|
PureBytes Links
Trading Reference Links
|
On Wed, 2004-07-07 at 11:11, Alex Matulich wrote:
> Having NO email software on your computer helps. I either telnet
> to a unix shell for mail (which is text based and immune to email
> virii and trojans), or access mail through a webmail interface. No
> mail is ever downloaded to my PC, just displayed. All mail resides
> on the mail server, not my computer. When displaying on the web, I
> have Proxomitron to prevent execution of nasty active content, web
> bugs, cookies, and the like.
Alex's comment reducing the avenues where malware could gain entry to
your machine is spot on. Its much easier IMO to avoid infection in the
first place than to detect it. Do both, preferably.
I use Mozilla web browser clients (never Internet Explorer) and unix
based mail / web mail. Those two actions alone reduce the avenues for
infection by a huge percentage (from my own activities - surfing,
email); the firewall keeps all active attackers on the outside, out.
Firewall: FreeBSD configured as a router/firewall - dual ethernet cards.
Don't confuse this set up as a "software" firewall - in most respects
the setup is not unlike a Cisco firewall/router - both run an operating
system (software) and both have more than one network port which
isolates external and internal network traffic.
The advantage of the do it yourself approach, beyond price, is that you
have complete control where the average cheap firewall is a black box
type affair. Might be sufficent (most are pretty good actually) but it
can be useful to have more control.
The machine and my network is virtually invisible to the outside world,
and I've got total flexibility to open up paths between applications on
the inside to destinations on the outside. All my Windows and Unix
workstation machines live on the inside of that firewall.
In past days I would use a simple router and achieve a similar level of
protection. I've never used a software firewall on workstations
themselves.
|