Do you know what your computer is doing these days? esp. on the Web

[Rigoletto]

There used to be a time when an off switch and CD eject really did what they were supposed to. Now it's all overridden with software. My computer regularly ignores my attempts to turn it off because when restarting it just hangs. My CD won't eject without popping up a window asking me if I want to eject (of course I did, I pressed the button didn't I mate?)
Of more concern is the surreptitious activity of cookies and pings from other computers, and even Microsoft autoupdate. The background to this is I installed Zonealarm, a fabulous kind of pseudo firewall. It seems to be telling me regularly of pings (cookie access attempts?) and other things like the "autoupdate" trying to call from my computer. "Real" products also have a naughty rep on being a law to themselves in this department. I deny all this stuff, because I unless I asked for it, I don't need it.
Are there any especially knowledgeable people on what all this access from outside is trying to do? Is it trying to examine my browsing habits for marketing research? A site checking my browser features to configure the pages? Identifying me for whatever reason? Hacking even?
The microsoft "update" looks open to abuse by microsoft as in analysing and reporting my behaviour as a user with respect to Windows. In the future it will no doubt check every day whether I am legitimately certified to use Windows... under some new rental license of the future MS no doubt. MS update rarely tells me itself of what it's doing, which is why I don't like it.

 

[jsbush]

That's weird. I never get any pings and autoupdates or cookie stuff, well zone alarm doesn't detect them if they are really going on.

 

[Rigoletto]

I don't remember seeing the word cookie used by zonealarm, but I figure that must be part of what is going on. It uses the term ping fairly generically. The "autoupdate" is within windows trying to access the net whilst I'm already on the net, on the quiet.

 

[Rellik]

Security issues on the net are getting important since the whole
stupid industry thinks "it´s where the future market, i.e. money is"
Therefore, soon our data will be valueable.

After I installed w2k I installed Zone Alarm. I was suprised how many
sites and ip tried to access my sytem. Now it has stoped and there is really no more activity. Does that mean "they" lost interest or that they found a way around/through zonealarm?

scary thoughts...:Q

 

[Rigoletto]

Rellik, I am told that ZoneAlarm is the only software that can put your computer in perfect stealth e.g. invisible to any approacher. It "absorbs" the pings completely. Still, it would do no harm to check your settings, huh?

 

[compuwiz1]

Go here to check your shields.

Mine is operating in total stealth mode, so nothing gets out. BTW, I have zone alarm too.

 

[noxipoo]

zone alarm just doesn't sen a reply back like any firewall. it doesn't absorb anything. i have my router doing the same thing. (firewall built in NAT) and to the outside world i don't even exist. I find zonealarm annoying, especially with the questions. I like other firewall software better, but now i got in the router.

 

[Rigoletto]

Yes, but what do these accessers actually want from us?
I think maybe the privacy laws have to be reviewed here because these guys seem to be planting things to check our interests for targetting spam or advertising.

 

[Guilty]

ICMP (Ping) is harmless, cookies have nothing to do with firwalls, your web browser set/accesses them, Control Panel > Automatic Updates > Off. Microsoft isnt collecting information about your browsing habbits, thats a bit absurd. Automatic update simply checks for new version of the free components in windows, like IE and Outlook. You can set it to automatically update or prompt you or never even check. It isnt verifying that you have a valid windows key, I dont know where you got that from. Real Player does track user's via a unique string, they've been caught on it, and said they would stop, but I wouldnt be surprised if they continued. Real Player is the worst media player... ever. It brings new levels of annoyance with sub-par video quality in a "locked" enviornment with more add's than most humans can tolerate. But back to your question, most of the activity Zone Alarm is "catching" is perfectly normal. I question zone alarm's use, many people are quick to suggest you need a software based fireall or hackers will steal your children, it just isnt reality. In reality, windows listens on a few ports for network identification, if you dont like this then remove the Microsoft Network Client in Network properties, of course disable file/printer sharing unless needed, and thats pretty much it, pings arent going to hurt you, they are often small packets that are sent for black hole discovery and a multitude of other things.

 

[compuwiz1]

Hehe, and what makes you think you are significant enough that they would want to know about you?

 

[pm]

I don't run ZoneAlarm, I have a NAT router security solution, but I do keep logs. I have noticed major port scans of my computer at least once or twice a month. I presume that if I had left a port open running some "exploitable" program on it, then there's a reasonable chance that my computer could be hacked by at least one of the dozen or so people who have scanned me over the last 6 months. I don't worry about my data (I make weekly complete backups) and I don't worry too much about viruses (I keep my sig file up to date), but I do have a lot of financial information on my computer and don't really want anyone prowling through that. Plus I don't want my computer used in some global DoS attack.

Maybe I'm paranoid, but I've seen enough weird stuff in my logs that I think that anyone with a static IP/permanent connection should be running some form of firewall.

As far as cookies - I purge my cookies.txt file periodically just to irritate those trying to track my spending habits simply because. But I don't worry about them.

 

[Modus]

Guilty has the right idea. Personal firewall programs are a cynical attempt by the software industry to capitalize on the recent wave of Internet paranoia. In reality, you are only vulnerable to outside intrusion if you MAKE yourself vulnerable, by

- stupidly opening an email attachment (even from a friend) that you were not expecting to receive

- stupidly clicking "Yes" when websites try to make you download all sorts of spamware crap like CometCursor

- stupidly turning on File and Print sharing and leaving Client for MS Networks bound to TCP/IP

- stupidly allowing programs like RealPlayer and Winamp to sit active in your system tray and pimp data back and forth to their corporate headquarters

Without those mistakes, a Windows box with all the latest security patches is literally invulnerable to hackers. And here's something for the paranoid firewall users to think about: how much can you trust ZoneAlarm, Black Ice, and all the other useless firewalls? If they're monitoring every single bit of network traffic to and from your machine, what's to stop them from collecting data on YOU, behind your back?

No, personal firewalls are not the answer. Responsible computing and knowledge of each and every program in your computer, is.

Modus

 

[fs5]

I'm also behind a NAT but sometimes I put my ip in the DMZ just so some programs don't act up. Am I correct in assuming my NAT (linksys 4 port) is good enough security? I always disable ALL microsoft updaters (IE included).

 

[pm]

The thing is that I personally do not want to worry about whether or not a port is opened by some program - whether my playing a game of Diablo on my home LAN opens up a port that is exploitable, or whether some creative kid in Bulgaria can use Winamp to get into my system by running some program that he found on alt.hackerz. I don't want to have to stay up to date on security issues. I just want to be able to run whatever I want on my LAN and not worry about whether or not it is potentially hackable because it wants to tell it's corporate HQ what I'm doing.

Reasonable computing is fine and it's good advice not to click on unknown attachments, but I really have neither the time nor the patience to keep up to date on what each and every program on my system is up to. I don't want to and I shouldn't need to.

 

[nuttervm]

i agree with pm

many of us, the computer and technical hobbiests and professionals cannot or do not stay up to date on the latest security related issues and software, whatever our reasons. asking your mother to know how all of her software operates is simply ludicrous. 98% of computer users couldnt give a damn about how their computer works as long as it does, and asking them to know every nook and cranny of their PC is unrealistic.

i dont even have a virus scanner on my computer. i dont get stupid emails, and if/when i do, i simply delete them, i dont download programs from shady places, i dont enable total access to my harddrives for anything thats on a outside network. as long as you are relatively cautious, there isnt much to worry about.

 

[Modus]

pm,

<<The thing is that I personally do not want to worry about whether or not a port is opened by some program - whether my playing a game of Diablo on my home LAN opens up a port that is exploitable>>

The only possible way an open port is &quot;exploitable&quot; is if there is a bug in Windows that renders it as such. Weekly Windows Updates will cure this, and Microsoft is at least vigilant with a response team that issues security patches the moment an exploit is filtered through the hacker community.

<<Reasonable computing is fine and it's good advice not to click on unknown attachments, but I really have neither the time nor the patience to keep up to date on what each and every program on my system is up to. I don't want to and I shouldn't need to.>>

Of course not, but you must at least be aware of the broad strokes: any attachment that you were not expecting is inherently evil, any web-extension you are asked to download is assumed malicious, any program attempting to sit in your system tray 24/7 is bad, and any patch from Microsoft that fixes an increasingly rare security bug is good. It's just a matter of awareness.

nuttervm,

<<i dont even have a virus scanner on my computer. i dont get stupid emails, and if/when i do, i simply delete them, i dont download programs from shady places, i dont enable total access to my harddrives for anything thats on a outside network. as long as you are relatively cautious, there isnt much to worry about.>>

Funny, that's exactly what I'm advocating.

The bottom line is that there are two schools of thought on computer security: those who consider every system perfectly secure provided no flaw exists in intent or implementation, and those who consider every system inherently insecure unless it is proven otherwise. While the latter line of thinking may be more conservative, anyone with a background in hacking or computer security can testify to the trueness of the former in the Internet age.

Computer security systems such as Windows' network protocols are designed to be perfectly secure to outside intrusion. And they are. . . unless there is some error in the code. Every single computer security breach is the result of either (1) social engineering, malicious insiders, or careless users sharing passwords or mistakenly downloading trojans or (2) a hacker exploiting an easily correctable bug in the security software.

So contrary to popular belief, there IS such thing as an un-hackable remote system. Once the bugs are patched, it's invulnerable. Period.

Modus

 

[pm]

Modus, I hear what you are saying and I mostly agree except the idea that firewalls are useless. Zonealarm is freeware (for most people), it doesn't suck a huge amount of CPU cycles, and it will catch all connections made, either incoming or outgoing, and ask whether or not they are ok. I really don't see the downside. You guys may be right that I'm wrongly paranoid, but the activity logs on my machine say that people are running port scans on me... and I assume they aren't doing it for no reason at all.

 

[nuttervm]

i forgot the reason i originally wanted to post here

i have to agree with rigoletto. its so damn annoying that the software industry now feels that it has to second guess and check up on every action that you do. ok, dont automatically open the cdrom when im burning a cd, but otherwise, when i push the button, i want the freaking drive to open! its about time the users took responsibility for their actions and the programmers dont have to spend so much time confirming choices i've already made

i probably spend an equal amount of time coding so dumbasses dont enter incorrect data or options, or to make sure they dont misuse the program, than i spend actually developing the real meat of the application. i'm just a student but i wish a software company would just say &quot;if you're not smart enough to figure out what you're supposed to do, or you're not willing to read the manual then you dont deserve to use this product&quot; this of course is unrealistic, but boy wouldnt that cut so much unnecessary work out of a project

 

[Modus]

pm,

The problem with personal firewalls is that they often give very enthusiastic alarms for the slightest random ping or port scan, perhaps in an effort to justify there own usefulness. Clients constantly call me complaining &quot;some one is trying to hack me,&quot; and it's all because of overzealous firewall software.

Really, the best and last line of defense is frequent backups of important data and responsible as we've outlined above.

Modus

 

[Cretin]

Downloading one program to block another is just ludicrous, put it that way. How can you trust Zone Alarm because you think Real Player is evil? You can't, you don't know if Zone Alarm will give away your info any more than Real will.

Back in the early Win95 days, it was easy to hack/screw with people, but these days, when everyone is running either Win98/Win98SE or Win2K, there's not much to worry about unless you're stupid or extremely careless.

I have to agree with Modus on most of what he says, seems like he knows what he's talking about. You don't need a firewall if you're careful. If you're using broadband you're more easily hacked, but I'm pretty sure you can be careful with that too. And if you must use something to paranoidly block all your ports, use something that you know is completely safe. Personally I wouldn't use anything at all, but it's up to you.

But one thing is... If it's so damn easy to be &quot;completely 100% absolutely certainly UN-HACKABLE&quot;, how come we keep hearing of people hacking into this and that?

Anyways, I'm done, have a good night everybody.

Cretin

 

[Mytv]

Iris is what you need.

A packet sniffer will find out anything you ever need to know.
May seem complex in the beginning but you'll know very well whats going on.

 

[Rigoletto]

You mostly merely say that it is very hard to find a crack in a Windows system. Huh, yeah, why do I hear about successful hackers if it ISN'T possible.
I think some of you guys just have not grasped the idea.
I said, for the hard and reading and thinking, that in future Microsoft would introduce a rented OS and that it would check for its own certificate online. Now how can that be unlikely?
Also, it is actually very useful for web money makers to deposit cookies or keep track of our visits and purchases in order to target spam and ads. Now, why do you think that unlikely? OK, if you do, you go without your own wages and live on the streets- you see what it's like to have no money.

 

[Modus]

Rigoletto,

<<You mostly merely say that it is very hard to find a crack in a Windows system. Huh, yeah, why do I hear about successful hackers if it ISN'T possible.>>

Because the millions of unsuccessful hack attempts never get publicized. Even those that do quickly lead to a patch preventing a similar exploit from taking place in the future, so they are actually beneficial in an evolutionary way.

<<I said, for the hard and reading and thinking, that in future Microsoft would introduce a rented OS and that it would check for its own certificate online. Now how can that be unlikely?>>

We're not illiterate, we just don't think it's that big of a deal. Why? First, you ought to own the license to begin with. Second, if Microsoft did that, privacy groups and hackers themselves would catch on instantly (there are thousands of intelligent crackers out there who disect every MS product) and release a workaround as well as wreak havoc in the media. Microsoft can't afford to do something like that given the pending DOJ case and bad PR, and they make so much money off bulk Windows licenses to large OEMs that they don't really care anyway.

<<Also, it is actually very useful for web money makers to deposit cookies or keep track of our visits and purchases in order to target spam and ads.>>

First, most people couldn't care less if a web site collects information on their surfing habits. Security-concious users will never give their real name and personal info to a site like that anyway, and will also clean out their cookies on a regular basis.

<<Now, why do you think that unlikely? OK, if you do, you go without your own wages and live on the streets- you see what it's like to have no money.>>

Huh?

Modus

 

[spamboy]

Who the hell cares? I don't run a buisness. I don't have trade secrets to hide. It don't even have finacial info on my computer. If someone want to take a look, who cares... I know, I don't like the idea either, but I'm not going to get all paranoid about it.

 

[Rigoletto]

Haha, old Modus imagining he's slaying imaginary dragons again.