From owner-freebsd-questions Fri Jun 8 23:30: 6 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 44B1A37B401 for ; Fri, 8 Jun 2001 23:30:00 -0700 (PDT) (envelope-from tedm@toybox.placo.com) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id f596TWl31006; Fri, 8 Jun 2001 23:29:33 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Bill Moran" , "Jim Conner" Cc: , "Josh Thomas" , Subject: RE: IPFW rules and outward connections Date: Fri, 8 Jun 2001 23:29:32 -0700 Message-ID: <001701c0f0ad$8b2c0420$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal In-Reply-To: <3B213407.D5A6E547@iowna.com> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Bill Moran >Sent: Friday, June 08, 2001 1:23 PM >To counter that, there are an unbelievable number of servers on the `net >in a terrible state of insecurity. This makes the risk of DoS attacks >VERY high. What's even worse than the open servers are the Windows home systems on DSL and Cable modem links that have ignorant users that open e-mail with trojans and such that install into their system. Crackers use these to create large networks of IRC reflectors and run DoS attacks against people. The increasing use of Wake on Lan adapters on DSL-connected systems is another problem area too. Crackers can even boot up Windows systems remotely that have worms and trojans on them that are on DSL and Cable networks now. The travesty is that there's free firewalls like ZoneAlarm that the Windows users can download to protect themselves. I haven't decided which is worse now - the ancient Linux systems that cheapskate companies get some consultant to set up then never patch or upgrade after that, or the Windows systems that are on DSL run by clueless users. At least the users with the Windows systems can shut them down, the companies won't generally because they usually are running those systems as production webservers and the like. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message