[THIN] Re: FYI - New worm
- From: "Matt Kosht" <matt.kosht@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 23 Mar 2004 22:31:04 -0500
I would posit that a good firewall is only as good as the OS it runs on.
Building a secure firewall on a Windows PC is akin to building a brick
house on a fault line.
I have been using ICF and now the Beta Windows Firewall on my Windows
PC's. These work well enough, though inflexible for my taste. I even
recommend it turned on inside the corporate firewall, many are
misconfigured or inadequately admin'd.
I am contemplating an OpenBSD PF (packet filter) home-brewed firewall at
the home office. Only 1 remote exploit found in the default install in
7 years. Not a bad track record. http://www.openbsd.org
>>> jimkenz@xxxxxxxxxxxxxx 03/23/04 7:17 PM >>>
I stand by my choice and constant suggestions of Sygate Firewall. It
has
been protecting me reliably for years. I hate black ice, Norton and
zone
alarm.
Jim
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On
Behalf Of Matt Kosht
Sent: Tuesday, March 23, 2004 11:21 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: FYI - New worm
Wow one week. I am a registered user of BlackICE and didn't get so much
as a peep from ISS.
ISS's reputation is in toliet after this one. I can remember Steve
Gibson http://www.grc.com complaining about BlackICE inadequacies as a
firewall over 2 years ago. Looks like he was right. Thankfully I had
only had a lone 2 PC branch office that was still running this piece of
garbage. Luckily they did not have the worm yet.
>>> amerk@xxxxxxxxxxxxxxxx 3/22/2004 9:58:05 PM >>>
Sorry to hear you got hit that hard, but according to ISS they had a
patch out for this a week before the worm hit.
>From their website: (http://www.iss.net/)=20
"The fix was delivered as a maintenance update before eEye publicly
disclosed the vulnerability. Before any worm could be developed 'in
the
wild', ISS customers were protected automatically via a simple update
that shielded the vulnerability from attack."
I'm guessing you guys didn't get the update?
Regards,
Amer Karim
Nautilis Information Systems
e-mail: amerk@xxxxxxxxxxxxxxxx
=20
=20
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jennifer Hooper
Sent: March 22, 2004 4:16 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: FYI - New worm
I just want to say that this virus writer must really have some brass
ones,
man. This was a looloo, came back in through ISS on our servers.
Knocked
out all critical systems. Thank goodness we have great people on our
team,
enabling us to be back up by business this morning...mostly. I sure
hope
that no one else got hit with it. We might be doing cleanup for
weeks.
Jen
********************************************************
This weeks sponsor Emergent Online.
Emergent OnLine is the leading server-based computing consulting
integration firm in the nation. Emergent OnLine delivers expert
consulting services you can depend on.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This weeks sponsor Emergent Online.
Emergent OnLine is the leading server-based computing consulting integration
firm in the nation. Emergent OnLine delivers expert
consulting services you can depend on.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
