Just to chime in. this is much ado about next to nothing.

First about hacking

Firewalls, by default, will stop all non-specified inbound traffic on all but the commonly used ports (port 80 (web), port 25 (mail) as 2 examples), but don’t stop any outbound traffic unless programmed to do so.

As long as there are any open ports between your computer and the internet, if someone wants to do it, they can access at least parts of the OS, or make the OS contact them....

About spam filters. Most spam filters have an a so-called auto white list feature. This feature says that if you send mail to someone, they are for ever permitted to send you something – the spam filter will not stop them... If something were to send mail to a non existent corporate network, address and use a fake return address (this is called NDR spam) the mail will bounce back to the return address, and add the non existent address to the spam filter’s white list. This, BTW, is the real threat of the mydoom.x virus as it opens the door for future attacks because it exploites the auto-white list.....

About email based Trojans, worms, etc. If you have software that does it, you can scan for and remove all incoming files with specified suffixes (such as .bat, .exe, .vbs, .dll, and so on). This will remove any executable program from entering your computer. In addition, most desktop anti-virus software will scan as far inside of .zip files as you specify. The default is 3 layers (as in a file within a zip file within a zip file), and you can dial it up as high as you want. But remember, this only works for mail based intursions.

About built-in access points. We all know about live-update, windows update, mcafee update and so forth. These all work because there are built-in mechanisms that are designed to receive data from outside sources and process them. The real risk of the source code is in the event the code shows information about these or other access points. Folks will then more easily exploit these at some point.

Lastly about source code. Folks have been doing what is called disassembly of source code for as long as there is source code. It is common throughout the industry. There is nothing about the source code that was published on the web that would change a thing. With the tools on your computer you can disassemble any module of any program on your computer.

The moral of the story: Buy a name-brand anti-virus program, spare hard drive or 2, and keep a backup of everything you care about on the spare drive. It is a good idea idea to have 2 or more backups. For corporate networks, I insure there are at least 3+ copies of everything the company cares about.

There are some really good and inexpensive external hard drives available. Lacie Maxtor and others make them.....

__________________
...Tracy

'00 ML320 "Casper"
'92 400E "Stella"