, 2004-05-13
Why "Secure By Default" is a step in the right direction.
Expand all |
Post comment
ISPs should all provide secure by default internet access.
2004-05-14
Anonymous (5 replies)
Anonymous (5 replies)
|
Secure by Default
, 2004-05-13 Why "Secure By Default" is a step in the right direction.
Expand all |
Post comment
ISPs should all provide secure by default internet access.
2004-05-14 Anonymous (5 replies) |
|
|
Privacy Statement |
big ISPs it would be much cheaper to have a central firewall at
the ISP rather than one at every user's site. (For egress filtering
I would of course additionally run a software firewall on my
computers with internet access.)
But the main objectives are to reduce the number of compromised
machines on the internet and make the remainder easier to identify.
It would achieve this because a good proportion of the compromised
machines are owned by individuals who are non-technical and don't
understand firewalls. So a simple ISP firewall for everyone would
make a big impact. Any user clever enough to switch off this firewall
at their ISP probably understands firewalls and would run their own.
Many of the people who suffered from the Sasser worm didn't understand
firewalls sufficiently to block the worm and would have been protected
by this ISP firewall. About 30 percent of spam originates from
compromised machines. Most DOS attacks are presumably launched from
them etc etc. Various spam, DOS and other attacks can't be tackled
effectively by some of us running personal firewalls.
There is a big opportunity here to save huge amounts of money and
reduce many forms of internet crime.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/241/26272#26272