Internet Security
#1
06-10-02, 06:23 PM
Internet Security
Tom_Bartco posted an interesting message concerning a Symantec product and ZoneLabs excellent firewall product. I am not trying to stomp on his post here at all (he makes GREAT points!), but to add to it by addressing internet security in general.
Tom is correct when he says firewalling is a MUST! So many people (especially 'Broadband' or 'Always On') connection users don't address this issue at all.
In brief, if you don't have a firewall product running on your PC, you might as well lay your wallet (or purse) on the sidewalk in front of your house. Or leave the keys in your front door. Every piece of info on your PC is (potentially) out there for someone who knows how to hack a Windows (tm) based pc. Or Linux, or Mac, whatever. And that is a LOT of people.
A firewall stops unauthorized connections to your computer via your internet connection. If you think about it, you connect to another computer (a web server) every time you surf. If you can connect to another pc, another pc can connect to you. A firewall controls all of that. Setting 'security zones' in Internet Explorer is not an answer.
Once you stop people connecting to you without your knowledge, you need to STOP YOURSELF FROM CONNECTING to unknown computers on the internet. Have you ever heard the terms "SpyWare", "AdWare" or "Trojan Horse"? Every time you hit the web, your computer may be one step ahead and connecting to someone (usually an advertising company) you aren't aware of, because it is done without your knowledge.
In part, a good Antivirus can resolve this by making sure a computer virus doesn't connect to somebody you don't know (it works in conjunction WITH, not indepent OF, your firewall software). Also, programs like "AdAware" find 3rd party programs that are not viruses, but still broadcast info, and give you the option of uninstalling them.
Security issues include things like running Windows (tm) update as often as needed to running a firewall application and making sure that your antivirus program is UPDATED, and not just installed from a year ago.
To see what vulnerabilities you may by facing, try going to Gibson Research Corporation and running the tests on your PC there. First run "Test My Shields", and then "Probe My Ports". If any of the information is NOT to your liking, then you have some ideas from this post.
For a firewall, try Zone Alarm . They make an excellent product that is FREE to home users. Try McAfee for an antivirus program. There are others, and a Google Search on antivirus software should help.
Finally, try looking for AdAware to get rid of 3rd party web browser monitoring programs you may have picked up.
Internet security is such a broad topic that it could have it's own forum (and then some!) on this message board. But it is YOUR responsibility as a user (regardless of your own perceived knowledge or capabilities) to take these steps.
This post is not all inclusive BY ANY MEANS!!! I didn't EVEN hit topics like file sharing programs (such as Bear Share, Limewire, AudioGalaxy, etc). This is instead intended to get people talking about the issue.
ANYONE that has ANYTHING to say that is constructive, please add it. I am not picking any one product over another, or endorsing one over the other. Each has merits and drawbacks. In the end, getting everyone to look and research is the best.
Let's crank this topic up!
Tom is correct when he says firewalling is a MUST! So many people (especially 'Broadband' or 'Always On') connection users don't address this issue at all.
In brief, if you don't have a firewall product running on your PC, you might as well lay your wallet (or purse) on the sidewalk in front of your house. Or leave the keys in your front door. Every piece of info on your PC is (potentially) out there for someone who knows how to hack a Windows (tm) based pc. Or Linux, or Mac, whatever. And that is a LOT of people.
A firewall stops unauthorized connections to your computer via your internet connection. If you think about it, you connect to another computer (a web server) every time you surf. If you can connect to another pc, another pc can connect to you. A firewall controls all of that. Setting 'security zones' in Internet Explorer is not an answer.
Once you stop people connecting to you without your knowledge, you need to STOP YOURSELF FROM CONNECTING to unknown computers on the internet. Have you ever heard the terms "SpyWare", "AdWare" or "Trojan Horse"? Every time you hit the web, your computer may be one step ahead and connecting to someone (usually an advertising company) you aren't aware of, because it is done without your knowledge.
In part, a good Antivirus can resolve this by making sure a computer virus doesn't connect to somebody you don't know (it works in conjunction WITH, not indepent OF, your firewall software). Also, programs like "AdAware" find 3rd party programs that are not viruses, but still broadcast info, and give you the option of uninstalling them.
Security issues include things like running Windows (tm) update as often as needed to running a firewall application and making sure that your antivirus program is UPDATED, and not just installed from a year ago.
To see what vulnerabilities you may by facing, try going to Gibson Research Corporation and running the tests on your PC there. First run "Test My Shields", and then "Probe My Ports". If any of the information is NOT to your liking, then you have some ideas from this post.
For a firewall, try Zone Alarm . They make an excellent product that is FREE to home users. Try McAfee for an antivirus program. There are others, and a Google Search on antivirus software should help.
Finally, try looking for AdAware to get rid of 3rd party web browser monitoring programs you may have picked up.
Internet security is such a broad topic that it could have it's own forum (and then some!) on this message board. But it is YOUR responsibility as a user (regardless of your own perceived knowledge or capabilities) to take these steps.
This post is not all inclusive BY ANY MEANS!!! I didn't EVEN hit topics like file sharing programs (such as Bear Share, Limewire, AudioGalaxy, etc). This is instead intended to get people talking about the issue.
ANYONE that has ANYTHING to say that is constructive, please add it. I am not picking any one product over another, or endorsing one over the other. Each has merits and drawbacks. In the end, getting everyone to look and research is the best.
Let's crank this topic up!
#2
06-11-02, 11:04 AM
Another long winded dissertation...
Actually the only people that should be worried about this are people on dialup connections. Most broadband connections are secure because of the way they are switched. And to be honest the only person that is going to get into your computer is maybe Joe hacker looking for a laugh on a boring Friday night while his blow up date has a patch drying. Real hackers (and I happen to know a couple that are VERY serious hackers and my info comes from flat out asking them what, why, where.) are not the least bit concerned with Jane consumer’s computer. They want AT&T, banks etc. Not saying that house hold computers don’t have a risk but it is minimal.
[Explained to me this way] "Think about it… There are millions of computer users in the world and for that hacker to seek out some little home based dialup connection is practically nil." I am not saying it doesn’t happen! But I know if I am going to hack someone I sure as heck don’t want to try to upload or download something to your computer at 1 to 4 kbs! I want to get in and out as fast as I can. A dialup connection will take a minimum of 5 minutes plus to download or upload a one Meg file. On broad band that drops to about 2 to 15 seconds. See the difference? I am not going to set there not knowing if this computer I am hacking has a TCP/IP sniffer etc on line and sees me and therefore traces me back to at least my ISP.
I am not saying don’t run a firewall if you want but don’t kill yourself in doing so [except dialup]! I run the Zone Alarm Pro firewall when I am doing a general search for something. Too many times I have looked for say instructions on how to smoke a turkey and wind up redirected to an adult site that just pounds the heck out of me with popup’s, unders etc. Hit the “Lock” feature on Zone and it stops ALL internet activity stopping the chain of events necessary for the pops to work.
Dialup is however a black hole! I stuck a modem in my machine here a couple weeks ago when my DSL went down. For S&G I went to a testing site and they could even tell me what kind of drive, CPU, memory, OS, Office etc I was running. Had more holes than a veggie strainer! Put up Zone and they could only sniff out my IP which changes (on DSL) whenever I power off the modem.
So do think about what’s on your computer and how it can be accessed but be more wary of your brother in law coming over to “Look up” something and snooping rather then me hacking into your system and getting your recipe for wild country frog guts in béarnaise sauce…
P.S. I put up and ran, all weekend, a Serious Sam server. This is a program that spews out my IP address like a cow peeing on a flat rock. I had a TCP/IP sniffer as well as a couple other little sniffer progs. running and in the 48 plus hours, with broad band, I did not get one hit from someone trying to access my server. Other than gamers that is. This is just my opinion and I could be wrong... Nawwwww who am I kidding, I'm never wrong. 400 LB Go-rilla BigMike.
[Explained to me this way] "Think about it… There are millions of computer users in the world and for that hacker to seek out some little home based dialup connection is practically nil." I am not saying it doesn’t happen! But I know if I am going to hack someone I sure as heck don’t want to try to upload or download something to your computer at 1 to 4 kbs! I want to get in and out as fast as I can. A dialup connection will take a minimum of 5 minutes plus to download or upload a one Meg file. On broad band that drops to about 2 to 15 seconds. See the difference? I am not going to set there not knowing if this computer I am hacking has a TCP/IP sniffer etc on line and sees me and therefore traces me back to at least my ISP.
I am not saying don’t run a firewall if you want but don’t kill yourself in doing so [except dialup]! I run the Zone Alarm Pro firewall when I am doing a general search for something. Too many times I have looked for say instructions on how to smoke a turkey and wind up redirected to an adult site that just pounds the heck out of me with popup’s, unders etc. Hit the “Lock” feature on Zone and it stops ALL internet activity stopping the chain of events necessary for the pops to work.
Dialup is however a black hole! I stuck a modem in my machine here a couple weeks ago when my DSL went down. For S&G I went to a testing site and they could even tell me what kind of drive, CPU, memory, OS, Office etc I was running. Had more holes than a veggie strainer! Put up Zone and they could only sniff out my IP which changes (on DSL) whenever I power off the modem.
So do think about what’s on your computer and how it can be accessed but be more wary of your brother in law coming over to “Look up” something and snooping rather then me hacking into your system and getting your recipe for wild country frog guts in béarnaise sauce…
P.S. I put up and ran, all weekend, a Serious Sam server. This is a program that spews out my IP address like a cow peeing on a flat rock. I had a TCP/IP sniffer as well as a couple other little sniffer progs. running and in the 48 plus hours, with broad band, I did not get one hit from someone trying to access my server. Other than gamers that is. This is just my opinion and I could be wrong... Nawwwww who am I kidding, I'm never wrong. 400 LB Go-rilla BigMike.
#3
06-11-02, 03:48 PM
From My Guru...
This "Young-in" has been around this stuff since it's inception in the late 70's early 80's... I am going to do the "Honey Pot" tonight...
Yep!
That’s pretty much the deal man!
That’s why I don’t worry with it. I keep all that stuff off my computer so I can reach MAX speed. I don’t even run antivirus software. It’s not worth the trouble. There are viruses out there that purposely search your drive for antivirus software and attack it. You are more likely to get hit running all that than if you don’t run it. A hacker wants a challenge, You give him/her a challenge and they will go for it! I don’t give challenges. I have a honey pot for hackers. I have a dupe drive with a basic install of windows 2000 on it and if I were to get hacked all they would find is a clean drive with windows 2000 on it and that’s all. It takes up a little drive space but then again so does antivirus software and stuff like that, but mine doesn’t use any CPU at all! If they trash it – I’ve lost nothing!
Have a good day man!
TwiGG¥
☺☻♥♦♣♠• = Everybody loves a little wealth, Luck, Play, and doing nothing every once in a while!
Yep!
That’s pretty much the deal man!
That’s why I don’t worry with it. I keep all that stuff off my computer so I can reach MAX speed. I don’t even run antivirus software. It’s not worth the trouble. There are viruses out there that purposely search your drive for antivirus software and attack it. You are more likely to get hit running all that than if you don’t run it. A hacker wants a challenge, You give him/her a challenge and they will go for it! I don’t give challenges. I have a honey pot for hackers. I have a dupe drive with a basic install of windows 2000 on it and if I were to get hacked all they would find is a clean drive with windows 2000 on it and that’s all. It takes up a little drive space but then again so does antivirus software and stuff like that, but mine doesn’t use any CPU at all! If they trash it – I’ve lost nothing!
Have a good day man!
TwiGG¥
☺☻♥♦♣♠• = Everybody loves a little wealth, Luck, Play, and doing nothing every once in a while!
#5
06-11-02, 04:35 PM
Member
Join Date: Jun 2001
Posts: 1,421
Upvotes: 0
Received 0 Upvotes
on
0 Posts
My systems of defense.
Not being a wizard & only knowing a hacker, when the news puts his face on TV, I will err on the safe side.
My DSL ethernet Modem, hooks to a 4 port Linksys Router. From there I go through a Program by CA called EZ-ARMOR. A three way program with Antivirus, Desk Shield & a Software Firewall.
Then all three users practice all the tips from the Experts in the security field. I have lived next to a state, that has up until just recently, made it mandanatory to carry liability insurance on their car. Before that, what a mess we had with those uninsured drivers.
Out of responsibility, I have allways been covered. I really see verry little difference. Insurance is in the eye of the beholder after all.
So this is how I insure my little LAN. I'm sure there are better & worse ways. The GRC site tests, say I'm good to go. This is the best I could find & deploy at this time.
I think when those folks took control of all the Mom & Pop PCs to do DOS attacks, they weren't looking a dads nudie collection. However take over they did, & I won't allow that to happen to my PCs If possible. PABG works for me & OSOK words to live by
Marturo
My DSL ethernet Modem, hooks to a 4 port Linksys Router. From there I go through a Program by CA called EZ-ARMOR. A three way program with Antivirus, Desk Shield & a Software Firewall.
Then all three users practice all the tips from the Experts in the security field. I have lived next to a state, that has up until just recently, made it mandanatory to carry liability insurance on their car. Before that, what a mess we had with those uninsured drivers.
Out of responsibility, I have allways been covered. I really see verry little difference. Insurance is in the eye of the beholder after all.
So this is how I insure my little LAN. I'm sure there are better & worse ways. The GRC site tests, say I'm good to go. This is the best I could find & deploy at this time.
I think when those folks took control of all the Mom & Pop PCs to do DOS attacks, they weren't looking a dads nudie collection. However take over they did, & I won't allow that to happen to my PCs If possible. PABG works for me & OSOK words to live by
Marturo
#6
06-11-02, 05:18 PM
Insurance
Good way to look at it, Marturo. I am not really willing to take the chance that everyone else on the web is a "responsible driver". If the possibility exists that my data could get hacked, then I am all for doing something about it. Not pushing the paranoia or panic button, just pointing out the fact that these things can "and DO" happen.
The odds that any given person will be hacked? Pretty slim, for the most part. My experience using an always on connection differs from BigMike's in that I get frequent port scans. In other words, people looking to see if there is a computer set up on my ISP using my IP address.
Also, browsing habits tend to have a lot to do with your vulnerability. Do you frequent IRC chat rooms, porn sites, or newsgroups? If so, the odds tend to increase that you might pick up a trojan horse type virus that opens a network connection between your pc and someone elses. Download a lot of stuff from Bearshare or other sources that you can't verify 100%? Also at risk.
Because everyone uses the same web resources differently, a nice, easy, general set of rules (i.e., a firewall program, anti-virus, anti-spyware, etc) will help cover people in general. Low risk or high, there are some simple steps that can be taken to prevent it from happening regardless of your habits.
When I kicked this post off, I did it to get people to maybe take a look at some of the adverse possibilities, see what the free (and easy) solutions are, and hopefully get folks to take some precautions. Education is the key, and simple precautions can prevent huge headaches.
I don't have a Cisco PIX or Raptor solution (or IPChains/Tables for you Linux folks), but I have enough going to make myself a lot less of an easy target than someone with no protection.
Effort on my part - Next to nothing. Piece of mind? Priceles (with apologies to that credit card company for ripping off their ads).
Let's be careful out there!
The odds that any given person will be hacked? Pretty slim, for the most part. My experience using an always on connection differs from BigMike's in that I get frequent port scans. In other words, people looking to see if there is a computer set up on my ISP using my IP address.
Also, browsing habits tend to have a lot to do with your vulnerability. Do you frequent IRC chat rooms, porn sites, or newsgroups? If so, the odds tend to increase that you might pick up a trojan horse type virus that opens a network connection between your pc and someone elses. Download a lot of stuff from Bearshare or other sources that you can't verify 100%? Also at risk.
Because everyone uses the same web resources differently, a nice, easy, general set of rules (i.e., a firewall program, anti-virus, anti-spyware, etc) will help cover people in general. Low risk or high, there are some simple steps that can be taken to prevent it from happening regardless of your habits.
When I kicked this post off, I did it to get people to maybe take a look at some of the adverse possibilities, see what the free (and easy) solutions are, and hopefully get folks to take some precautions. Education is the key, and simple precautions can prevent huge headaches.
I don't have a Cisco PIX or Raptor solution (or IPChains/Tables for you Linux folks), but I have enough going to make myself a lot less of an easy target than someone with no protection.
Effort on my part - Next to nothing. Piece of mind? Priceles (with apologies to that credit card company for ripping off their ads).
Let's be careful out there!
