Results 1 to 7 of 7
  1. #1
    Untanglit
    Join Date
    May 2016
    Posts
    26

    Default Hackers Say Firewalls and AntiVirus Are Irrelevant

    So I'm wondering if anybody has any idea to prevent these types of attacks that just exploit ports 80 and 443. Would remapping those ports to something else help? Like routing port 80 to a random port for example (Since I believe that's possible to do with untangle, correct?)?

    https://www.lifehacker.com.au/2017/0...re-irrelevant/

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,542

    Default

    This is why you have content control. Yes, most attacks happen on TCP 80 and 443... why? Because people are stupid enough to click on the link in that scam email they got. You want to keep your junk safe? Use Web Filter, stop people from getting to the destination behind infected links and you're gold. But, that still isn't really disproving the point, firewalls are only of limited value these days, UTMs however aren't firewalls, they have a firewall in them, but they aren't just firewalls.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    they're talking about the original definition of firewall (blocking based on ports and such).

    This article is 15 years late. Blocking based on ports hasn't been useful since the days of ICQ. Thats why the firewalls moved to layer-7 and "next-gen" and "UTM" thing came to be.

    I have no idea what antivirus has to do with getting hacked. Its like they just took a bunch of security words and made an article.
    Last edited by dmorris; 08-22-2017 at 10:26 PM.
    f1assistance and proactivens like this.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Master Untangler abailey's Avatar
    Join Date
    Mar 2016
    Posts
    102

    Default

    I would not say firewalls are irrelevant. Even traditional firewalls that aren't UTM. The reason hackers attack port 80 and 443 is because the firewall has made it difficult to use other vectors of attack. Thus the firewall is doing something. Now to address the attacks over port 80 and 443, a layered approach is helpful, like a Layer-7 firewall and user training/education.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,542

    Default

    ABailey, most of that is actually accomplished via NAT. The simple fact that by default there are no publicly exposed open ports, because your NAT engine hasn't a clue what to do with it. The firewall on any product doesn't even get used.
    Last edited by sky-knight; 08-23-2017 at 08:08 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Master Untangler abailey's Avatar
    Join Date
    Mar 2016
    Posts
    102

    Default

    Quote Originally Posted by sky-knight View Post
    ABailey, most of that is actually accomplished via NAT. The simple fact that by default there are no publicly exposed open ports, because your NAT engine hasn't a clue what to do with it. The firewall on any product doesn't even get used.
    Yes I was mainly talking about NAT as that is really the only protection many standard "firewalls" have (especially consumer).

  7. #7
    Untangle Ninja proactivens's Avatar
    Join Date
    Sep 2008
    Location
    Greensburg, Pa
    Posts
    2,362

    Default

    A firewall is just a tool as part of your overall security strategy. He is right in a way though, most zero day malware has encrypted payloads that av cant scan. Firewalls are largely useless as they don't stop most malware attacks. CC is great, but its largely useless against zero days. This doesn't mean firewalls are irrelevent though. They just arent effective against zero days.
    www.nexgenappliances.com
    Toll Free: 866-794-8879
    UNTANGLE STAR PARTNER
    Follow us at spiceworks!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2