Firewalls

[KillerMuffin]

If you don't have one, get one. Norton and McAfee make them, though I don't like them. Black Ice is another good one, but you should learn how to use it.

http://www.zonelabs.com/ has a very good free firewall to residential users. Extremely good.

Go to http://www.grc.com/ and take the shields up test. You'll see exactly why you need to have a firewall or where yours is substandard. There is a test there where they probe your ports and see what sort of things are leaking out.

The reason I bring this up is because someone we all know and love just had their computer hacked into and the hard drive was wiped clean. Why? Because the firewall was dropped long enough to download something. You HAVE to have a firewall between your computer and the internet. It's one of the ways to protect your computer. You have a front door, you have to have a firewall too.

The wiped hard drive held a few incomplete stories, and those are irreplaceable.

[Edited by KillerMuffin on 05-01-2001 at 09:18 AM]

 

[GuyJD]

FUCK McAFEE

I have the McAfee "Nuts & Bolts" and that shit ate up all of my files. Somehow my Windows 98 stayed in DOS mode and I couldn't do anything with my computer. I had to re-boot and I haven't used McAfee again. So far, everyone I've spoken to have had the same problems with McAfee. So I stick to my Norton Anti-Virus.

 

[Mistress]

Black Ice is a good choice.

 

[indyweasel]

Blank Ice is very good. If you use IM's you have to very careful with the firewall software. Some firewalls wont let IM's work either.

 

[Guru]

 

[Dillinger]

Re: FUCK McAFEE

I have the McAfee "Nuts & Bolts" and that shit ate up all of my files. Somehow my Windows 98 stayed in DOS mode and I couldn't do anything with my computer. I had to re-boot and I haven't used McAfee again. So far, everyone I've spoken to have had the same problems with McAfee. So I stick to my Norton Anti-Virus.

Guy - just to make sure we're clear about what's being discussed. Not Anti-Virus but Firewalls. You NEED both - especially if you have a Cable Modem.

Personally I like Symantec (Norton) Personal Firewall as a good choice for a software firewall HOWEVER...

I highly recommend that people get a hardware firewall. You can buy a ROUTER/FIREWALL/ETHERNET HUB combination these days for around $100 I think.

Just like the software version make sure you read ALL the instructions carefully. You need to configure these things properly if you are to have the level of protection that you need. This means making sure that any ports not required are closed. AND - you have to keep the firewall ON for it to work. The solution to the problem that KillerMuffin mentions one of our own just encountered is not to turn the firewall off but rather to only open those ports required for the particular download.

Everyone should have a firewall but... anyone with a cable modem who doesn't have a firewall is basically begging to be hacked.

 

[Tabby432]

firewall?

What is it?
Do I need one?
Is Black Ice the one to get?
I have aim and MSN IM's, is that a problem?
And lastly, who wants to hack into my computer??

 

[DevilMayCare]

I'd appreciate some guidance. I have a MacIntosh and the sites KM refers us to is for Windows Users. Can anyone direct me to a similar service for Apple products. My friend who helps me with computer related matters assures me I needn't worry about being targeted because most viruses and probes are designed to work on Wintel products. Comments, suggestions.

KM - Nice to read your post and see you on the board.

 

[Dillinger]

I believe Symantec makes a Mac version of their firewall - http://www.symantec.com

For what its worth - Macs are hacked considerably less often than Windows - but don't get smug about it - it can still happen. Likewise there are lots less virus' rampant on the mac platform - but the do exist.

The site KillerMuffin recommends to test your security is excellent - I've recommended it to both friends and clients... Does it not give reports for a mac as well?

https://grc.com/x/ne.dll?bh0bkyd2

 

[DevilMayCare]

Thanks Dil. I visited the site and invited it to test my computer. This is what I got on the shield test -

Please Note: On highly secure systems this may take up to one minute. . .

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

I don't know whether I'm actually secure or that the test doesn't recognize weakness in a Mac. I'm running OS 9.04 which is supposed to be very secure, but what do I know about these things.

The ports check reported all ports closed and told me -

Closed

"Closed" is the best you can hope for without a stealth firewall in place.

Anyone scanning past your IP address will immediately detect your PC, but "closed" ports will quickly refuse connection attempts. Your computer might still be crashed or compromised through a number of known TCP/IP stack vulnerabilities. Also, since it's much faster for a scanner to re-scan a machine that's known to exist, the presence of your machine might be logged for further scrutiny at a later time — for example, when a new TCP/IP stack vulnerability is discovered.

Fascinating! Thanks for the help.

 

[Dillinger]

Macs are - out of the box - considerably more secure than Windows machines. Always have been. You seem in pretty good shape. The NetBios thing is specific to Windows.

Still wouldn't hurt to get a firewall - since nothing is foolproof you can't be too cautious. If you can't find a software firewall then get a hardware firewall like I recommended above.

I'm running several computers at home behind one hardware firewall. This includes a mixture of Windows systems and Mac systems.