On 12/2/2020 11:22 PM, Joe Touch wrote:
On Dec 2, 2020, at 10:47 PM, Christian Huitema <huitema@xxxxxxxxxxx> wrote:
Mark, you had me until "home network". Because most home networks are in fact *not* more secure than the open Internet
Not that I like NATs, but they do afford protection beyond being on the open Internet simply by lacking incoming port mapping.
That's the firewall illusion. It is shattered if someone inside the wall
falls for a phishing attack, or clicks on the wrong attachment, or
downloads the wrong program. At which point all these unsafe programs
that are used "only behind the firewall" become nice avenues for quickly
spreading the attack much farther than the initial failure. See numerous
examples of ransomware attacks against small businesses, schools, etc.
-- Christian Huitema
