Jump to content
Compatible Support Forums
Sign in to follow this  
GH_Hope

Are firewalls really necesary?

Recommended Posts

I previously posted a thread about firewalss and there effectiveness, and got lots of good replies (thank u all for that).

 

I am now thinking to myself, is there a need for these firewalls! I understand that they protect your copmuter from unwanted access i.e hackers and other un-usefull stuff, but is there really a high chance of being hacked from people on the net.

 

I never really talk to people much over the net just download. so how could people gain my ip to hack me?

 

cheers

 

Hope

Share this post


Link to post

a hacker won't attack your system because he knows you or anything - they're not gonna say "hey look, GH_Hope is running at ip xxx.xxx.xxx.xxx, I should attack him"... What they will typically do is scan a range of IP addresses to find running computers, and then try to see what those computers have on them. Or if they're the nasty type, they might try exploit your system by placing a trojan on it or something.

Share this post


Link to post

Well, the Code Red worm is a classic case of people that had an exploit on their systems that was used to attack others. They spread much faster on the broadband networks (cable and DSL subnets) with CRII, and almost none of those systems had anything worthwhile to a traditional hacker (other than the fact it was another zombie that could be used in an attack). Now, if a simple firewall was installed using most of the defaults, port 80 wouldn't have even been open, and those machines would have never been infected. If a person that was "knowingly" hosting a website, and knew how to open/forward the necessary ports, then that person should have also been more than capable enough of installing patches. That however, is a whole other debate...

Share this post


Link to post

So a firewall is just to prevent a hacker? because you can eleminate the threat of viruses and trojans with a virus checker/killer.

 

Once again, is the threat of being hacked that high? really, when u think of the amount of people connected to the internet 2-day with broadband, the chances must be small! Even so, how can other parties that make software i.e blackice and zone alarm be more effective than XP's own firewall?

 

I ask this question because iv never EVER met anyone who has been hacked properly. My definition of being hacked properly is gaining access to a persons copmuter by waiting and the use of code and patience and NOT crap client - server rip off programs such as CLIENT.

 

cheers for the replies.

 

Hope frown

Share this post


Link to post

Tell me how any of those virus checkers would have stopped Code Red? Funny, I have a pretty good idea that the majority of those servers had virus scanners, and yet NONE of those scanner did a damn thing about that worm. If you are simply looking for a debate as to the use of a firewall, then I will drop this as it can drag on forever. Simply put, relying on virus scanners to protect a network in a manner that a firewall would (packet detection and analysis) is a poor idea. The two types are entirely different from each other, and are meant to address two separate needs.

 

As for being hacked "properly", there isn't such a thing. Why wouldn't you classify something as Code Red or any other use of an exploit that can not only deface a web page, but can in fact take CONTROL of a server and have it do its bidding is in fact a hack? Just because it wasn't one person that spent hours, days, weeks, or months behind a terminal trying to get financial records? Hacks don't have to be for the purpose of gaining useful information from one or more machines (like you would see in movies), but it is simply the act of accessing/controling another machine that you would not normally have access to.

 

And finally, the insanely fast spread of that worm shows that the possibility of being hacked is very great indeed. I was getting scanned in upwards of 40-50 times an hour by other machines that were infected. These machines would not normally do such a thing, and were in fact "hacked". Not only would the use of basic firewalls have eliminated this, but some of the more advanced firewalls can also monitor what traffic is coming in and check to see if it's coded properly (as in not having alternate character sets, or using "broken" packets and flooding as in a DDoS attack). Now, I have yet to see a virus scanner do that. Because if it did, it would be a firewall.

Share this post


Link to post

Ok, so my definition of a hacker was far fetched and unrealistec (movie-like), my apologies. Like i said before, iv never been hacked (clutch's definition not mine) or known anyone to have been, so i have never been exposed to the dangers involved which is why i have posted these messages.

 

Cheers for all the response, and cheers for clutch for being so subtle, its the best way really wink

 

Hope

Share this post


Link to post

GH_Hope,

 

Are you saying you haven't got a firewall installed on your pc? If this is the case, how would you know you have even been scanned? After installing a firewall you will be very surprised at how frequent port scannings are.

 

And remember it only takes a dodgy email or a hacked download to install a trojan on your pc.

 

If I was you, I would install zonealarm, and let it do its business in the background.

 

Better be safe than sorry.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×