I know next to nothing about networking security, but doesn’t the Windows firewall basically block unsolicited incoming traffic? So I guess the way a modern OS without a firewall could get infected through some malicious traffic against some open port. But wouldn’t there still have to be a serious security vulnerability with something that listens on some port for it to get infected with something? And, assuming the local network is clean, wouldn’t you also need to open / forward ports on your router so that they’re actually accessible at all from the Internet?
in this example, its like disabling the firewall and plugging directly into the modem with no router. in that case, there’s no local network and no router firewall in place. wrt ports needing exploits, that’s correct. the thing about that is that there are definitely exploits being used in the wild that we dont know about. Microsoft’s May security update fixed 3 critical vulnerabilities that were being actively exploited. sophisticated attackers use exploit chains, where one vulnerability gets a foothold then others are deployed in a way that circumvents most common security measures inside the affected OS to gain admin rights. so in short, the scenario you describe is not as implausible as you think it might be.
I know next to nothing about networking security, but doesn’t the Windows firewall basically block unsolicited incoming traffic? So I guess the way a modern OS without a firewall could get infected through some malicious traffic against some open port. But wouldn’t there still have to be a serious security vulnerability with something that listens on some port for it to get infected with something? And, assuming the local network is clean, wouldn’t you also need to open / forward ports on your router so that they’re actually accessible at all from the Internet?
in this example, its like disabling the firewall and plugging directly into the modem with no router. in that case, there’s no local network and no router firewall in place. wrt ports needing exploits, that’s correct. the thing about that is that there are definitely exploits being used in the wild that we dont know about. Microsoft’s May security update fixed 3 critical vulnerabilities that were being actively exploited. sophisticated attackers use exploit chains, where one vulnerability gets a foothold then others are deployed in a way that circumvents most common security measures inside the affected OS to gain admin rights. so in short, the scenario you describe is not as implausible as you think it might be.