how to protect my comp on broadband internet? (1 Viewer)

[Seungsoo Hwang]

I used dial up 56K forever at home but now that I'm at college I get the nice fast internet here. I hear that your computer is a lot more vulnerable in this case, so what can I do to protect my computer from would-be hackers and such, and is it really neccessary?
thanks

 

[Eric Samonte]

Not really. If u keep ur comp on at all times, maybe. But them again, hackers only hit high profile systems like federal sites and stuff. Nothing much to gain if they waste their time getting into our PCs.
Now if u go and start taunting these guys, maybe u should be more careful if not wiser not to do it in the first place.
------------------
Eric Samonte
Dito sa Pilipinas..may Hom Tiyeter rin kami!

 

[Kevin P]

I disagree. If you're on an "always-on" Internet connection you should have some sort of firewall on your PC to keep out hackers. They don't just hit high-profile sites--many "script kiddies" will scan entire ranges of IP addresses (especially those allocated to broadband providers) looking for vulnerabilities to exploit. For example, you might get the SubSeven trojan on your system, say by inadvertently downloading it off of a web site. Hackers scanning your IP will find you have the Trojan, and can use it to gain access to your PC, and use it as a jumping-off point for other hacking.
I have a firewall on my broadband cable-modem connected PC, and it logs approximately 100 "attacks" per day. Most are machines infected with the Nimda worm, looking for other machines to infect. Others are script kiddies with SubSeven looking for machines to exploit.
Zone Alarm, Black Ice, and Norton Internet Security are just some of the personal firewall programs you can get today. In addition, these products often have useful features like cookie and pop-up ad blocking.
I would also invest in anti-virus software and keep it up to date. Many of the security companies sell bundled antivirus/firewall packages--Norton Internet Security is one example.
Also, in a college environment there may be some students who may try to hack into other student's PCs. A firewall will help you keep them out, as well. You don't want someone stealing, or deleting, the research paper you spent a month on!
KJP
[Edited last by Kevin P on October 24, 2001 at 02:50 PM]

 

[Joel Mack]

I'm with Kevin, and no offense Eric, but you're living in Fantasyland.
I use Norton Internet Security on my home PC connected to a cable modem, and I log numerous "attacks" daily...
------------------
"The internet is a place where people from all over come together to
bitch about movies and share pornography."

 

[Gordon Moore]

Seungsoo Hwang
Completely Free Firewall software:
==================================
ZoneAlarm (probably the best out there)
TinyFireWall
Completely Free Antivirus Software:
===================================
http://www.kaspersky.com
sites to test how they're working and do tweaking
================================================= www.grc.com www.symantec.com
Even 56k modems get pinged. If you are connected you should have a software firewall up at the minimum.
[Edited last by Gordon Moore on October 24, 2001 at 03:06 PM]

 

[Steve Owen]

I HIGHLY recommend two things...
1) hardware based router/firewall. I use a Linksys BEFSR41 Cable/DSL router. Other similar boxes exist.
2) ZoneAlarm ZoneAlarm ZoneAlarm. It's the best software firewall I've found.
Before I got the hardware firewall (used to share multiple PCs on the same cable modem... the firewall was a bonus), I was STUNNED at the number of intrusion attempts that ZoneAlarm was catching. I'm sure most all were just script kiddies with port scanners running, but still it was frightening.
I assume you're running a Windows PC, correct? You should also run down the instructons at http://grc.com/su-fixit.htm . Steve Gibson is a self-proclaimed security expert. Some in the field think he over reacts to this stuff, but I found the information on his site helpful nonetheless.
Bottom line... I completely disagree with what Eric said. Once you look at the ZoneAlarm logs on a machine that's connected to broadband w/o a hardware firewall, you will take this stuff VERY seriously. It's stunning to me how many people plug their PC into a broadband connection without even thinking twice about this stuff.
-Steve

 

[Bill Catherall]

I use Zone Alarm with my cable modem connection and I too log at least 100 port scans every day. There must be some infected computers on my network because ever since the SirCam worm hit a few months ago, the "activity" light on my modem blinks constantly. Even when the computer is off. That's when I downloaded Zone Alarm.
One thing I noticed on college campuses is that most students are sharing their entire hard drive without even nowing it. I used to set up students on the dorm networks. I was just browsing through the Network Neighborhood one day to see what kinds of things people were sharing and came upon one student who was sharing his entire hard drive. I looked up his information and discovered that it was someone that I had set up a few weeks before. But whenever I did installations I always turned off sharing. I called him up and told him to turn it off because his entire hard drive was offering FULL access to the entire campus (that means people can delete things too). He told me he turned on sharing so he could share some things with a buddy, but didn't really know what he was doing. He wasn't the only one that I've found. Turning off sharing will at least stop the "honest thief." But there are other ways that wanna-be hackers will exploit your system just in the name of fun. Why do they do it? Because it's there and they can.
------------------
Bill

 

[Denward]

I've been doing a lot of research on this lately because I'm getting ready to put a wireless network in my home with an always on DSL connection Here's a good site with lots of references to other useful sites: http://www.firewallguide.com
Of course in my case, I also have to consider the security of the wireless transmission (i.e. someone tapping in BEHIND the firewall).

 

[Steve Owen]

I use Zone Alarm with my cable modem connection and I too log at least 100 port scans every day. There must be some infected computers on my network because ever since the SirCam worm hit a few months ago, the "activity" light on my modem blinks constantly. Even when the computer is off. That's when I downloaded Zone Alarm.

It's "code red" and "nimda" that are responsible for the bulk the port 80 scans as of late. The reason your activity light keeps blinking is that infected systems are sending ARP (address resolution protocol) and IGMP (internet group management protocol) broadcasts to the entire local subnet. Not much you can do about it.
-Steve

 

[Denward]

Steve,
I've read the article (and others like it). I'm actually going to use the HomeRF 2.0 product from Proxim. It appeals to me because it's supposed to be less affected by interference from microwave ovens, cordless phones, etc. The homerf.org folks also claim it's inherently more secure then 802.11b and WEP, but I wouldn't bet a dollar on it. The gist of all these articles is that you can make your wireless lan relatively secure if you're careful. That's why I'm doing quite a bit of research on the subject. In addition to the site I mentioned above, practicallynetworked.com is another useful site.
I tried to read the discussion about the article but after a few posts, it was kind of confusing to read and since I'm using HomeRF, I didn't think it would be worth the brain torture.

 

[Seungsoo Hwang]

thanks for the info, ill start with the zonealarm.

 

[Eric Samonte]

None taken guys but I appreciate the info. Guess in "Fantasyland", I've been blinded enough to just keep my eyes closed.
------------------
Eric Samonte
Dito sa Pilipinas..may Hom Tiyeter rin kami!

 

[Jeff R.]

Being on a school network, the DHCP probably will assign you a private IP address which will *generally* protect you from people outside of the school network. Being a school network though, the people inside the network are probably just as dangerous, or more dangerous than those outside.
The first thing to do is turn OFF file and print sharing. Even a password protected computer can be compromised in seconds if file sharing is on.
Secondly, install ZoneAlarm. A hardware firewall is nice but not always necessary. I use both a hardware firewall to protect my entire network and I use ZoneAlarm to protect my individual computers. They will both protect me from unauthorized intrusions but only ZoneAlarm will protect me from unauthorized data being sent out of my computer. Trojan horses and other viruses will often send information out from your computer. ZoneAlarm should prevent that.
The third thing to do is keep all your system files up to date. There are security patches released quite frequently (mostly for Microsoft products, but check for updates on all your software) that patch security holes that have been found. Those security holes are well known by the hackers and easily learned about by the wanna-be-hackers and make breaking into a system that much easier.
The fourth thing to do is to invest in a high quality anti-virus package and update it every day. The scheduler should allow it to update itself automatically. Also use the "auto protect" feature where it automatically scans files before it opens it.
New viruses that appear take a while to filter down to the protection software which brings me to the last thing to do -- use common sense. Don't open suspicious email attachments. A new virus that spreads through the internet could potentially compromise your system regardless of any other security measures that you have taken.
A lot of this has already been mentioned in previous posts but I think it is important to do all of it.

 

[Steve Owen]

Being on a school network, the DHCP probably will assign you a private IP address which will *generally* protect you from people outside of the school network

I'm not even sure I'd say that. Even if you're on DHCP, you're still succeptible to port scans and if they find anything open, it can be exploited -now-. Plus, if you've got security problems, trojans can be installed on your computer so that when you boot back up and DHCP grabs a new IP address, the trojan dutifully goes out (usually through an IRC port) to report in that your address is now changed.
-Steve

 

[Darren Lewis]

Something like Norton Internet Security is a must. Packages like these will also update themselves with new definitions of viruses whilst you're online.
------------------
My HT My DVD Collection

 

[Kimmo Jaskari]

I agree with the majority here. Software firewall and an antivirus package that updates itself frequently should be standard issue these days.
You may have nothing worth hacking your computer for but you may still get hacked (and/or inadvertently run and install a backdoor) and then be used to hack others. A real firewall will alert you that there is a program trying to dial out of your computer and give you the option to say no (and then remove the program).
It happened to me, in fact. I ran a program and it turned out to be a trojan that tried to report back to its originator on port 6667, ie connect to an IRC server. Thankfully my firewall noticed the activity and blocked it so I could remove the trojan.
------------------
/Kimmo