Why your firewall will kill you
-
I found this to be interesting. It is a short read.
https://isc.sans.edu/diary/Why+Your+Firewall+Will+Kill+You/30714/?is=55349e6df1ae7d0eb1f5f3ef0a11b2b29cccb62b3a13d647441b48fa18c8f5d6
-
Never open your admin interface on the WAN to any source address. Anyone doing that should expect to see continuous exploit attempts IMO.
Steve
-
@stephenw10 said in Why your firewall will kill you:
Never open your admin interface on the WAN to any source address. Anyone doing that should expect to see continuous exploit attempts IMO.
Steve
Funny, to me it would be common sense covered by the "don't expose anything to the internet that you don't want exploited".
-
@mer said in Why your firewall will kill you:
to me it would be common sense
The thing with sense, is its not as common as you would think ;)
-
The part that I found interesting is the active scanning and the low amount of time to be discovered. It makes sense the bad guys are scanning, it just did not occur to me the time to discovery.
-
To be honest I was surprised it took a month!
-
UAC was supposed to protect against that. But people kept complaining about annoying prompts so Windows made the default security level for never OSes "medium" which doesn't ask about built-in programs running with Admin priviledges,
Instead they now use safe screen stuff that looks a program trying to run on up on the internet to determine if it should display an additional prompt.
Basically just turn UAC to high first thing on a new PC and never have an issue like the one displayed.