North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Microsoft to ship new versions with firewall enabled
At 10:00 AM 8/14/2003, Daniel Senie wrote: At 12:39 PM 8/14/2003, Matthew Watkins wrote:Define "local subnet."Apple have the right idea... I'd say all the vendors need to take a carefully balanced approach to security in the default configurations of their software. Leave services exposed to the network disabled by default, where possible. By all means, configure firewalls by default to block all non-established incoming connections to low port numbers, but for heaven's sake don't also block access to those ports from the local subnet as well. Hold on a second, and let me ask him. :-) This is just an example of how a policy like the one you suggest can be dangerous. He said "What's a subnet?" heh jc
|