X-Virus-Scanned: clean according to Sophos on Logan.com
Return-Path: <echristley@nc.rr.com>
Received: from rtp-iport-2.cisco.com ([64.102.122.149] verified)
  by logan.com (CommuniGate Pro SMTP 4.3.5)
  with ESMTP id 1026981 for flyrotary@lancaironline.net; Thu, 30 Jun 2005 09:05:38 -0400
Received-SPF: softfail
 receiver=logan.com; client-ip=64.102.122.149; envelope-from=echristley@nc.rr.com
Received: from rtp-core-2.cisco.com (64.102.124.13)
  by rtp-iport-2.cisco.com with ESMTP; 30 Jun 2005 09:04:50 -0400
X-IronPort-AV: i="3.93,245,1115006400"; 
   d="scan'208"; a="60465716:sNHT5873066140"
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12])
	by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j5UD4pZs009798
	for <flyrotary@lancaironline.net>; Thu, 30 Jun 2005 09:04:51 -0400 (EDT)
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211);
	 Thu, 30 Jun 2005 09:04:51 -0400
Received: from [64.102.45.251] ([64.102.45.251]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211);
	 Thu, 30 Jun 2005 09:04:50 -0400
Message-ID: <42C3EDF1.7020501@nc.rr.com>
Date: Thu, 30 Jun 2005 09:04:49 -0400
From: Ernest Christley <echristley@nc.rr.com>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Rotary motors in aircraft <flyrotary@lancaironline.net>
Subject: Re: [FlyRotary] Re: Off topic-DSL hook up
References: <list-1026638@logan.com>
In-Reply-To: <list-1026638@logan.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 30 Jun 2005 13:04:50.0773 (UTC) FILETIME=[4CC73850:01C57D74]

Jerry Hey wrote:

> Dale, is the firewall recommended even if I seldom leave the computer 
> on if I am not working with it?  If the browser and e-mail 
> applications are not booted, can the computer still be penetrated?    
> Jerry
>
>

Jerry, the typical time between connecting to the net and getting hack 
attempts is in the range of minutes.  A newly installed and unpatched 
Windows box will typical be owned in less than 5.  Most of the attacks 
are trying to set your machine up as a 'zombie' that the hacker can 
control remotely to attack other computers.

A central tenent of security is to take away all rights to access that 
are not explicitly needed.  A hardware firewall implements this rule 
nicely, in that the exposed system doesn't even have the ability to do 
most things a general personal computer can do.  You can't break 
something that isn't there.  The software firewall, while better than 
nothing, makes things a lot 'muckier'.  The hackers can break into an 
unrelated piece of code to get where they want you to be (bent over).

Personally, I think it a crime that the network providers don't include 
a simple firewall, caching DNS, and NAT DHCP server in the modems they 
provide.  It'd cost them less than $10 to include it in the same box, 
and I'd gladly pay an extra $40 upfront to not have the multple wire and 
wall-warts all over the place.  But I guess that would cut into their 
'in-home networking' business.

-- 
         ,|"|"|,                                    |
----===<{{(oQo)}}>===----        Dyke Delta         |
        o|  d  |o          www.ernest.isa-geek.org  |