BBC-TV Computer Security Video For Non-Techies

I have.

This is possible - code injection for example. But now firewalls have Host based IDS to detect this.

Not really :-)

Yes, Sasser is an Automatic network worm.

I don't know. I didn't make the movie. They were promoting personal firewall usage and this is not a bad thing. Yes, there are other methods of protection against the Sasser worm in question.

Don't know. But we know it was pre MS04-011.

I don't know. At a guess they were concentrating on getting the point accross about personal firewalls. They didn't mention a lot of relevant information.

By default the default user has administrative privilages. This is also the case in most homes.

Believe it or not there are a vast majority of the computer using population who still dont even have these.

Depends on the Antivirus solution.

You don't and this is the point you are missing.

In a SMB it can be done *EASILY*. At the enterprise level it can be centrally managed. Employees still need to be aware of the basics.

Regards, Ian Kenefick

Not necessary, _but_: jf these network services are not offered (aka: not running), how can they be exploited?

Spammers and Worms don't make the effort to scan the full body of a message, a simple scan of the header is sufficiant (and less traffic-intense). The interesting emailadresses are written in FROM and REPLY-TO. And most scripts even ignore REPLY-TO, which is the interesting one for private responding...

But a decent newsreader should always crop these introduction-novels down to a "xyz wrote:", OE is a baddy in this part (TOFU is another inherent prob of this prog...)

Andreas

Ah. The new and improved version.

It is bad if the movie makes it look like the only way to keep Sasser off XP is to install personal firewall software.

Er yes. I think they got that point across.

It's also the reason why much malware has an easy time.

You mean like me for example. Actually I do have an unnecessary installation of AVG on this PC. I tell enough people to use it so it would be wrong not to use it myself.

But you don't wish to elaborate?

Ah. I knew there'd be one.

But you don't wish to elaborate on how it might be done or how the staff might be trained in how to configure and manage their personal firewalls? I can certainly see it happening. We read enough about how much money was wasted on IT projects in the news.

At the enterprise level it's likely that someone who knows what they're doing will be available to manage things properly. Employees won't need to know anything about firewalls unless their job is technical in nature and requires it. The occasional manager will watch that movie and then insist that all PCs in the enterprise have personal firewall software installed, but they will be quickly educated by more clueful people.

Jason

Why?

I don't need it -> i deactivate it -> no exploit possible. i need a network service in my LAN -> i check for updates regularly and establish a perimeter filter (router w/ packet filter) or bind the service to a LAN-only NIC. (or even localhost. there are some anti-virus/personal firewall solutions out there, which are using a tcp connection to talk with themself - and broadcast it through the LAN, not using good ol' secure localhost.)

Why should a dial-up device need bindings of SMB et al? (ok, besides "i want to offer my harddrive to the internet...")

Andreas