions of exposure. Where do we draw the line? Why do we draw it there? But what if... I believe these questions have been discussed over and over (although perhaps not here, on this list, very often). "a different set of standards MUST prevail." Who's standards? Could you point to an RFC that says "No game servers on a firewall" or what not? How I wish the computer tech industry would band together and make some kind of guild or something, so we can all follow the same proceedures. I believe this is where our problems are occuring. Back in the earily days of the medical field, things considered wrong/illegal or right/legal where different now. I believe such will be the ways of administration of computers. Conversations like this only help us progress and learn each other's perception. Justification of our own percpetions (such as the email I'm replying to) are highly needed so we can learn. Everyone has their own circumstances (which is what makes our jobs fun... Or bad... Whatever). "IMHO, configuring my computer and firewall for on-line gaming breaks that duty." If you had people you didn't trust (gamers, visiters, whatever) you would want to do the same. Any company that doesn't, IMO, is beeing foolish and too trustworthy (and will get bitten one day) -- doesn't matter if its gaming or not. However, this all falls back to how do you measure insecurity? And what point you are willing to put your foot down? In any case, we've gone way beyond the original point of the email. At the end of the day, the cow still goes moo. (it's funny... Laugh... Or maybe it's not so funny). Kenny -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, April 07, 2005 1:11 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Protocol question http://www.ISAserver.org Responding to multiple posts: While it is everyone's absolute right to do what they chose with what they purchase, part of that right is removed when you are using that purchase to provide services for others. If Andrew was mealy saying he wanted his ISA to both be as a firewall for his computers and all on-line gaming that is his choice. But once his actions can affect others, and in this case, his clients, a different set of standards MUST prevail. I have a professional, ethical, moral and legal duty to conduct and use my computer in a manner that does not comprise or expose the data of my clients. IMHO, configuring my computer and firewall for on-line gaming breaks that duty. If you are curious as to the security breaches and comprises in computers running on-line games, just visit any Internet Gaming Center/Café. Most if not all use software on the computers that does one of 2 things: A) Able to reapply the computer image daily or weekly. B) Software installed that prevents changes to the files and registry on the computer but allowing applications to think that it is being changed. (I do not remember what that software is called, but it is designed so that a user can do what they want to the computer, and then upon restart it is back to normal. If I remember, it costs like $50 per computer for an annual license.) Most will not have firewalls in place because most people do not know how to properly configure a firewall for on-line gaming. (Needs to be in standard or pass through mode with computers having public IPs.) It is estimated that 75% of all computers outside of Internet Gaming centers also have one or more of the following installed whether intentional or not: File sharing programs, Chat programs, Trojans, Viruses, Spyware and so forth. Think about that for a minute. That high of a percentage can not be by choice of that computer user/owner. Remember, the hackers and other bad guys out there also know which ports are needed for what games. As I had read recently about on-line game vulnerabilities, the focus on the software that runs these games is not on security and as such vulnerabilities can and are found at a much higher rate than the general public knows about. So, IMO, the question of appropriateness for this list is not of content. It is how the poster is asking the questions and for what purpose. John T eServices For You ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: nazadus@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx