[AccessD] OT: DSL/IIS/Viruses

John Frederick j.frederick at att.net
Fri May 23 08:56:02 CDT 2003 

1.  Concerning the wireless vs. wired lan, I wouldn't expect wireless to be
any safer.
2.  The IIS viruses are a different breed from the email viruses.  I assume
I got my IIS ones from these programs that are constantly searching for web
servers.  During the time I was on-line getting my email or browsing, I
looked like a wide-open web server.
3.  A firewall doesn't have to be a big project.  I'm told that there are
low cost lan routers that include a firewall function.  You connect the DSL
modem through that function.  I can testify that the software firewalls on
each machine interfere with many of the programs that otherwise operate
across your lan.

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Jim DeMarco
Sent: Friday, May 23, 2003 9:45 AM
To: accessd at databaseadvisors.com
Subject: RE: [AccessD] OT: DSL/IIS/Viruses


What about running it on another machine on my (wireless) network that's not
directly connected to my DSL modem but has Internet access via that
connection?  Is that any safer?

Jim DeMarco


-----Original Message-----
From: Frank Tanner III [mailto:pctech at mybellybutton.com]
Sent: Friday, May 23, 2003 9:29 AM
To: accessd at databaseadvisors.com
Subject: RE: [AccessD] OT: DSL/IIS/Viruses


Personally, I wouldn't run ANY public accessable
services on my LAN.  There is a MUCH safer way to do
it, but it isn't super cheap.

I have a custom built firewall, which I run at home.
The "public" side of it connects directly to my
Internet connection, in this case a 1Mbit VDSL
connection.  Then I have a "private" side, which
connects to my LAN, and has my strict firewall rules.
Only what I want gets in and out.  Lastly, I have a
"DMZ".  This is where I place my publicly accessable
machines.  It is still firewalled, but not as
stringently as the LAN side, since the public needs to
hit it.  Even in this DMZ I only let through the ports
I absolutely need to.  Such as 80 & 443 for Web, 25 &
110 for e-mail, etc.  My LAN is also firewalled from
my DMZ in this configuration except for what's
absolutely needed.

In this confugiration, unless I specifically open an
e-mail with a virus attached, or something silly like
that, I'm about as safe as one can get from "the big
bad Internet".  The worst that can happen is that
there is an exploit for one of my publicly accessable
boxes and they get compromised.  My LAN is still safe.

As a side note, my firewall, web server, and e-mail
server are all running Linix or FreeBSD.  This makes
them less succeptable to all of the more common
attacks that the "script kiddies" like to use.  About
80% of the attacks and defacements on publicly
accessable servers are done by "script kiddies".  An
added benifit is that IIS specific exploits have no
affect other than to fill my logs, which archive and
rotate off daily.

Is this a bit excessive, since I don't run a business
out of my home?  Yeah, it is.  But there's no such
thing as too much security.

--- John Frederick <j.frederick at att.net> wrote:
> Yes, it is necessary.  When I started doing .asp on
> the same machine I used
> to dial-up to get email, I got, over some period of
> time, about a dozen
> different viruses, some of which propagated through
> my lan to other
> machines.  If you can't block the access from the
> net to your machines, you
> need to either use a firewall or disconnect the pws
> machine from the lan.
>
> P.S.: If you put firewalls, such as Norton or McAfee
> on your machines, you
> can ask to be warned and have a change to say ok or
> no when a program tries
> to access another machine or the net.  You'll be
> amazed about how many
> Microsoft and other vendow programs do so for no
> reason related to your
> current operation in progress.  If you're not
> already paranoid, that will
> make you so.
>
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com]On
> Behalf Of Jim DeMarco
> Sent: Friday, May 23, 2003 8:03 AM
> To: AccessD (E-mail)
> Subject: [AccessD] OT: DSL/IIS/Viruses
>
>
> List,
>
> A while back I got a DSL connection on my home
> office PC which I
> occasionally use for web development using Personal
> Web Server (Win 9x/ME
> version of IIS).  I was advised by our staff network
> person NOT to run PWS
> after the DSL was up because I'd be succeptable to
> attacks and viruses.
> Does anyone know if this is true?  I have not run
> PWS in a couple of months
> and have been using a disconnected laptop to write
> ASP code but I'm
> wondering if this is necessary.  Would I need to
> install a firewall if I
> want to run PWS?
>
> Thanks,
>
> Jim DeMarco
>
>
>
****************************************************************************
> *******
> "This electronic message is intended to be for the
> use only of the named
> recipient, and may contain information from Hudson
> Health Plan (HHP) that is
> confidential or privileged.  If you are not the
> intended recipient, you are
> hereby notified that any disclosure, copying,
> distribution or use of the
> contents of this message is strictly prohibited.  If
> you have received this
> message in error or are not the named recipient,
> please notify us
> immediately, either by contacting the sender at the
> electronic mail address
> noted above or calling HHP at (914) 631-1611. If you
> are not the intended
> recipient, please do not forward this email to
> anyone, and delete and
> destroy all copies of this message.  Thank You".
>
****************************************************************************
> *******
>
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
>
>
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com

_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


****************************************************************************
*******
"This electronic message is intended to be for the use only of the named
recipient, and may contain information from Hudson Health Plan (HHP) that is
confidential or privileged.  If you are not the intended recipient, you are
hereby notified that any disclosure, copying, distribution or use of the
contents of this message is strictly prohibited.  If you have received this
message in error or are not the named recipient, please notify us
immediately, either by contacting the sender at the electronic mail address
noted above or calling HHP at (914) 631-1611. If you are not the intended
recipient, please do not forward this email to anyone, and delete and
destroy all copies of this message.  Thank You".
****************************************************************************
*******

_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list