yes, what mr. mark said and
or
IOS hacks, malicious buffer over flows
installed port services
mailbombs
synfloods
DoS
The primary reason for firewalls is as mr. mark points out the monitoring of inbound and outbound ports for TCP or UDP traffic. An unconfigured machine essentially has all 65,000+ ports available, a well firewalled machine has specific rules allowing access, otherwise it's turned off. Visual Basic's tight integration with the Evil Empire's nervous system make some pretty amazing hacks work. A well documented PORT 80 (HTTP) exploit recently replaced a slew of undefended web pages. You cannot protect yourself from a well co-ordinated attack, such as might be launched by any of the tribes, but you can make it bothersome to bother you. Too many defenses, too much ICE, might attract unwanted attention in itself as well as curtailing your web experience. It would be information suicide to run an unprotected machine on a high speed connection, you would be scanned, probed, attacked and compromised or denied very quickly by a reasonable journeyman's efforts. |
