Poll: Everyone Is Concerned About Network Security. How Often Have You Experienced be-attacked?

[TBP]

I've seen firewall, router, and etc are hot topics on this forum. While no doubt about it this is a good pre-caution, I'm wondering how many of you, and how often, have you been attacked over the network? This could be a good reference to those who are in the market of a software and/or hardware security device.

1):| Daily
2):frown: Weekly
3) Monthly
4) Only once or twice so far
5) Never

Edit: De-cap(italize) to eliminate confusion.

 

[LIBERTYorDEATH]

It varies, 1-2 times most months, but over a dozen in January before I beefed up some security holes(no more damn ICQ pinholes for my office partners). Oddly enough, I got attacked 5 times in january from Romania. Socialist euro-trash punks.

 

[spidey07]

all the frickin day.

port scanned, RPC calls, malicious pings, SYN attacks.

Look at your firewall logs and you'll see.

 

[spidey07]

or are you talking about a specfic attack labeled "Be-Attacked"?

Maybe i misunderstood.

 

[Eug]

For a while, approximately 35 times per day on average on Sympatico DSL. I'm now on cable but I haven't been keeping logs anymore so I don't know how many for cable.

Edit for me too. What is "Be-Attacked"?

 

[Shmorq]

Are you guys serious? I'm using cable, and I've had a running log going on for nearly a year now, and I've only had 2 attacks and that's when my cousin tested out my setup.

It may have to do with the kind of firewalls you have. Some only deny access while others completely hide your computer so it can't even be attacked.

 

[wnied]

Shorq

What Are you using? I use Zone Alarm. I REGULARLY get hit by P.O.S. in Germany, Romania, UK and various states in the U.S. I dunno how they know my IP addy, but Zone Alarm Rings off the hook when I leave the alert me option on. I have since upgraded to ZA pro and have less attacks, but I am scanned, pinged and sniffed DAILY.
My mother has had this cable modem for more than three years now, and only recently (within the last year) have I installed the firewall for it.

wnied

 

[Eug]

Yes I'm serious.

Well, most (but not all) of my "attacks" are viruses on my ISP's network just sniffing my ports. It irrelevant whether or not my computer was hidden (it was) since these viruses just poke around to see which ports are open, and just go through the range of IP addresses sequentially or randomly. Many are also repeats every few days. People on DSL and cable often are not using firewall software, and yet still leave their shares open, etc., and hence easily get infected.

Actual intentional attacks from people have been pretty rare for me though, but they do occur, including a few from the US and from Europe I believe.

However, for obvious reasons, now that I'm behind a router the number has gone to ZERO on my firewall software.

 

[todays]

I am locked down tight - My machine is not even pingable, but I get port scans and such at least once or twice a day. Some pretty agressive people lately. I had someone yesterday sit and scan ports for about 5 minutes. lol. I'm sure they are scanning ramdom IPs for open ports and such.

 

[Shmorq]

Hey wnied,
I use a hardware firewall, the WebRamp 700s. I got it before companies like LinkSYS and Netgear came out with similar products.

When I get home, I'm gonna re-check the settings that I setup my router because now that I think about, I should've been hit quite a few times since @Home allegedly scans their networks to look for illegal web servers and stuff like that...

 

[Fallen Kell]

Before I stopped logging, I had over 28,000 pings/scans/RPC/telenets, etc (this was over the course of 7 months). I was also hit SEVERELY several days before the huge DoS attacks against Yahoo, MS, etc. that happened last year (severely as in 500 access attempts in one day). At the time I was using BlackICE.

I am now using a 2 tiered system, with a hardware firewall, and BlackICE. The hardware one is set to only allow packets through on ftp, http, and RCP ports. BlackICE is blocking the RCP ports completely, and allows only select people through on the others (I run dual boot with LINUX and I use the RPC ports to mount some remote system data). In linux I just started using the firewall that comes standard with Red Hat 7.0.

 

[Shmorq]

I have my log on my router to detect attacks, and so far, the only one I got was one IP Spoof in the last 2 months... Other than this, the rest of my log only shows dropped TCP connections and UDP packets dropped.

I don't know if this is test is reliable, but this link tests your computer's security...

 

[spidey07]

shmorg:

those dropped UDP/TCP packets are people knocking on your door and trying to get in.

 

[jsm]

I get DOS attacks on a daily basis. I run a DNS behind a firewall at my apartment and people love trying to take me down. People attempt to telnet to my servers, people try to use my mail servers as relay hosts, and I get tons of port scans daily. It doesn't help that I run a rather controversial web site at my place (anti-religious).

They have yet to be successful, thankfully. My firewall is pretty good at keeping them down.. for now. I am sure they are going to find ways through it sooner or later.

 

[Shmorq]

Thanks spidey07...
So that's why all those packets were dropped since my router/firewall rejected them. That means that in the last 2 months, there have been over 200 attempts at getting to my computer... I wonder how much of it is @Home policing their networks and how much of it is people with a little too much time...

 

[Eug]

<< I wonder how much of it is @Home policing their networks and how much of it is people with a little too much time... >>

My guess is neither, but rather automated programs (incl. viruses) that just poke around everywhere.

 

[Mr.Diggler]

This is only an issue for people on broadband type connections, right? I remember hearing that those of us stuck with dial-up still are not subject to such attacks...true?

 

[macssuck]

People on Dial-up are attacked when I was using a regular dial-up(I use my as5300 at work now which sits behind a PIX box) I would get port scanned daily and various other attacks so dont think you are safe on a modem.

 

[Staver]

I'm with @Home, and currently average 12 attacks/day. That's up 7 attacks per day since early January 2001 when @Home made excuses for the abuse by their users. Insulting the efforts of the small number of us who research and report these people. Now, we do nothing but block and log. We found other things to do with an extra hour each day. On average @Home will scan you for nntp and http services about once each 36 hours, but it's staggered.

 

[trend]

hm... i am an @home user and @home portscans me 4 times a minute at the least.. besides that maybe 4-5 attempts a day average..

 

[Toro 45]

How do you check to see if your being scanned or attacked?
I'm using ICS with @home &amp; Zone Alarm on my server.
Thanks,Toro

 

[jleon]

ZoneAlarm generates a log file which you canse peruse.