Re: Potetial Outpost Conflicts?

James,

Well-stated response...

> Forgive me, but I'm not too sure why you want to run
same
> machine for than matter. I think that there may be
too
> much of a focus on the technology/paranoia and less
on
> the cost/time of administration, doubling the number

> of possible application vulnerabilities and causing

I agree, whole-heartedly. There should be no need to run 2 of anything, really. Particularly on Win98. Worried about someone gaining access to your system? Think about how intrusions occur...a service, something listening for connections, has to be compromised...a vulnerability in the service is exploited. By default, Win98 has...how many services running? One, as far as I remember, and if you simply disable File and Print Sharing, you're pretty much done. In essence, there's nothing left to exploit. Take it a step further and unbind NetBEUI from the interface. That way, only TCP/IP is bound to it. Keeping the system patched will protect against many DoS issues.

Two f/w's means you have to keep up on vulnerabilities to two disparate applications. That means not only watching BugTraq and VulnDev, but also the vendor sites. This is in addition to watching for updates and patches to the os.

Colin mentioned security in depth...but there's much, much more to that than simply loading two f/w and two A/V apps on your system. And I find it odd that Colin would even mention security in depth, given the os he's using...given that there is no native logging facility to Win98, nor can ACLs natively be set on the file system.

Given that this is a home system, the processing issue really becomes a matter of preference, I would think.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

> Having double the precautions does not give you
double
> the protection.

This is true. Say, for the sake of argument, on A/V product detects 98% of known viruses, and the other detects 99%. That doesn't necessarily push you up to 99.99999% coverage, as there are bound to be a great deal of duplicates.

What does work? Take a look at the email application you're using, as well as your habits. Do you simply click on anything and everything you receive as an attachment, regardless of who sends it to you?