[dba-Tech] security (was: Child's play)

Francisco Tapia fhtapia at gmail.com
Thu Sep 30 12:50:18 CDT 2004


unless these machines have the proxy information logged into your
internet options settings then any program can use IT to connect back
out to the world and call home.  A software firewall still stops this.

ON TOP OF WHICH:  
If a machine should become compromised in your network, you will be
sure to know that the one w/ the software firewall won't become
infected/compromised.  It sure helped me w/ the latest blaster worm
that ran amok in our company's lan. (yes i know, proper precautions
should be taken, but damn it they don't run SUS or a form of it to
push out security updates, they still rely on windowsupdates damn it!)


On Thu, 30 Sep 2004 12:36:37 -0500, Drew Wutka <dbatech at wolfwares.com> wrote:
> Depends on the router/setup.  My setup at home won't prevent something
> 'calling out', but our setup at work will.  No one has direct access to the
> router (almost), so the only machines allowed out are our proxy, mail server
> (my machine, and Marks machine).  No software 'firewall' necessary.
> 
> Drew
> 
> 
> 
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com
> [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Francisco
> Tapia
> Sent: Thursday, September 30, 2004 12:22 PM
> To: Discussion of Hardware and Software issues
> Subject: Re: [dba-Tech] security (was: Child's play)
> 
> a good hardware firewall will keep any other kind of connection out,
> but it won't prevent software from calling home, that's what software
> firewalls do.  I prefer Sygate to ZoneAlarm tho.
> 
> On Thu, 30 Sep 2004 11:48:41 -0500, Drew Wutka <dbatech at wolfwares.com>
> wrote:
> > I wouldn't run Zone Alarm on top of a router firewall.  That's just silly.
> >
> > Drew
> >
> > -----Original Message-----
> > From: dba-tech-bounces at databaseadvisors.com
> > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John Bartow
> > Sent: Thursday, September 30, 2004 9:43 AM
> > To: Discussion of Hardware and Software issues
> > Subject: RE: [dba-Tech] security (was: Child's play)
> >
> > You are correct in your assumptions! Like I said, I've never had this
> issue
> > happen to me. Doesn't mean it can't happen!
> > :o)
> >
> > At this point I would have uninstalled the entire suite. cleaned the PC
> and
> > reinstalled it. The most problematic NIS installation I worked on (nothing
> > compared to your example) was one where the owner installed it.
> >
> > On this subject I just got off the phone with a small business client who
> > recently moved his office complex from Cable access to DSL (cost wise was
> > much better). He has been having problems with just about everything since
> > then. He just called and asked me to come and straighten it out for him.
> He
> > had called the DSL company support this morning and had a tech tell him
> that
> > they couldn't help him while he was running a firewall and anti-virus
> > program AND that these things were totally unnecessary with their internet
> > access because of their security. He said the tech claimed that the router
> > was all the protection he needed.
> >
> > Anyone else heard this kind of advice lately?!
> >
> > -----Original Message-----
> > From: dba-tech-bounces at databaseadvisors.com
> > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Francisco
> > Tapia
> > Sent: Wednesday, September 29, 2004 12:09 PM
> > To: Discussion of Hardware and Software issues
> > Subject: Re: [dba-Tech] Child's play
> >
> > Yes I did try to invoke "Permit All" from the Firewall configuration,
> > under the Programs Tab, I found IE and FireFox, I set both of them
> > from Automatic to Permit All, while the Firewall was invoked, there
> > was NO internet access.  I disabled the NIS firewall and I had my
> > internet back, I installed Sygate Personal Firewall, reboot, and
> > resumed using the pc, this time I was able to get to the internet w/
> > either IE or FireFox depending on their Allow/Block stataus.
> >
> > so to me NIS was a hassle... IF the program has been given "PERMIT
> > ALL" status for communication, I understand that to mean that the
> > program has FULL permissions to access the INTERNET.
> >
> > what part of that am I confusing?
> >
> > _______________________________________________
> > dba-Tech mailing list
> > dba-Tech at databaseadvisors.com
> > http://databaseadvisors.com/mailman/listinfo/dba-tech
> > Website: http://www.databaseadvisors.com
> >
> >
> >
> >
> > _______________________________________________
> > dba-Tech mailing list
> > dba-Tech at databaseadvisors.com
> > http://databaseadvisors.com/mailman/listinfo/dba-tech
> > Website: http://www.databaseadvisors.com
> >
> 
> --
> -Francisco
> http://ft316db.VOTEorNOT.org
> 
> 
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
> 
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
> 



-- 
-Francisco
http://ft316db.VOTEorNOT.org



More information about the dba-Tech mailing list