this post was submitted on 16 May 2024
22 points (89.3% liked)

Tech

464 readers
1 users here now

A community for high quality news and discussion around technological advancements and changes

Things that fit:

Things that don't fit

Community Wiki

founded 9 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 6 points 6 months ago (1 children)

I know next to nothing about networking security, but doesn't the Windows firewall basically block unsolicited incoming traffic? So I guess the way a modern OS without a firewall could get infected through some malicious traffic against some open port. But wouldn't there still have to be a serious security vulnerability with something that listens on some port for it to get infected with something? And, assuming the local network is clean, wouldn't you also need to open / forward ports on your router so that they're actually accessible at all from the Internet?

[โ€“] [email protected] 4 points 6 months ago

in this example, its like disabling the firewall and plugging directly into the modem with no router. in that case, there's no local network and no router firewall in place. wrt ports needing exploits, that's correct. the thing about that is that there are definitely exploits being used in the wild that we dont know about. Microsoft's May security update fixed 3 critical vulnerabilities that were being actively exploited. sophisticated attackers use exploit chains, where one vulnerability gets a foothold then others are deployed in a way that circumvents most common security measures inside the affected OS to gain admin rights. so in short, the scenario you describe is not as implausible as you think it might be.