Jump to content
Compatible Support Forums
Sign in to follow this  
Cardinal

Firewalls? hmm... who has actually ever been hacked?

Recommended Posts

Guys.

 

I recently tried a few firewalls out of interest rather then an actual need. And I found a few interesting things that I thought warranted a mention.

 

Firstly, is there a real need for one on your basic personal system? For someone who uses windows 2000 for the stability, kernel difference, in built security and basic performance, is a firewall actually worth the effort? For many of you, who spend a lot of time tweaking W2k to get the maximum response out of the OS (like myself) a firewall could hardly be recommended on a purely performance scale. As far as port security goes, W2k is so far ahead then anything from the 9x line of windows. For someone on a dial up I really cannot see the necessity of a firewall. A DSL or cable connection could justify the need. But then again, how many of you have actually been hacked? I know some of you will pipe up and say, "I haven't, precisely because I use a firewall!" Ok, but is the chance really likely? For someone who intends to use a mediocre program to gain access to your system. Most of the time this process requires the user accepting some sort or remote admin file in the first place. And in this day and age no one would accept a 'CLICK-ME.exe' file or anything of dubious origins. So I ask you for your opinion on the necessity of a firewall. And I argue that in most cases it is not necessary. I would also say neither is an anti-virus program but I would be flamed. I will finish by saying, those who also use W2k for gaming and require the maximum amount of performance from their system will most likely agree, a firewall, anti-virus program or anything that remains resident can, and will hamper your gaming experience.

 

I just raise this matter to create discussion. My opinion is my own.

 

Regards,

 

Cardinal.

Share this post


Link to post

fuk firewalls fuk anti virus i don't like em use em or need em

 

It takes a mere 3 hours to reinstall 2 versions of windows and all my software on my computer (and i have a helluva lot of software) When my system gets hosed i just reinstall. I have backups of all my stuff disributed via batch file to 3 separate locations on my network.

 

I'm like you man I don't like the performance hit. I spend so much time tweaking i don't want to reverse the effect will these silly programs.

Share this post


Link to post

I have a firewall but it is a seperate machine. Running Red Hat 6.0 on a 486-50. No performance hit on my network that way. Using McAfee on the kids computer (can't trust them to not accept whatever downloads) but otherwise no virus checker. Don't believe in downloading anything other than drivers.

 

I agree that I can reinstall most everything in a few hours and do so about once a month anyway. Undoubtedly because of some beta driver or just because.

 

Ed

Share this post


Link to post

It's not just about your own security.

 

I run ZoneAlarm on my home machine. Not because I think that I have anything worth stealing, and as has been mentioned, if the worst happens, I spend a few hours with a pile of CDs.

 

The reason I run a firewall is to prevent my mahcine from becoming a stepping stone as some tries to hack something else.

 

Many hackers will infiltrate half a dozen or so machines on the way to the target. This makes tracing the hacker a harder. I could do without the hassle of someone turning up and saying that my machine was used as a launch point for a hack attempt.

 

You also make a large assumption about users when you say that people won't run a 'clickme.exe' file. How do you think the Anna Kornikove (sp?) virus and the naked wife virus spread around? People clicked them.

 

Knowledgable people (such as most of the people who frequent these types of boards) would probably know better, but there are those who don't know this, and if there's the chance of seeing a naked girl, they'll probably click without thinking twice.

 

In terms of performance, I can't say that I notice any problems. With that and my anti-virus software running (and Genome@home running), my pings are still around 30-60 for most online servers.

 

For single player games, it makes no odds as the firewall won't be doing anything anyway.

Share this post


Link to post

"Firstly, is there a real need for one on your basic personal system?"

 

YES

 

"For someone who uses windows 2000 for the stability, kernel difference, in built security and basic performance, is a firewall actually worth the effort?"

 

YES

 

 

"For many of you, who spend a lot of time tweaking W2k to get the maximum response out of the OS (like myself) a firewall could hardly be recommended on a purely performance scale."

 

WRONG. If you want themaximum performance that you can get a firewall is the way to go. You can block out all the crap that comes through your connection and all the crap that goes out.

 

 

"As far as port security goes, W2k is so far ahead then anything from the 9x line of windows."

 

ehh? If a port is open then it's open.

 

"For someone on a dial up I really cannot see the necessity of a firewall."

 

Can we say banners? Popup windows? For people who run their modems 8+ hours as I used to do from 90-98 (97-98 I was downloading 1.3g a month around 8+ hours a day) a firewall is a MUST.

 

 

"But then again, how many of you have actually been hacked?"

 

How the heck are you supposed to know if you don't have some sort of monitoring in place? What you think the idiotic malicious user will leave a big message on your desktop saying "You have been 4@x0r3d!!!! P43@r M3!!!!!!!" ;(

The only ones who do that are the idiots or your friends who want you to USE A FIREWALL!

 

 

"I know some of you will pipe up and say, "I haven't, prsely because I use a firewall!" Ok, but is the chance really likely?"

 

Well, I manage a base with 1,000+ computers. I manage Norton Antivirus on all of them. I monitor the ASIM box. I manage the firewall. From where I'm sitting I see alot of probes, alot of viruses and ALOT of activity. There is alot of stuff that homes users do not see simply because they have nothing in place to see it.

 

 

"For someone who intends to use a mediocre program to gain access to your system. Most of the time this process requires the user accepting some sort or remote admin file in the first place."

 

??? Wrong. By default File & Print sharing is enabled on 9x systems. Alot of NT boxes have default admin passes or NO PASSWORD ;( . Also it's not very hard to figure out the local admin on an NT box.

 

 

"And in this day and age no one would accept a 'CLICK-ME.exe' file or anything of dubious origins."

 

Riiiggghhhttt, Why just the other day MARCONI sent the Marconi representative 3 executable files (Disk1-3) as an Outlook attachment. My NAV Gateway stripped the executabled and MARCONI resent them zipped up.

 

 

So I ask you for your opinion on the necessity of a firewall."

 

You got it.

 

"And I argue that in most cases it is not necessary."

 

What cases? Granny logging on for 5 mins to check (oh wait it's granny...it'll probly be an hour....) her email....?

 

"I would also say neither is an anti-virus program but I would be flamed."

 

Yes you would and rightly so. Mabye I should print out the Virus alerts and virus hits I have seen for you. From your posts already I can tell that you would be greatly suprised.

 

"I will finish by saying, those who also use W2k for gaming and require the maximum amount of performance from their system will most likely agree, a firewall, anti-virus program or anything that remains resident can, and will hamper your gaming experience."

 

Most will NOT agree with you. Simply because they will find the best firewall & Antivirus that least hamper their ability to use their system effectivly. When you game simply TURN YOUR ANTIVIRUS OFF! 8) 8)

 

As I stated before a firewall can IMPROVE your performance on the internet. Antivirus will of course decrease your speed for increased protection but if your a tweaker then you'll know when you need AV and when you will not need it. It's not very hard to right-click and turn off realtime, or just end the AV task.

 

 

[This message has been edited by DosFreak (edited 24 March 2001).]

Share this post


Link to post

Thanks, DosFreak. laugh

 

And now the other eternal question. Is a hardware 'firewall' alone, such as NAT, etc. along with anti-virus software sufficient for a 3-pc, homebased peer-to-peer network w/cable modem, or is a software firewall like ZoneAlarm also important? (needed, wanted, etc.)

 

DC

Share this post


Link to post

Hmmmm, depends on how far you wanna go. I'd say the hardware firewall would be best because you wouldn't have to manage it as much. Also you wouldn't have to worry about your main computer crashing. The hardware firewall would be dedicated to that task. Also you pretty much never have to worry about patches and such. Of course price would probably be a factor + manageability. If you couldn't manage this firewall. (I don't see why not, just telnet in from across the net.) Why heck there's pretty much NO reason NOT to go for a hardware firewall. You'd think ISP's would give ya one for an added bonus when they install your DSL/cable. It sure would solve their headache's I'm sure.

Share this post


Link to post

Now if I can figure out how to install Sidewinder on a standard PC...Why....I would have one of the best home firewalls ever! MUAHAHAHHAHAHHAHAHAHAHH!

 

smile

 

 

*Sidewinder is our base firewall. Unfortunately I haven't had time to learn it but I'm working on it. Gonna set up a test system on a Crapp Compaq Server soon. Gonna be fun!

Share this post


Link to post

Thanks for your opinion Dosfreak.

I can, and will point out a few shortcomings with it however.

 

You argued that a firewall would improve the performance of your internet. Perhaps Dosfreak, you used the wrong word. 'Experience’ maybe, but not performance. Nothing that filters the incoming and outgoing packets that are sent to your computer can improve the performance of the Internet, or rather your use of the internet. By arguing this, you are being ridiculous. Are you seriously claiming that a persons ping time is lowered with the use of a Firewall? Come on Dos, that is incorrect. I do totally agree with your mentioning of popups however.

 

Your comments about port security was spot on also but, by admitting that in most win9x systems, file and printer sharing was enabled by default then you are agreeing with me when I say the default security of windows 2000 is better then in windows 9x smile

 

And a person who plays games online will most likely play them often and having to constantly disable real time virus scanning is annoying. And, partially defeats the purpose. Another thing, any so-called dos freak would understand that merely disabling a virus programs background checking does not remove the program from remaining resident. The fact that it is most likely enabled at startup means that it decreases system performance.

 

Dosfreak, it just seems that your definition of performance is different to mine.

 

I am aware that there is a lot of unknown, or unrecognised activity around my ports. But it has to take a malicious user, with some level of knowledge to be able to actually hack, or tamper with my pc. And your comments about people not knowing if their pc were hacked was a little weak. I think most people in this forum would know their computer well enough to realise if there were any damage done. And if their weren't, then it's not really a problem is there.

 

Your defence about an attack being likely was also, perhaps a little exaggerated. Are you saying that statistically, someone gaining entrance to your computer to perform malicious acts, On a personal system mind you, is a real probability? Don't get confused with a possibility. I just find that hard to believe.

 

I could argue many more points Dosfreak, but I will leave that to another post. I think I can safely say, that undoubtedly, your ideal system would be a lot more protected then mine, but I can guarantee, my ideal system would run a lot faster then yours. And to finish, the word 'tweak' is so broad. You tweak for security, I tweak for speed. That was, and is my argument Dosfreak.

 

Regards,

 

Cardinal.

Share this post


Link to post

This means WAR!!!!

 

No I see where your coming from.

 

Quote:
<font face="Verdana, Arial" size="2">You argued that a firewall would improve the performance of your internet. Perhaps Dosfreak, you used the wrong word. 'Experience’ maybe, but not performance. Nothing that filters the incoming and outgoing packets that are sent to your computer can improve the performance of the Internet, or rather your use of the internet. By arguing this, you are being ridiculous. Are you seriously claiming that a persons ping time is lowered with the use of a Firewall? Come on Dos, that is incorrect. I do totally agree with your mentioning of popups however.</font>

 

Okay, about long-term performance? All of those banners. Dozens of types of picture formats and flash files being cached to your HD? They takes up ALOT of space and alot of files. Those space & Files do slow down your HD. The fact that my Temporary Internet Files reside in my profile (Windows 2000) by default doesn't please me any. I say by default. As a tweaker I can move this. Most people do not. I never stated that ping time was affected at all. I was simply talking about performance. Any type of performance. Those banner's, animations, take up RAM memory,disk memory, & processor time. Thereby reducing my ability to what I love to do best. Surf the internet for information and download the latest of whatever I can get.

 

 

Quote:
<font face="Verdana, Arial" size="2">"Your comments about port security was spot on also but, by admitting that in most win9x systems, file and printer sharing was enabled by default then you are agreeing with me when I say the default security of windows 2000 is better then in windows 9x"</font>

 

Yes, That's why I'd rather I'd have home users using NT than 9x. The average homer user doesn't need 9x especially now with Windows 2000 but Windows 2000 is still VERY unprotected.

 

 

Quote:
<font face="Verdana, Arial" size="2">And a person who plays games online will most likely play them often and having to constantly disable real time virus scanning is annoying. And, partially defeats the purpose.</font>

 

Well yes, but your solution doesn't even use Virus Scanning! 8) Personally if it was my system at home. I'd would have a firewall box. On my Personal system I would manually scan whatever files I downloaded that needed scanned. For a home user I really doen't see why ISP's do not do a more effective job of virus scanning. If they did their job right there would be no need whatsoever for the home user to have a virus scanner at all! Just stick a super-powerful AV server after the firewall to scan ALL incoming traffic and a secondary AV server to scan all outgoing. Tada. No more need for home virus scanners. uh oh wait. There's always someone who will make up a new virus or who will distribute it internaly so you'll still need a virus scanner on each computer. oh well. Still Incoming/Outgoing at the firewall would solve 95% of all internet virus problems

 

Right now at home I have no internet access because I live in the UK and they do not offer DSL/Cable in my area. I have been using modems since 1990 and after 1998 (I had a 33.6 then). I vowed to myself that I would not have a modem for home use until I could get DSL/Cable. My work interner access has kept me sane throught that time. wink At work I have a NAV gateway that scans incoming email. Currently outbound traffic is not scanned which I do not like and I would like to look into implementing further. My work computer has NAV 7.51 which is on constantly and is updated by both SMS and my NAV server.

 

Quote:
<font face="Verdana, Arial" size="2">Another thing, any so-called dos freak would understand that merely disabling a virus programs background checking does not remove the program from remaining resident. The fact that it is most likely enabled at startup means that it decreases system performance.

 

well, yes but disable real-time file scanning does reduce the slowdown and the only slowdown incurred by keeping it in memory is the usage of memory which hopefully the user would have. The user could kill the task which in NT would more than likely give all of the memory back without rebooting. Unfortunately 9x users would have to reboot. frown

 

 

Dosfreak, it just seems that your definition of performance is different to mine.</font>

 

Not really. We are just talking about different kinds of performance. I think you were talking about the subject of your topic which was firewall's and I was rambling on about how it affected the user. heh.

 

Quote:
<font face="Verdana, Arial" size="2">I am aware that there is a lot of unknown, or unrecognised activity around my ports. But it has to take a malicious user, with some level of knowledge to be able to actually hack, or tamper with my pc. And your comments about people not knowing if their pc were hacked was a little weak. I think most people in this forum would know their computer well enough to realise if there were any damage done. And if their weren't, then it's not really a problem is there.</font>

 

Okay, I will admit...It does take at least a little bit of computer knowledge...

 

ping -t 131.56.136.73

 

wink

 

Now here is my question for you.

 

How would the average user on this forum be able to tell why their connection is extremely slow to the point of even being disconnected if the above simple command {that comes with any 9x & NT os and is one of the very basics of networking} was being done to them?

 

"Your defence about an attack being likely was also, perhaps a little exaggerated. Are you saying that statistically, someone gaining entrance to your computer to perform malicious acts, On a personal system mind you, is a real probability? Don't get confused with a possibility. I just find that hard to believe."

 

Depends on your status. Here's an example:

 

Joe Blow-Buys Compaq at Best Buys. Compaq rep sets him up. He finally logs in at home on 56k to check email at Aol,yahoo & hotmail. Been doing it awhile so it takes him 15mins. Clicks on one of those Spams every Aoler get's and logs onto malicious site. Site logs Ip, does reverse DNS, does a port probe and can probably push out a remote agent that connects to host site. Agent monitors keytraps and sends info to remote site.

 

Now above example happens veeeeeeeeerrryyy rarely but could very easily happen. I'd say probability of that happening is so low...well I don't have any numbers and no Compaq owners/Aolers that I can remember have complained so they must be happy with their current situation. wink

 

Here's another:

 

APK-Programmer-Spammer of ARS! laugh (Just kidding APK!)- Provides lots of helpful info that unfortunately some people cannot take. People try their best to get APK banned, Spammed, and whatever else to mess him up. But APK is a veteran of the net so he knows what he's doing. He has firewalls running. He knows his ports. He knows his NT. Nothing will ever get past him and if it does well he'll know where to go and he'll know how to get it fixed. Unfortunately Joe Blow will never know until he Gets a GPF,disconnect, or his computer blows up in his face. smile

 

Quote:
<font face="Verdana, Arial" size="2">I could argue many more points Dosfreak, but I will leave that to another post. I think I can safely say, that undoubtedly, your ideal system would be a lot more protected then mine, but I can guarantee, my ideal system would run a lot faster then yours. And to finish, the word 'tweak' is so broad. You tweak for security, I tweak for speed. That was, and is my argument Dosfreak.</font>

 

Nah, let's continue this thread. I forsee it growing very big in size. I haven't been on the net lately due to my network switching over to ATM so I've been very busy at work and I need a thread to type in! So don't quite this thread dangit! laugh

 

/begin boast

Oh and you wanna argue speed huh? Post your benchmarks buddy. That's why I have a Dual P3-1000@1125 with 512M of RAM!

/end boast

 

[This message has been edited by DosFreak (edited 06 April 2001).]

Share this post


Link to post

Is every last ounce of speed really worth the vulerability? How hard is it to just turn it off? Especially if your on a network, it's even more imperative to have a firewall and antivirus. If just an old POTS modem, skip the firewall, but dont forget the antivirus.

I dont know about you, but a little privacy is something I like here. I'm also not to keen on having a virus screw up my sytem. Plus, I really dont like to spend the time reinstalling everything. Call me crazy, but a little security goes a long way.

Its unwise to go without protection in this digital age.

A fast computer is worthless if its infected or hacked by some unscrupulous fellow.

I dont think all s are malicious, but there are those who have a sick pleasure in screwing up someones system.

 

I know some really great tech guy that has his system rigged to deliver a voltage spike to the s computer if they hack his system, or so he said. Unless you got a defense along those lines, or better, a firewall and antivirus are the best way to go.

Share this post


Link to post

I really don't want to insult anyone here, BUT, Cardinal, your an idiot. I know from experience that every thing you say just isn't so, and the stuff that DosFreak says is absolute truth, I know that from experience also. I don’t need to repeat what DosFreak has said.

Share this post


Link to post

Firewalls are a must at the gateway (being a single PC, then it would be the gateway itself) between local and public networks. That's it as far as that part is concerned. The thing I don't do (or understand a need for) is install firewall software on ALL of the PCs on a LAN when there is a firewall mechanism already in place at the gateway.

 

------------------

Regards,

 

clutch

Share this post


Link to post

It's kind of funny that I came across this topic today, because I'm kind of bummed about not having my firewall up right now.

 

I live in a university residence hall, which is directly connected to the campus network. Since I'm paying for electricity only through my standard housing bill, I tend to leave my computers on 24/7. Working for the school's network tech support center, I have come across enough horror stories about computers connected to permanent connections such as mine to want to add to my protection.

 

So, being the computer geek that I am, I took all the extra parts from upgrades that had been building up and put them together in another box, and installed OpenBSD and two ethernet NICs, after reading through the book "Building Linux and OpenBSD Firewalls".

 

Quite frankly, it's the best thing I've ever done. I've noticed absolutely no performance drop in my network performance, and even a slight rise as my Win2k machine doesn't have to deal with all the misceleaneous network traffic that goes across a dorm's noisy network. And I've caught enough probes and script kiddy attacks in my logs that I don't regret for a second the extra effort I put into this project.

 

Sadly, the power supply died on my firewall, so I need to get another one. Rest in piece, little guy ...

Share this post


Link to post

I have to agree with Cardinal, not to start a WAR..but I have never experienced destructive hacking or virus's of any kind on any of my computers since my first 486 machine and I have downloaded shareware and surfed a gazillion sites in my time. I have never used my computers for anything important and back up anything immediately that needs to be preserved.I am cautious, of course, but unless a person is concerned about someone spreading a virus through a 1000 computer network like dosfreak has, i don't waste my time.I run bios protection and thats it. In fact "I laugh in the face of death, and wish i would get one destructive virus that wiped out my system..or a hacker that deleted all my files," then maybe i would care...a little...NOT! I reformat and re-install windows about 20 times a year just for fun, when i'm bored.I don't want any extra crap running while i'm on my computer and i welcome all the voyeurs who want to come in and steal my saved games and expert binds.As for spy software, i run optout for that and anything that gets by, great! Maybe these internet companys can profile me correctly and quit advertising garbage and maybe some day post 1 ad that i actually might be interested in reading...and blah blah blah

Share this post


Link to post

Hmm...I think from reading everyone else's posts, it seems like having Firewall is like personal preference/risk you want to take. I think Firewall wall like this: would you rather have a door knob with lock or without it installed for your house? With the door knob with lock, only people with the key can enter your house. If you choose not to have a door knob with lock feature installed, you are just taking the risk thinking some stranger wouldn't enter your house and steal stuffs. I see the firewall the same way. Are you willing to take risk and hoping that some skript kiddies wouldn't hack your system? For me, Firewall isn't that big of a deal for me since it seems like I am reformatting my hard drive pretty much once every three months. I use my Zip disk to store important stuffs so even if someone successfully hacked into my system, there is nothing important on my computer except games, homework papers, and e-mails. I am just gonna use Firewall because I am not going to risk getting hacked and have my system down when need it the most for school work.

Share this post


Link to post

Hey, anyone know anything about Sidewinder Firewall? I'm having trouble backing up my Sidewinder and can't figure out why I can't back up. mad

 

I'm about to just forget about tape and see if I can just mirror the stupid hard drivers.

Share this post


Link to post

Sorry about the harshness of my last post but I had just finished a week with no less the three computers in my shop from people who don’t think they need an AV or firewall. I warned them. Even if you don’t get hacked, your computer can be used as a stepping stone for a hacker to use on the way to a target. If you don’t have or use an AV then you have no way of knowing if you have a Trojan on your system. Some one else could be using you system to hack into a corporate site and you would never know it, until the FBI comes knocking at your door telling you a major computer system was hacked and the hack was traced back to your box.

 

It’s kind of like having unprotected ***.

 

Ge0ph

Share this post


Link to post

Yep, here's another example of why people need Antivirus. Recently I've been redoing the sad pathetic Antivirus here on base. Computers were spread out over 6 Norton AV Servers 8) 8) . Finally I consolidated them onto one AV server and am push updates to the computers via SMS. The AV server is there is basically for a backup and to manage. Also our NAV gateway wasn't blocking attachments so I upgrade to the latest NAV gateway which is 2.1 I believe. So Finally we are blocking .exe,.vbs,.wsh,.scr,.com,.cmd,.bat and some other extensions that I cannot recall. SO I upgrade those 2 computers and finally we are blocking attachments! YAY! smile Now I'm looking through the AV logs and I noticed virus traffic going from computer to computer. inter-lan email wich of course NAV gateway ain't gonna catch, NAV on the users desktop will catch it but that's a slow way of getting those viruses off so right now as of today I am sticking NAV for Exchange on all the exchange servers and having it scan through all the information stores. I'm gonna get this virus problem licked dangit! laugh

Share this post


Link to post

derekmeister - thats a good book and an even greater os :-) and the nat capability of obsd is even easier implemented than with fw1 ( a big comercial expensive fw )

 

[This message has been edited by nagual (edited 26 March 2001).]

Share this post


Link to post

Ok. I did not want to reply again but I feel that I should.

 

Firstly I will state the obvious. Geoph, you resorted to a personal attack, this illustrates your level of intelligence more then affecting me. Well-done sir.

 

And once again my friend Dos Freak has gone on to over elaborate about the need for an anti-virus program. Wow hehe, take my scenario even if it is a little pessimistic.

 

You lose your job as a system/network administrator. Your partner finds the retrenchment too depressing and decided to head south with a Linux programmer. You sink into a depth of despair; too depressed to look for work your finances force you to drop the broadband connection and enjoy your old cobweb covered 33k modem. The home LAN, if there is one, is sold so you can buy some bread. So you're stuck with a single pc and that trusty pci modem you once loved. You find yourself enjoying the quiet life as an irc monkey and the odd online game to escape that terrible reality. A few frames in the game are dropping and the hdd seems to be thinking about something else. Ffs! you cry and wonder what program is causing this god-forsaken annoyance. Oh, I see, a software firewall has decided that the connection with the game server poses as a risk. Now I ask you Dosfreak (I apologise for the over imaginative description) do you really feel the need for a firewall in this scenario? While you ponder that question, let me remind you that by far, the majority of net users meet, or come close to meeting this example. Not every user is a 'freak'. (hehe I love the fact that you are wink )

So, finally do the majority of net users need a firewall? I also understand many of you users are in the US. The attitude towards net security is more of an issue then it is here. And as far as an anti virus, well we can leave that to the gods (read, pc salesmen) According to you lads, a virus or a 'hack' is the end of the world. I can't remember who said it, but someone posted the possibility of an electrical spike (lol) I mean please. Lets keep our feet on the ground and not floating around in cyberspace.

Share this post


Link to post

Well, by 'firewall' what you're really asking is about the software firewalls for individual PC's.

 

If I was reduced to only having one computer, with nothing between it and the Internet, then I would install at the least one of the available software firewalls. I do this knowing that a software firewall on the machine itself isn't much in the way of protection compared to a seperate machine between me and the Net, but it's better than nothing.

 

My parents have DSL, and what is essentially an old computer cobbled together from parts left over when I upgraded my own machines. There's really nothing that important on there, and most of what there is good be reinstalled with ease. However, they are 252 miles away from me, so I don't get physical access to the machine often. I installed the free personal version of Tiny Personal Firewall ( http://www.tinysoftware.com/pwall.php ) on their machine because while it's not much, I feel that the cost in terms of hardware resources was well worth the small sense of protection it offers me, not being able to watch over the machine personally.

 

Normally, on my personal network here at University (yeah, I'm a computer freak) I have an OpenBSD firewall between me and the school's always on network. Currently, that machine is down, however, so on the Linux machine I setup some IPChain rules and on the MS Windows 2000 machine I have Tiny Personal Firewall running, along with McAffee VirusScan. Together they take up less than 1% of my CPU time in normal operation, and the only difference I can notice when running them is when one or the other catches activity that I'm glad they did.

 

So, yeah, it's pretty much a personal thing in the end. Chances are, your average user on a modem can get away without noticing attacks. But at the same time it really doesn't cost me much to run them, and is there for an extra bit of insurance in case something goes wrong. It's certainly cheaper than my auto insurance, that's for sure. wink

Share this post


Link to post

I have been hacked. When I first got cable internet service, I went to shut down my machine one day and got a message saying"if you shut down windows this other guy who's logged on to your machine will be logged off" (ok, ok that's not exaclty what it said, but close enough)

 

So I installed a software firewall right away. I get a ton of probes everyday, so I know these malicious idiots are out there. There's nothing on my machine that's of any importance, but I don't like the idea of someone snooping around my hardrive.

 

I found out that the guy who was logged onto my machine was using another guys' computer as a "stepping stone" to get to me. If that guy owould've had a firewall it all would've stopped right there.

Share this post


Link to post

-windows 2k by default-

wingates- stepping stone to other systems

 

enumerating shares- yes the little <20> that says hi I'm on. would you like to connect try IPC$ maybe I'm logged on as root(admin sorry)

 

Dos Freak-nice makeshift DoS attack freak thats funny.That will definately slow down a 56k connection especially if its performed by someone withmore bandwidth(not uncommon)

 

I would use a firewall box. Yep thats right the old 486 that nothing seems to work on anymore. Well guess what, Linux will still run fine with it, because they aren't in bed with the hardware manufacturers. So you run IPChains on it and remember deny everything first then start allowing.

 

I will give it to whoever said you have less of a chance of being 'cracked' being on a dial up. Less doesn't mean never. although your range of IP's may be scanned less frequently because of the lack of juicy targets, what about all the little packet monkeys trying to figure out how to steal cc#'s, how to use wingates, etc. I mean I could go on all day about all the little things that go on. But at the end of it all I would still recommend at least zone alarm and a trojan scanner.

 

Cheers-

 

Moniker

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×