One wonders if there might be some underlying reason for Sebastian G.
(and others, most, surprisingly, with .de domains) to promote that
users leave their computers open to most access while on the net.

Perhaps it's that this would make their "job" much easier. But, that
is just speculation.

On the other hand, maybe they are just militant linux advocates and
have already taught their grandmothers the intricasies of Linux
security administration and just don't understand why your grandmother
can't learn too -- or just get off the net.

Posted by Gerald Vogt on January 15, 2008, 8:50 pm

If you were Registered and logged in, you could reply and use other advanced thread options

> One wonders if there might be some underlying reason for Sebastian G.

> (and others, most, surprisingly, with .de domains) to promote that

> users leave their computers open to most access while on the net.

He does not say so. He never said you should leave computers open to
access. But there is little benefit relying on additional hardware or
software to achieve something which you could achieve simply by
closing whatever would be open.

A software firewall adds a lot of complexity, code lines (containing
bugs), configuration issues (which user is really able to configure a
software firewall correctly) to a computer.

A NAT router adds additional in regard to complexity and does not add
reliable security due to various shortcomings in NAT which are
inevitable.

And all that to cover up some open ports which you could simply close
by turning off unnecessary services? Stopping unnecessary services
reduces complexity. The computer runs less code. Thus there are less
bugs. And without software firewall the computers runs definitively
much faster. And you can run the computer very well directly connected
to the internet. Without open ports there is nothing someone from the
internet could connect to. And you don't have to filter ICMP pings and
other messages to achieve 'pseudo stealth'.

But, well, most people seem to prefer to put fat stupid security
guards in front of their unlocked doors instead of simply locking the
door. It seems to be easier to buy a guard then to learn how to lock
the door which must be terribly complicated to learn and people don't
want to learn about security that's why they rely on the stupid guard
which is fooled so quickly.

Gerald

Posted by Leythos on January 16, 2008, 7:29 am

If you were Registered and logged in, you could reply and use other advanced thread options

In article <b2697bfe-aad8-4121-b8c7-b1483c284102
@v4g2000hsf.googlegroups.com>, vogt@spamcop.net says...

> He never said you should leave computers open to

> access. But there is little benefit relying on additional hardware or

> software to achieve something which you could achieve simply by

> closing whatever would be open.

And yet we know, at least any of us that have been around for any real
length of time, that users are not going to close those ports, services,
secure their machines - they treat their computers like can-openers,
they just blindly use them as they shipped.

A NAT Router (1:MANY) provides a level of protection that all unsecured
machines can benefit from and requires no understanding or changing of
the OS - and it works with ALL OS platforms.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Posted by Burkhard Ott on January 16, 2008, 3:14 am

If you were Registered and logged in, you could reply and use other advanced thread options

Am Tue, 15 Jan 2008 17:29:51 -0800 schrieb Jaap Hilversum:

> One wonders if there might be some underlying reason for Sebastian G.

> (and others, most, surprisingly, with .de domains) to promote that

> users leave their computers open to most access while on the net.

> Perhaps it's that this would make their "job" much easier. But, that

> is just speculation.

No, the statement is: "You are not safer with a flashbox in your
background" or better with the words of Bruce Schneier "Security is a
process not a product".
It has nothing to do with linux, unix or windows is safer, even with a
self made solution you are not totally safe but there is nobody who tells
you that. Companies which sell the fancy flashboxes tell that crap and the
most peoples believe them by clicking the anti hacker option in his router
at the same time with this click the brain is out of order because the
already clicked in the anti hacker button.
I guess you know what I mean.

cheers

Posted by Sebastian G. on January 16, 2008, 7:37 am

If you were Registered and logged in, you could reply and use other advanced thread options

Jaap Hilversum wrote:

> One wonders if there might be some underlying reason for Sebastian G.

> (and others, most, surprisingly, with .de domains) to promote that

> users leave their computers open to most access while on the net.

Nonsense. I promote implementing actual security measures instead of
half-assly trying to threat symptomes.

> On the other hand, maybe they are just militant linux advocates and

> have already taught their grandmothers the intricasies of Linux

> security administration

Personally, I would never use Linux, except Linux-from-the-scratch on
embedded systems.

Similar Threads	Posted
why wireless router cheaper than plain router?	June 15, 2005, 11:40 am
Connecting to VPN Router That's Behind Another Router	January 29, 2008, 8:06 pm
Router/Firewall/VPN Appliance vs. Router and firewall appliances	May 4, 2006, 5:28 pm
router contains a built-in switch versus router without a built-in switch	September 14, 2005, 10:22 pm
56k router with nat	May 4, 2005, 10:46 pm
router	May 13, 2005, 1:05 pm
Do I need a new router?	August 13, 2005, 11:09 pm
do i need a new router	September 19, 2005, 7:58 pm
Help with router	December 30, 2005, 9:06 am
NAT Router	March 27, 2007, 11:53 am

The site map in XML format XML site map