• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Get a damn firewall !!!!!!!!!!!!!!!

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
<< Thanks for the advice. I use Blackice! >>

Little does he know that BlackIce is the worst software &quot;firewall&quot; on the market.

My advice to the rest of you...get a hardware firewall. They don't take up system resources and they are *highly* customizable. Of course, if you're not into that, then just stick with ZoneAlarm, but anyone who wants to learn about what the firewall actually does and how to modify it to your needs -- a hardware firewall is for you. They can be had very cheap nowadays, usually inside a hardware ICS router (SMC, Netgear, Linksys, etc)
 


<< BlackIce isn't a firewall?? What does it do then? >>


No it's most definately not. It doesn't do much IMO. Even BI execs when asked why ZA caught traffic and BI didn't, admitted that it's not a firewall.
 
You know what, come on in....your all welcome to visit my computer and steal whatever info you like.....you won't find much though, I mean nothing valuable.

My computer connection is a big gaping hole...you could stick your fist in it...please do, I don't mind at all.




The Gaping One,

Hans😀
 
<< My Blackice catches a lot. >>

BlackIce doesn't catch traffic going out. Maybe it should be called &quot;BlackIce Half Firewall&quot;
 
I don't like ZA because I have to shut it down whenever I play an on-line game.

Open the ports for the game then.

Surely it provides support for that?

Viper GTS
 
<< theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections >>



Are you new?

enlighten me. how can you instal someting on somebody elses comp via the net or lan?
 


<< << theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections >>



Are you new?

enlighten me. how can you instal someting on somebody elses comp via the net or lan? >>

Good computer setups wouldn't accept random connections. If it does you're already fux0red (excuse my french).
 
Speaking of ZoneAlarm 2.6...

I'm still using 2.1.25, is there any real reason to upgrade? If it uses any more resources then I'd rather not upgrade unless there are new features I really need.
 


<< how can you instal someting on somebody elses comp via the net or lan? >>



Duh. It's called file shares. If you have port 139 open (NetBIOS), and have unprotected shares while having TCP/IP bound to file and print sharing any hacker worth his salt can log in to your system and install anything he wants.

Russ, NCNE
 
Duh. It's called file shares. If you have port 139 open (NetBIOS), and have unprotected shares while having TCP/IP bound to file and print sharing any hacker worth his salt can log in to your system and install anything he wants.

for a second there i thought you knew something i didnt. theres a BIG difference between coping a file to somebodies hard drive and executing a file on somebody's computer. so try again.
 
Are you REALLY that dense? If the hacker can login to your share, he can do EXACTLY the same things you can do from your own keyboard, including planting trojans and executing files.

Russ, NCNE
 
Wow, i just read that article on GRC.com, quite interesting. Anywaz, zonealarm is very good, and i recommend it to all who don't want to pay for a firewall, lol.
 
If someone is going to DoS you, there is nothing you can do about it.
If someone wants to shove 100mbit down your throat for hours, a piece of software will do nothing to protect you from it.

 


<< Are you REALLY that dense? If the hacker can login to your share, he can do EXACTLY the same things you can do from your own keyboard, including planting trojans and executing files.

Russ, NCNE >>



Well, IMHO it's not just a clever act. So draw your own conclusions 🙂
 
SammySon,

The point of the personal firewall is not to prevent becoming a victim of a DDoS attack. You're correct that if it happens, one is screwed.

The point is to prevent becoming part of the first &quot;D&quot; in DDoS.

Russ, NCNE
 
umm I don't think my 14.4 dailup will do much damage 😛


I really don't think these people are hax0rs more like Crackers :&quot;
 


<< SammySon,

The point of the personal firewall is not to prevent becoming a victim of a DDoS attack. You're correct that if it happens, one is screwed.

The point is to prevent becoming part of the first &quot;D&quot; in DDoS.

Russ, NCNE >>



Exactly. If every machine were adequately protected there would be no first &quot;D&quot; therefore no real effective DoS attacks.
 


<< If every machine were adequately protected there would be no first &quot;D&quot; therefore no real effective DoS attacks. >>



What you all have to understand, is that &quot;adequate protection&quot; doesn't mean simply putting a firewall in place. Networks with many layers of security still expose services, otherwise they wouldn't be on the internet to begin with. So long as these services are exposed, any given network is at risk.

To inundate windows boxen, a service need not even be running. You can launch a DoS attack against a windows box even with a firewall in place. So, with that in mind, get yourself a non-software firewall, put it on a different box to provide a level of indirection between yourself and any potential attacker, and understand that if someone really wants in, they'll find a way.
 


<<

<< If every machine were adequately protected there would be no first &quot;D&quot; therefore no real effective DoS attacks. >>



What you all have to understand, is that &quot;adequate protection&quot; doesn't mean simply putting a firewall in place. Networks with many layers of security still expose services, otherwise they wouldn't be on the internet to begin with. So long as these services are exposed, any given network is at risk.

To inundate windows boxen, a service need not even be running. You can launch a DoS attack against a windows box even with a firewall in place. So, with that in mind, get yourself a non-software firewall, put it on a different box to provide a level of indirection between yourself and any potential attacker, and understand that if someone really wants in, they'll find a way. >>



Yes, the point is.. DoS attacks arent particulary effective or troublesome (especially against larger networks). Its the DDoS (as Russ pointed out) that are the killers. Remove the pawn machines (or 'bots' in l33t hax0r lingo) and you dont have much of an attack.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top