Firewalls

[lavender]

I have had 409 high rated hits on my firewall in the last few days. This is completely separate from the paranoia on lit. I am not trying to say that a single one of these came from the board, for I have no clue.

I'm actually concerned about my computer's security. Should this number of high rated hits - that doesn't include 2700 regular hits -concern me? What can I do about this? What makes a hit high-rated?

 

[DarkAngel]

Lav,


Your firewall will pick up every website you visit, it will also pickup your own computer sending out information to your ISP provider to insure you keep a connection. Your Isp provider may ping you throught out the day to see if you are still logged on.

Explore (not interne explore) if set to view as web page will cause you firewall to react.

The cause of you firewall bouncing around like that can be anything. But it can not be given proper notice unless it is looked at and seen where and what the ips are trying to do.

If you would like that pm me and I send you an email to send the log to.

 

[lavender]

Would those be high-rated though?

Do you know how I can find out which ones were high rated?

 

[sheath]

Lavender, I hope you don't mind...I'm not trying to hijack your thread! But I have a question that goes right along with yours, although it is much more basic.

I don't even know if I HAVE a firewall on my computer. My system is very basic and I haven't paid much attention to security, because...well, I don't have much to actually keep secure, LOL.

Can someone recommend a good firewall program? And maybe guide those computer-illiterate of us into the world of where to find them and exactly what they do?

Thanks!

S.

 

[KillerMuffin]

www.zonelabs.com

There's a nice, free firewall. Scroll down a bit, I believe it's on the right.



And no, unless someone else put it there, you're computer is wide open.

 

[DarkAngel]

Would those be high-rated though?

Do you know how I can find out which ones were high rated?

High-Rated pings, fingers, whois.. etc.

Are determined by where they are directed at.

 

[sheath]

www.zonelabs.com

There's a nice, free firewall. Scroll down a bit, I believe it's on the right.



And no, unless someone else put it there, you're computer is wide open.

MUCH thanks, darlin'.

S.

 

[miles]

If you have a cable or DSL-type connection and don't have a firewall, it's like leaving all your doors and windows open and having a flashing neon sign in your front yard inviting everyone in.

 

[Texan]

several months ago, someone posted a link to a company website that will check your computer to determine how secure your internet connection is. At the time, I went to the website and ran the test. But that was on a different computer and I didn't save the link. Does anyone have that link?

Thanks in advance.

 

[bluespoke]

several months ago, someone posted a link to a company website that will check your computer to determine how secure your internet connection is. At the time, I went to the website and ran the test. But that was on a different computer and I didn't save the link. Does anyone have that link?

Thanks in advance.

I think the thread was from Dillinger. You might try sending him a PM.

 

[KillerMuffin]

www.grc.com

There ya go, Texan

 

[Texan]

www.grc.com

There ya go, Texan

Thanks KM.

And thanks Blue for the general direction.

 

[Guest]

 

[miles]

Keep in mind that website is run by the company selling their software. There are other tests out there as well.

BTW, if you have Windows 2000 it has its own firewall.

 

[PinkOrchid]

 

[Guest]

Keep in mind that website is run by the company selling their software. There are other tests out there as well.

BTW, if you have Windows 2000 it has its own firewall.

Any of the other recent Windows versions?

 

[Ishmael]

Lavy,

Generally speaking UDP attempts to access NetBIOS are potentially the more dangerous attacks. These are attempts to directly access your hard drive in particular.

Most port probes are relatively low level (Med. on Zone Alarm) and are people looking for shared music files etc.

As you scroll through your log you can hilight the high level attempts and at the bottom of the screen you will be given more information. Including the DNS of the IP attempting access to your computer. You can also click on the "more info" button to get an explanation of what the attempt was about and the potential consequences of a succesful entry to your computer.

Ishmael

 

[Freya]

Almost all of the ones on my log are UDP protocol. Including the ones from my isp.

 

[Bob Waters]

FYI The Windows ME/XP Firewall is pretty basic and only stops incoming attacks - if you've gotten hit with a trojan like Back Orifice it won't stop the lil bugger from communicating your sensitive data to the world.

Consider Black Ice - a very effective firewall program for about $50.

 

[ShyQuietGal]

Free firewall at sygate.com its over 4 megs of a download but well worth it. After you download it and its up and running go do a test at the site KillerMuffin posted. It shows that the firewall makes a big differance.

 

[miles]

Almost all of the ones on my log are UDP protocol. Including the ones from my isp.

I'd like to bury my face between those ISPs.

 

[Freya]

I'd like to bury my face between those ISPs.

Hush! I was actually hoping to get some real help, but I guess I dont' rate.

 

[LukkyKnight]

Hush! I was actually hoping to get some real help, but I guess I dont' rate.

~LOL~

OK, two points - maybe three. First, Zonelabs and BlackIce and their peers are not actually firewalls, they are just sort of firewall-like. A firewall stands outside your box and mediates traffic in both directions so your main computing won't be overwhelmed even by a concerted attack. You can add such a device fairly cheaply these days, flip through a dell catalog or whatever.

Second, the "high" hits in your log are probably mostly attempts to probe the commonest hole in a Windows box, port 137 - if you find it responding, which the windows native firewall often leaves possible, then somebody knows your machine is not very secure and will possibly try further things to see if invading you is possible.

Lastly, not to sound too paranoid, but all these firewall-esque products want to tell you they're helping, so they tell you it's ok, I stopped it for you, but what about what they DON'T stop, hm? The flipside of this is you're really not terribly interesting to a true security cracker type, you don't have interesting data on your machine, so MOST of the visits are sort of knocks on the door to see if there might be some fun to be had by some kid in college (or high school) who's downloaded a bunch of scripts from a hacker-site... and consequently they really aren't all that scary unless you have NO protection at all.

So, by all means, if you won't put up an actual firewall, get ZoneLabs or BlackIce and learn what it's doing and you WILL be safer.

 

[islandman]

How does one access this log?

 

[HeavyStick]

How does one access this log?

Prunes,