how does one do that ? have any concrete information pertaining these security measures ?
in a perfect world yes that's how i do it here and well it's not uncommon for malware to use local (root) exploits to escalate privilege
huh please explain. do you have some information on how to create 'restore images' since when ... i think image i think hardware specific root filesystem (windows)
"Sebastian G." wrote in news: snipped-for-privacy@mid.dfncis.de:
You've got my curiosity. What problem do you have with the listed applications?
And, you mentioned most router's these days aren't in fact firewalls. I'm fairly certain this Linksys router does indeed have a firewall. Can you elaborate on what specifically you are calling a firewall?
"Sebastian G." wrote in news: snipped-for-privacy@mid.dfncis.de:
On Vista, no. On XP and down, a normal user usually is an administrator and does have write access by default. You don't need to restart the system to take advantage. Windows will access the host file anytime it sees a dns request...*shrug*
So you practice safe hex and use a limited account for most of your day to day tasks right?
I write a spyware scanner, so I'm very interested in why you feel they are bad?
On Windows XP and later, it's called "Software Restriction Policy". For Windows 2000 and NT4 there's "PolicyMaker Application Security", "Antihook Workstation" or the costy Winternals System Manager.
On Linux and Solaris, it's simple kernel setting.
After you have successfully implemented such a policy, your focus should exactly be on privilege escalation vulnerabilities. But don't tell me these would be inherent and unavoidable.
With a third-party linux-based firmware that allows you full access to the underlying netfilter/IPTables rules, you can indeed build a firewill with a Linksys router. But with just the preinstalled firmware: No, definitely not.
A firewall is a concept to separate network segments.
In the current context: A device is a firewall if it's capable to implement a bridging firewall or a routing firewall.
The minimum requirement for that is that you can refer TCP states (and probably higher level protocl states for NAT helpers), and for the routing firewall you should additionally be able to either access the NAT state table or to have a confluent flow of the packets withing the filtering system with fully qualified flow routing.
When you assume that the user is logged in as an administrator, the entire discussion about security is void.
It won't reloaded cached requests though.
Dunno what exactly you mean with safe hex, but surely I won't use administrative privileges for anything else but administrative tasks.
As I already mentioned: Complexity is the exact contrary of security. As for your spyware scanner: What exactly stops me from writing a piece of malicious software that modifies itself without any detectable pattern? That works purely by side effects of the API?
What he mentioned doesn't even partitially address the problem, is based on horrible assumptions, has horrible side effects and is typically the most stupid way to achieve the intended.
That doesn't make the discussion at this point any less void.
As I said: Might be different from my understanding. Just #1 (Install, use and update anti-virus software) has hardly anything to do with real security. Even considering to keep on abusing MSIE and MSOE as webbrowser and mail client under #2 isn't secure either, what's about "# Install a good firewall"? One should definitely wonder why "Backup your data regularly" isn't the listed as #1...
I meant technically. I can tell you that the bad guy per se isn't afraid to get caught. As from the user side: Why should I start playing a cat-and-mouse game where I'm always the loser?
Which is even more stupid, at least for the given arguments. But still less stupid than the entire HOSTS file approach.
"Sebastian G." wrote in news: snipped-for-privacy@mid.dfncis.de:
I don't dispute that BugHunter is retroactive in what it does, and I wouldn't want anyone to think they are 100% safe regardless of the software they use, but I still believe some protection, even if it's retroactive in nature is better than none.
"Sebastian G." wrote in news: snipped-for-privacy@mid.dfncis.de:
I don't know the obvious problems you have with the programs listed, hence my question. Would you elaborate please?
Okay then. Thanks for answering my question in any event.
My linksys is a routing firewall, sir. I specify the ports I want redirected inside the lan and it does so. It's not nearly as advanced as a cisco full fledged router or anything, but it certainly does the job I ask of it. Keep this computer's ports safe, until/unless I open some.
"Sebastian G." wrote in news:5or713Fnqrn9U1 @mid.dfncis.de:
Unless the application is designed to evade whatever firewall a person might be using, that's usually how it goes. If you know something I don't, feel free to share it, we can all learn.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.