NIS will not let me synchronize the PC Date/Time

s/attacks/non-attacks as attacks/ :-)

Then there is remains being theoretical, because different exeptions by IP Windows-Firewall supports, too.

Yours, VB.

I want to break it on a unprotected wi-fi, that is a goal.

User should to that when switching networks, but I already said, he don't know how.

Yes it does.

No, I'm not speakin about hidden SSID, but on SSID of a public wi-fi user is going to connect to, that SSID is visible. You don't have to sniff it. It is defined becouse maybe there are other public wi-fi arround so that you can choose correct one. You can ask public wi-fi admin or it will just be the name of the hotel you are staying. Now I touched wi-fi phishing, but that is not subject for this group.

With Windows 2000 I'd agree, because the filtering capabilities of the Windows 5.0 kernel are somewhat... strange.

This is not true. You would have a configuration using group policies for it.

Yours, VB.

Then why don't you create two separate connections, one for protected and one for unprotected wi-fi?

Yes on protected wi-fi, but what about switching between unprotected and protected wi-fi, in a case both have default (in that case probably same) IP. Well, but I agree IP is hardly to be the same as a company wi-fi AP IP but it is possibe. IP of wi-fi is usually Class B (65000 differnet IP). There is small probabilty that they match or that they are both default (probably same). But I agree it is a theory. It may work only in a case of average home users who change nothing on they wi-fi AP and they live near each other but then their own AP will be in resricted zone as well.

You have to know SSID, what hotel user is going to stay and what SSID they use you don't know. User is going to ask.

Yes, but with NAT they are still better solution than PFW.

Okay, now I understand. You are promoting a security concept based on luck. The only thing I like about that is Your honesty :-))

Pretty lousy odds.

Yes, but what else he can do. Let say that malware has disabled Windows firewall and he don't know how to fix. That is very common, something with share access I forgot details, well I'm Joe Average, sombeody posted link on how to fix that on this group some time ago, now he want PFW, what is he doing? gambling. That is how things are to most Joe Average. Reallity, read their posts on web based forums.

I ocasionally do. And what strikes me every time is that there are allways people queing up to help him "fix" that specific problem. What they should do, was tell him something like this:

Find someone who can help You:

1) Pull the plug.

2) Reinstall windows. In Your case as described it's probably filled with crap You can't properly clean anyway.

3) Harden it in the first place.

4) Connect to the net and get all nescessary patches.

5) Properly configure the machine to Your needs.

6) Hand You a list of do's and dont's and force You to read it every evening before You go to sleep :-)

It can all be done in less than a day, and at times when the machine can be left installing unattended Your buddy and You can have a beer and he can go through and explain the details of the do's and dont's list and You can have a great day together and You can live happily ever after (maybe).

... or something like that....

Group policies are what I'm talking about. AFAIK they allow two configuration sets: domain and !domain. At least that's how things were when I last looked into this, which was quite some time ago.

cu

59cobalt

You even can store policy files and activate them.

Yours, VB.

NAT is no security feature, and never was designed as one.

But I disagree with Sebastian here. My router is driving netfilter on a Linux 2.4 kernel, and it's a standard "SOHO" DSL-Router / Access Point device from Asus. I think, the filtering works.

Yours, VB.

When malware already is on the box, just forget the rest.

Yours, VB.

You and I completely agree on this point, and I've said it many times, even when others claim they can "Clean" a machine. There are just to many unknowns out there that if the system is at all important to the user, that they will wipe/reinstall it in a clean/safe environment.

The only time cleaning is an option is when you need to make copies of your documents, and then you copy them to CD/DVD and then still wipe/reinstall the system in a clean environment.

What about a separate connection for your known SSID and every other?

There is only one wireless connection (in Network connections) in which other connections are defining by SSID those are predefined networks. You can block laptop from connecting to non predefined networks, but that in this case can't be done since you don't know what SSID will be. Windows firewall settings are same for all connections predefined and non predefined, I don't think it can be separated. Correct me if I'm wrong. I'm not expert.

Just one of many free alternatives.