Securing home computers (Was: Re: [Dshield] Re:[Full-Disclosure]Port Blocking)
security at admin.fulgan.com
Sun Jun 29 09:38:53 GMT 2003
MT> Easy now. Im just trying to offer fair alternatives to blocking ports at the
MT> isp. No reason to gore me. It doesn't take a rocket scientist to nat a home
And a good one too. Ideally, every home users would be provided with a
Firewall appliance that does NAT and reverse proxy for POP, SMTP and
HTTP (so they can run a mail and web server safely behind, even if
it's imperfectly patched).
But that would STILL hinder the so-called "power users" who will want
to run other services and do their own filtering. And it would be a
rather expensive solution too.
No, I don't think there is a realistic solution but port blocking in
conjunction to different kind of contracts (one for "home users", one
for "power users" without the block).
More information about the list