March 5th, 2005 11:10 AM
Defaults are Dangerous
Just want to make a note about firewalls (and any other software - especially networking *ware)
Many people, especially newbs (but not only newbs), when they first install a FW or network *ware. will stay with the default adjustments.
This is not a good thing nor a smart thing, and it decreases the amount of security that you are trying to attain by installing them in the first place. Any would be attacker with a meager amount of search engine acumen or social engineering skills can acquire the default settings for this software.
You would be amazed at how many low level network admins have kept the default settings on old software that include default admin accounts and passwords. Find out about these accounts and delete them!!!!
As for the FWs - a manufacturers attention is most likely focused on flash visual effects and 'eye candy' rather than on the invisible security and stability characteristics of the underlying platform.
and their best interests and yours may not always coincide.
On network software having additional userid's laying around only aids in the vulnerability of your system not the security.
There are a few good tuts on configuring firewalls on this site, so I won't get into it here - just search for them .......
I use Kerio personal FW and though the adjustments I had to make for tighter security were few - I was still amazed that there were as many as there were.
In short - DEFAULTS ARE DANGEROUS!!! Research them and remedy them .......
"In most gardens they make the beds too soft - so that the flowers are always asleep" - Tiger Lily