http://emergentchaos.com/archives/2007/04/security-through-stupidity.html The Emergent Chaos Jazz Combo Wed, 01 Feb 2012 19:20:40 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://emergentchaos.com/archives/2007/04/security-through-stupidity.html/comment-page-1#comment-3558 Teltariat Sat, 28 Apr 2007 20:44:21 +0000 http://emergentchaos.com/?p=2339#comment-3558 > Most fresh Windows installs can be compromised in less time than it takes you to download the patches. I've observed less than half an hour from connection to infection for an unpatched Windows 2000 system on dialup. Less than half an hour? This is no longer the case. Today, your freshly set up Windows machine can be compromised in 5 minutes flat. > Most fresh Windows installs can be compromised in less time than it takes you to download the patches. I’ve observed less than half an hour from connection to infection for an unpatched Windows 2000 system on dialup.
Less than half an hour? This is no longer the case.
Today, your freshly set up Windows machine can be compromised in 5 minutes flat.

]]> http://emergentchaos.com/archives/2007/04/security-through-stupidity.html/comment-page-1#comment-3557 Orv Fri, 27 Apr 2007 20:09:57 +0000 http://emergentchaos.com/?p=2339#comment-3557 I know what you mean about a firewall often just mimicking the list of ports that don't have services on them. I find, though, that a firewall can be especially helpful when dealing with devices that have totally brain-dead security -- like your music box, or most networked printers. There's usually no reason for these devices to communicate with the Internet. I'll often set up a firewall with just a blocklist of IPs that never, ever, ever should talk to anyone, and list all the network printers and other embedded devices. The other machines get free reign. A firewall is also vital when setting up Windows. Most fresh Windows installs can be compromised in less time than it takes you to download the patches. I've observed less than half an hour from connection to infection for an unpatched Windows 2000 system on dialup. I know what you mean about a firewall often just mimicking the list of ports that don’t have services on them. I find, though, that a firewall can be especially helpful when dealing with devices that have totally brain-dead security — like your music box, or most networked printers. There’s usually no reason for these devices to communicate with the Internet. I’ll often set up a firewall with just a blocklist of IPs that never, ever, ever should talk to anyone, and list all the network printers and other embedded devices. The other machines get free reign.
A firewall is also vital when setting up Windows. Most fresh Windows installs can be compromised in less time than it takes you to download the patches. I’ve observed less than half an hour from connection to infection for an unpatched Windows 2000 system on dialup.

]]> http://emergentchaos.com/archives/2007/04/security-through-stupidity.html/comment-page-1#comment-3556 Mordaxus Fri, 27 Apr 2007 16:33:47 +0000 http://emergentchaos.com/?p=2339#comment-3556 I have intentionally not said who they are, because they may have fixed things in the last couple of years, and I don't want to get into a pissing contest. I genuinely do not care. If you buy something, the easy thing to do it to nmap the box and telnet to it during the time you can return it. I hope that somewhere the development groups of music player companies are downloading Nessus. What I'm using now is an Airport Express from Apple. I have one that is just a piece of stereo equipment, plugged into the aux port of the receiver. I have intentionally not said who they are, because they may have fixed things in the last couple of years, and I don’t want to get into a pissing contest. I genuinely do not care. If you buy something, the easy thing to do it to nmap the box and telnet to it during the time you can return it.
I hope that somewhere the development groups of music player companies are downloading Nessus.
What I’m using now is an Airport Express from Apple. I have one that is just a piece of stereo equipment, plugged into the aux port of the receiver.

]]> http://emergentchaos.com/archives/2007/04/security-through-stupidity.html/comment-page-1#comment-3555 John Fri, 27 Apr 2007 14:40:38 +0000 http://emergentchaos.com/?p=2339#comment-3555 Just wondering if you want to share the brands/models of the boxes, especially the one that you are using now? Just wondering if you want to share the brands/models of the boxes, especially the one that you are using now?

]]>