For laptop, what kind of attack would we be protecting ourselves from? I get the relevance of antivirus, VPN, and device encryption, but what about firewall?
Any vulnerabilities in any of your software that can talk to a network, ssh, browser, the operating system itsself could be exploited if your firewall is down
If you're using username and password and have ssh enabled, for example anyone on your network could attempt to log in to your machine
At that point why not just have the firewall set to deny everything just to be safe though? There's always the chance you missed something that's decided to listen on some random port and if you aren't using anything that listens on a network why have the firewall open anyway
If you have the ability to take a look at either SANS website, and see their articles,
or have your system show you all the automatic attacks hitting your machine,
then maybe you will understand…
Botnets are coded to hammer-away at all possible internet-addresses, trying to break-in & highjack more machines, to include in the established criminal-machine that the botnet is…
SANS said, a decade or 2 ago, that it took, on average, something like 6 or 4 minutes for a new MS-Windows machine to be owned by some attack from the internet.
I've had linux machines cracked/owned, and wiped 'em to get 'em clean.
Having no immune-system is BAD.
Linux botnets, apple operating-system botnets, they exist.
I don't think there is any operating-system that is connected to the internet that doesn't have attacks coded to crack it.
I just looked at SANS.org, and they have totally changed,
so they are now … more a moneymaking-machine wanting B2B biz?
For laptop, what kind of attack would we be protecting ourselves from? I get the relevance of antivirus, VPN, and device encryption, but what about firewall?
Any vulnerabilities in any of your software that can talk to a network, ssh, browser, the operating system itsself could be exploited if your firewall is down
If you're using username and password and have ssh enabled, for example anyone on your network could attempt to log in to your machine
For ssh, sure.
But a browser? No way.
My understanding is there can be a vulnerability in absolutely anything
Browsers are unlikely to but don't think it's impossible
A firewall protects open ports on your machine. A browser does not have any open ports.
Of course they have vulnerabilities, but a firewall won't protect you from them.
Let's just say the system does not have any outward facing service (no ssh, http, smb, nfs).
At that point why not just have the firewall set to deny everything just to be safe though? There's always the chance you missed something that's decided to listen on some random port and if you aren't using anything that listens on a network why have the firewall open anyway
If you have the ability to take a look at either SANS website, and see their articles, or have your system show you all the automatic attacks hitting your machine, then maybe you will understand…
Botnets are coded to hammer-away at all possible internet-addresses, trying to break-in & highjack more machines, to include in the established criminal-machine that the botnet is…
SANS said, a decade or 2 ago, that it took, on average, something like 6 or 4 minutes for a new MS-Windows machine to be owned by some attack from the internet.
I've had linux machines cracked/owned, and wiped 'em to get 'em clean.
Having no immune-system is BAD.
Linux botnets, apple operating-system botnets, they exist.
I don't think there is any operating-system that is connected to the internet that doesn't have attacks coded to crack it.
I just looked at SANS.org, and they have totally changed, so they are now … more a moneymaking-machine wanting B2B biz?
Here, though, are some cheat-sheets they made:
https://www.sans.org/posters/?msc=main-nav
They used to tell us the top-20 most effective protections for particular threats, identifying how prevalent the threats were, etc…
No idea who does that nowadays…