[Dshield] Recommendations for free firewall and free anti-virus software

Mark Fugate markfugate4 at comcast.net
Wed Apr 14 12:28:15 GMT 2004


At the risk of being accused of being a heretic, I would not reccomend 
pointing any Microsoft product directly towards the internet.  Additionally, 
I would advise against using Microsoft's web-browser, any version of Outlook, 
and MS SQL*Server.  I watch network attacks like other people watch TV sports 
and I can conservatively state that 75% of the attack data I collect with 
sniffers and keep in a database originate from those products.  My logs last 
week showed that 45% of the data I have collected is from compromised MS 
SQL*Server installations.  Although small in number, I still collect "Witty 
Worm" attacks which indicates that there must still be a number of unpatched 
ISS and BlackIce implementations still in use.

I provide for for anyone that requests it, firewall software using 
iptables/netfilter software which can be installed on "Throw Away" PC's or 
even servers which has appeared to be effective at blocking outside 
intrusions.  Concerning virus prevention, I would highly reccomend using a 
different email client and web-browser.



More information about the list mailing list