Just close Port ???...

[Caveman]

About 2 years ago, I remember a thread either on the hardware or network forum that debated the ills of using virus software...

There were two groups of folks: those who used virus scanners, and those who didn't...

The folks who didn't use them (because they slowed their machines, didn't work right, etc...) claimed that the way to keep out viruses was to shut down the ways they "come in"...

What would be the right port(s) to stop virii and how does one set those ports open or closed?

 

[oynaz]

No offence, but you obviously do not have the technicals skills needed to "shut down the ways they come in". Get a virus scanner, AVG or Antivir are good.

 

[Caveman]

Well... Sorry if the post was a bit vague; going from memory here when I built the signature rig a few years back... I did in fact do the "ports trick" (whatever it was), and operated a month or so in that way 9without issues) until something prompted me to go with AVG (IIR, I think it was just paranoia, not a real attack)...

Anyway, wondering whether anyone here remembers that thread/discussion or can gt me headed in the right "shutdown ports XYZ" direction. I've got another rig I just finished and want to do some experimenting port configurations, etc...

I guess you didn't like the sound of "the ways they come in"... LOl... Yeah sounds a bit mal informed... But... I'm confident that once the info is put before me, I'll understand how to intepret it... the key here is getting that info :0

 

[Narse]

port 80 is http traffic, shut that down and you cannot open web pages.

 

[Caveman]

Okay it's not Port 80... LOL, the first response seems more funny all the time... Title changed...

Still looking for port advice...

 

[The Boston Dangler]

it's possible to embed a virus in .mp3, .avi, .doc, .jpg et cetera. which ports would you close for those?

 

[Caveman]

double post...

 

[Boyo]

Just get a virus scanner. It'll do you some good.

 

[oynaz]

Originally posted by: The Boston Dangler
it's possible to embed a virus in .mp3, .avi, .doc, .jpg et cetera. which ports would you close for those?

Seems like the OP is not the only one with a shaky grasp of computer networking ;-) Closing unneeded ports are very important when securing against hacker attacks, but does not have direct influence on virus attacks (This is a bit simplified).

Read a bit about it here: http://en.wikipedia.org/wiki/TCP_and_UDP_port

But I can only repeat my advice. If you are in doubt, get a virus scanner.

 

[mechBgon]

Originally posted by: oynaz

Originally posted by: The Boston Dangler
it's possible to embed a virus in .mp3, .avi, .doc, .jpg et cetera. which ports would you close for those?

Seems like the OP is not the only one with a shaky grasp of computer networking ;-) Closing unneeded ports are very important when securing against hacker attacks, but does not have direct influence on virus attacks (This is a bit simplified).

Read a bit about it here: http://en.wikipedia.org/wiki/TCP_and_UDP_port

But I can only repeat my advice. If you are in doubt, get a virus scanner.

/me discretely slips some fresh batteries into oynaz's sarcasm detector

Caveman, if you want to enhance security, start by

1) using a router between your modem and your computer.

2) use a software firewall such as the Windows Firewall :camera: to further shield the computer from attacks from the outside.

3) keeping your software updated to eliminate vulnerabilities. That means you (a) enable your Automatic Updates :camera: and (b) update your other software, using this checkup for example (uses Java Runtime Environment (JRE) 6, install if you have no Java yet).

4) fully enable Data Execution Prevention by right-clicking My Computer, choosing Properties, and doing what's shown here :camera:.

5) do not mess with warez, cracks, serials, etc EVAR.

6) set yourself up with a non-Admin account so that there's no ammo in the gun even if the bad guys do manage to swipe it If you have Windows XP Professional Edition, or Vista Business or Vista Ultimate, then you might as well finish the job by adding a disallowed Software Restriction Policy.


Yes, and use an antivirus software such as this one. Combined with the stuff I listed above, that pretty much leaves the keyboard-to-chair interface as the weak link in the computer security.

 

[ShellGuy]

The only way to keep viruses out is not to get them in the first place, which is not opening things that unknown people send you and getting a good and low hog anti virus scanner..


Will G>

 

[mechBgon]

Oh, and to address the original question: no, you cannot stop malware en masse by closing ports. If it were that easy, then a lot of computer security guys would be out of a job. There's growing families of malware that can spread themselves using USB thumb drives, and even add themselves to burned CDs, to name one complete bypass of all network security. Put in the infected CD, or plug in the infected USB drive, and now you'd better have antivirus and/or be running non-Admin.

Filtering out malware at the perimeter isn't a bad idea, of course, and that's part of the reason for products like ISA Server, Fortinet Fortigate appliances, and other such products.

ZoneLabs did come out with a low-budget router that has active antivirus filtering: Z100G Secure Wireless Router, $150 and I believe you must purchase updates every year to keep the antivirus up-to-date.

I don't know what antivirus engine they're using in there, and would consider it an additional layer in my defenses, rather than a replacement for them. My Internet Service Provider has a Fortigate, and it detects a few of the viruses that I hunt for (Zlob and DNSChanger mostly), and even some spyware/adware like CometCursors, but it lets a lot of them through unhindered, so don't get to thinking that an antivirus "appliance" is a sure-fire solution by itself.