[Full-Disclosure] A rather newbie question
Ethan Vaughn
evaughn at levithan.net
Mon May 3 18:22:36 BST 2004
This might be obvious, so i apologize in advance.
I just wanted to point out that this is probably the no.1 security fallacy
I hear among my endlusers.
"Schmidt, Michael R." <Michael.Schmidt at T-Mobile.com> wrote:
> Thanks,
>
> I use ISA server. This is my home network, so I probably have nothing
> that they would be interested in. I do have two static IP addresses and
> a DSL line.
Yes, there *is* something "they" are interested in: owning your box. Even
the wimpiest granny-owned win95 box is valuable to a blackhat. Once
"owned" your box becomes a "safe machine" from which a blackhat can launch
anonymous attacks. Any trace will come back to you.
I think of it this way, how would I like my personal machine's IP address
to show up in a DDoS attack log against FBI.org? That usually motivates me
to spend a little extra time on my personal net's securiy.
Full-Disclosure is hosted and sponsored by Secunia.