Firewalls

[drag]

Originally posted by: malak
And I've heard lots of headaches using this protective software, which is why I avoid it. Frankly, all you've shown is theories, what ifs, and paranoia. Has any of this happened to you? Like I said, I don't use protective software like AVs and firewalls because I never get attacked. How do you know you ever get attacked?

If your on the internet your getting attacked by malicious software constantly. Most firewall software won't log or notify you of it because it's pointless information. They just work, the only time they mention anything is when something goes wrong.

As far as individual attackers, they are constantly scanning for vunerable computers. I can setup a bash script to scan my local ISP's IP address range and find you maybe 20 or 30 Windows computers that are online and operating without firewalls.

Out of those I'd probably find 5-10 that have ports open high in the address range. This means that they are running some sort of service, and since people don't run services on Windows machines, generally, it means that probably half of those are backdoors.

A person with a simple scanner can do thousands of scans in just a few minutes. This stuff goes on constantly.

This isn't what if's, this is what goes on now.

What your doing now is exactly like leaving your car parked in a massive multilevel public parking lot. Constantly there are dozens of people wondering around and checking out potential targets. Putting your car behind a NAT/router or high quality firewall is like parking your car in a garage with a alarm system every night.

The chances of them targetting you specificly are fairly small. One in a hundred. Like a pickpocket in a crowd, chances are they won't bother with you. But it still happens.

Like my Grandma just a few months ago was a target of wire fraud. She was recently widowed and of course they post that information in the paper. People scan thru the obituaries because most females of her age don't deal with finances and are greiving and lonely and thus are easy targets for con artists.

They somehow obtained her credit card information, nobody figured out how, and charged her 400 some dollars. She found out about it and called the bank and credit card people and canceled the card and they refunded her. A few weeks later the con guys called her and told her that they received the 400 dollar down payment that her husband paid for for a trip to somewere in the caribbean. If she didn't want to go (after all her husband just died) they were more then willing to completely refund her for the amount if she would only give them details about her checking account so they could wire her the money back.

Some people are real pig-fvkers. It's not a question of paranoia. There are a few things you can do to protect yourself and your a fool not to take advantage of it.

 

[boran]

We installed firewalls here after nimda, that virus just walks in unless you have a firewall. (walked, aint really around anymore I think)

 

[biostud]

A firewall lays an extra layer of security, it's easy to install and use (one home PC's atleast) so I can't see why I wouldn't want to use one.

 

[Sunner]

Originally posted by: malak
And I've heard lots of headaches using this protective software, which is why I avoid it. Frankly, all you've shown is theories, what ifs, and paranoia. Has any of this happened to you? Like I said, I don't use protective software like AVs and firewalls because I never get attacked. How do you know you ever get attacked?

Yeah, I know lots of people it's happened to.
I have a firewall in front of my LAN, so I don't have any exposed Windows boxes, which helps me sleep at night, I still run AV software on all of them though.

A friend of mine who's reasonably computer savvy got a snailmail from his ISP a while back, informing him that someone had snuck a mailer onto his computer and was using it to send spam, giving him 1 week to remove it before they'd turn off his connection.

Another guy I know tried to connect his XP box directly to the net, having the firewall disabled since he was used to sitting behind a proper firewall.
Took about 1-2 minutes before he got the famous "This computer will restart in 60 seconds..." message from...which one is it, Blaster right? Too many worms out there for me to remember which one does what.

 

[b4u]

Originally posted by: malak

Originally posted by: Zap Brannigan
Malak; do you have a router?

Many routers double as hardware firewalls.

I do now, but not always. I assume my router helps enough as it is, but even before the router I didn't have the need.

What router you have? I'm asking 'cause I'm interested in one of those animals ... thanks

Can anyone point out other good routers with firewall? I'm interested in moving from software firewall to hardware one ... thanks

 

[n0cmonkey]

Originally posted by: b4u

Originally posted by: malak

Originally posted by: Zap Brannigan
Malak; do you have a router?

Many routers double as hardware firewalls.

I do now, but not always. I assume my router helps enough as it is, but even before the router I didn't have the need.

What router you have? I'm asking 'cause I'm interested in one of those animals ... thanks

Can anyone point out other good routers with firewall? I'm interested in moving from software firewall to hardware one ... thanks

All firewalls are software.

 

[n0cmonkey]

I've never been hit by a car crossing the street. I got hit in a parking lot once, and it hurt, but that was my fault. I don't bother to look both ways before crossing the street, why bother? They don't gain anything by hitting me, so I can't imagine them doing it.

 

[drag]

Most any home style NAT routers provide decent protection.

 

[Uppsala9496]

DI-604.
And yes, on a "test" machine I was attacked in a matter of seconds without a firewall. Had an old pc with ME on it that I hooked up to see how long it would take for me to get attacked. It was amazing to see a virus pop up right away.

 

[Nothinman]

We installed firewalls here after nimda, that virus just walks in unless you have a firewall. (walked, aint really around anymore I think)

nimda is far from gone, what do you think all those cmd.exe attempts on my web server are?

 

[mechBgon]

Originally posted by: malak

Originally posted by: Nothinman

Point out one thing on my computer that links to any of that. One thing that will allow them to access any of it. I've done every single thing you've listed.

The next IE bug that hasn't been uncovered yet. It's not like you know when one will pop up and you can't guarantee you'll have the patch installed before an exploit is put on some webpage.

And drag's point was that if you've ever used online bill pay, bought something via ebay, etc then there is personal information on your machine that someome might like to get their hands on, not that those specific actions open you up to exploitation.

But where is this so-called personal information that supposedly sits on my computer waiting to be stolen? And I don't use IE, so any IE bug won't affect me.

If your credit-card number and associated info is picked off by a keystroke logger, I believe you'll be...
 :light:
:Q

 

[Malak]

Keystroke loggers will be hard pressed to pick anything up from me.

 

[Andres3605]

I have something to say, if I plug my PC to the network and do a format, by the time I was done with the installs, my computer was already infected with many viruses, including blaster, I learned this in the hard way.

 

[mechBgon]

Keystroke loggers will be hard pressed to pick anything up from me.

You never type your credit-card number on your keyboard? Do you construct it in Character Map with your mouse, or are you saying you don't ever buy stuff online?

Anyway, here's a pic I captured a while back showing my ZoneAlarm firewall's intrusion report, might be of interest to you: screenshot

And that's on dial-up

Basically, I see you saying you are great with no firewall, and yet you have a router that is functioning as a firewall. So what you are really saying is, you don't need a firewall running on your PC because your router's firewall is doing its job well enough. Take the router out of the picture, plug the PC straight into the modem, and now you really will have no firewall (unless your modem happens to have firewall functionality itself).

 

[cmv]

It's really simple:

1) Behind NAT? Go to a command window and type "ipconfig" -- what is your IP? Is it 10.0.x.x? Is it 172.16.x.x? Is it 192.168.x.x? Congrats, you are behind a device performing Network Address Translation (NAT). Basically, it lets your 1 IP from your ISP be used by a number of PCs behind the device. Due to the way it works, it also blocks all incoming requests unless specific rules are in place or there are tweaks for certain applications.

2) Not behind NAT? If you're running Windows, you need a firewall. Even if you're running something else it is a good idea to have in place. Potential reasons why:
- you or a guest are too clueless to disable windows print/file sharing
- you're computer has not been updated at windowsupdate.microsoft.com
- there is a new exploit found and you have not updated your computer or Microsoft has not released a fix

 

[Nothinman]

It's really simple:

Not really. A lot of software these days uses the Internet for something and the only way to manage what is allowed to get out and what's not is what a piece of software on your machine, a NAT device will only protect you from external threats and even then it's possible that your device could be broken into and used as a jumping off point to the rest of your network. Sometimes the first clue someone gets that they have spyware on their machine is a popup that says something like "gator.exe wants to access the network, allow it?" and if you don't have any software to give you that message your NAT device will happily pass the traffic.

 

[alm4rr]

Hardware to keep people from poking around and zonealarm to inform me when software wants to connect

 

[JackMDS]

While reading this threat I was thinking.
It is very interesting, in old days ignorance use it evoke sense of religion mystic and respect.

Today Ignorance seems mainly to evoke unsounded sense of security.

I.e. you need.

NAT firewall - Any Cable/DSL Router (Goes as low as $10).

Software Firewall - Kerio Free.

Antivirus Protection - AntiVir Free.

Adware protection - Ad-Aware Free

Spy Guard/Cleaner (BTW. Tomorrow Microsoft is supposed to release beta of a Spy Cleaner).

You probably do not need most of it if you only use to Internet to be on AnandTech BBS.

But you do need it beyond.

:sun:

 

[Malak]

Originally posted by: JackMDS
You probably do not need most of it if you only use to Internet to be on AnandTech BBS.

We have a winner!

I make my own rules for what sites to visit and not visit, among other things. Which has kept me clean, very clean.

 

[n0cmonkey]

Originally posted by: malak

Originally posted by: JackMDS
You probably do not need most of it if you only use to Internet to be on AnandTech BBS.

We have a winner!

I make my own rules for what sites to visit and not visit, among other things. Which has kept me clean, very clean.

You forgot some parts of his post. You know, the important parts.

I think most Win32 based firewalls are probably just buggy software on top of buggy software. Probably introduce more problems than they solve.

 

[oog]

even if you believe you have no sensitive data on your computer, you should still try to protect it to prevent it from being used as part of a distributed DOS attack.

 

[Gentle]

I've been using the personal (not Pro) version of ZoneAlarm since I have been a DSL user. That has been 4 years.

A firewall is sort of like having a doorman at your front door, with a set of rules on who can come into your house.

A firewall also will alert you when a strange program that you don't know what it does is attempting to access the internet. (Recently downloaded some cute game and didn't know it came with an adware app? Now you do.)

Gentle

P.S. It is absolutely vital you run a firewall if you have a broadband connection. People that want free bandwidth love to try and steal these kinds of connections. (Spammers are one of them...)

 

[madthumbs]

I remember the good old days of BlackICE and ZoneAlarm. Both of these pos's caused instability. Went 6+ months without NAT or firewall on cable modem with absolutely no problems. I banked online with a 4 digit "almost as easy to guess as my name" password, I bought stuff with credit card (which we're only liable for the first $50 for), I pissed off a few wannabe techies, and had the most stable computer I know of which was before the spyware boom.

Now I am behind a NAT, and a software firewall (Sygate, BitDefender, and XP2 all seem stable). I didn't switch as a result of any issues though. I switched because my xbox and laptop wanted a router, and I finally found a decent antivirus that happened to come with a firewall that blocks outgoing which comes in handy.

Conclusion: If you're not getting the right stuff, you're likely to just cause more problems than you "might" prevent.