The stateful packet inspection religous debate

[Bill Clark]

You hit it on the head.  It all comes down to probabilities.  It is unlikely
that someone is going to break in to your system for financial gain.  The
most likely attack is to deny service simply because they can or to control
you machine(s) to launch DOS attacks on somebody else.  So if you at least
have firewall blocking the commonly exploited ports and any that you don't
need open, that's the best you can do other than spending some serious money
on other layers of security.  Remember electricy follows the path of least
resistance.  The same can be said of the majority of attackers.  The very
least you do is to run NAT.  But I would serious recommend going beyond NAT
as IP spoofing isn't as difficult as it once was.

Bill

-----Original Message-----
From: Apollo [mailto:apollo7771 at home.com]
Sent: Thursday, November 08, 2001 12:50 PM
To: KCLUG List
Subject: RE: The stateful packet inspection religous debate

So would it be safe to say that most hackers are opportunistic and are
likely to avoid firewall protected systems?  I've seen many systems that are
on cable or DSL that have no firewall protection and have C: shared without
a password.  This it frighteningly common from what I've found thanks to
dangerous morons or stupid OEM's.  So with thousands of easy Win 9x PC's out
on the internet begging to be fooled with, would it be reasonable to assume
that any form of firewall greatly reduces your chances of being hacked?  I
know that that can be taken too far but when there is no way of anticipating
when your going to be hacked it all comes down to probabilities...right?

btw, thanks for the info Bill.