Someone is pinging my firewall, need advice

Discussion in 'Computers' started by Steve_Tk, Jul 6, 2003.

  1. Steve_Tk

    Steve_Tk Cinematographer

    Joined:
    Apr 30, 2002
    Messages:
    2,833
    Likes Received:
    1
    Trophy Points:
    0
    Every day and sometimes twice a day my firewall says a person tried to get on my computer with a Back Door SubSeven Trojan Horse. Now I have no clue what this means.

    It says I do not have to do anything because the firewall stops it. But I'm a little paranoid.

    What should I do. I have no clue why this would be happening to me. I really only read message boards.

    Any advice?

    Oh, I have the Norton Firewall.
     
  2. GordonL

    GordonL Supporting Actor

    Joined:
    Feb 14, 2000
    Messages:
    771
    Likes Received:
    0
    Trophy Points:
    0
  3. Ron C

    Ron C Stunt Coordinator

    Joined:
    Dec 28, 2000
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    0
    I have zone alarm installed:
    14797 Intrusions have been blocked since install
    952 of those have been high rated

    I say don't worry about it, the firewall is doing its job.
     
  4. Chris Lockwood

    Chris Lockwood Producer

    Joined:
    Apr 21, 1999
    Messages:
    3,215
    Likes Received:
    0
    Trophy Points:
    0
    Welcome to the internet. I'd be surprised if those things weren't happening, especially if you have an always-on connection.
     
  5. Eric_L

    Eric_L Screenwriter

    Joined:
    Nov 2, 2002
    Messages:
    1,994
    Likes Received:
    1
    Trophy Points:
    0
  6. Leila Dougan

    Leila Dougan Screenwriter

    Joined:
    Mar 27, 2002
    Messages:
    1,352
    Likes Received:
    0
    Trophy Points:
    0
    Welcome to the internet. If you have any sort of broadband you'll be pinged and scanned, and all sorts of other things constantly. There's no reason to do anything. That's why you have a firewall.
     
  7. Shayne Lebrun

    Shayne Lebrun Screenwriter

    Joined:
    Jun 17, 1999
    Messages:
    1,086
    Likes Received:
    0
    Trophy Points:
    0
    Two options.

    1: Ignore it; they're probably just scanning your subnet. Think of it as a burglar walking down the street, noting which houses have lights on and off.

    2: Start rejecting packets from their IP address/block. You might not have this option if you're running 'personal firewall' software.
     
  8. Rob Gillespie

    Rob Gillespie Producer

    Joined:
    Aug 17, 1998
    Messages:
    3,632
    Likes Received:
    5
    Trophy Points:
    0
    Get a router with NAT.

    I went broadband last summer and used a 4-port Netgear router/modem from the start. My ZoneAlarm incoming alerts went from a couple of thousand a month, down to zero.
     
  9. Matt Stryker

    Matt Stryker Screenwriter

    Joined:
    Oct 12, 2000
    Messages:
    1,307
    Likes Received:
    0
    Trophy Points:
    0
    Or, use samspade.org to track their IP address and get an abuse contact at their ISP. Email or phone them, and let them know whats going on. Then you'll help yourself and help some other net user who probably is not smart enough to know his/her computer is infected.

     
  10. LDfan

    LDfan Supporting Actor

    Joined:
    Nov 30, 1998
    Messages:
    724
    Likes Received:
    0
    Trophy Points:
    0
    While on the topic. I use Norton Internet security but would like a little more security. Would a simple firewall that uses NAT be good enough or one of the fancier higher end ones be best?

    Thanks,
    Jeff
     
  11. Leila Dougan

    Leila Dougan Screenwriter

    Joined:
    Mar 27, 2002
    Messages:
    1,352
    Likes Received:
    0
    Trophy Points:
    0
     
  12. Chris Lockwood

    Chris Lockwood Producer

    Joined:
    Apr 21, 1999
    Messages:
    3,215
    Likes Received:
    0
    Trophy Points:
    0
    > Personal firewalls (Norton, Zonealarm) can be helpful, but they are no defense against a determined attack or a new/emerging threat.

    Could you list some examples of what damage someone could do if the software-only firewall is running? (Assume the user has an always-on connection but isn't sharing drives or files and is not on a network.) I'm curious.
     
  13. Patrick Sun

    Patrick Sun Studio Mogul

    Joined:
    Jun 30, 1999
    Messages:
    38,777
    Likes Received:
    492
    Trophy Points:
    9,110
    It's pretty cheap to buy a DSL/Cable modem router/firewall/ with NAT, and also have Zone Alarm running on the PC. That's what I do.
     
  14. GordonL

    GordonL Supporting Actor

    Joined:
    Feb 14, 2000
    Messages:
    771
    Likes Received:
    0
    Trophy Points:
    0
    Yep. The cool thing about Zone Alarm is that if you do get infected with a Trojan Horse that's trying to send stuff out, ZA will block it.

     
  15. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Trophy Points:
    0
    Comedy 'welcome to the internet' option.

    Though I will say get a hardware firewall/router. It's just more secure, and if you ever get another computer or a friend comes over etc. you can share your connection.
     
  16. John_Berger

    John_Berger Cinematographer

    Joined:
    Nov 1, 2001
    Messages:
    2,489
    Likes Received:
    0
    Trophy Points:
    0
     
  17. Dave F

    Dave F Cinematographer

    Joined:
    May 15, 1999
    Messages:
    2,885
    Likes Received:
    2
    Trophy Points:
    0
    Does it say that someone actually tried to get it? Or just that a program is using a port that is normally associated with that trojan? I recieved that message the other day,but I think the port number was just a coincindence.

    I'd say to stop using it blindly. It's a great contact management/email tool if used correctly. There are defaults that need to be shut off, but once done, you are fine. Provided that you don't do something stupid like open up attachments, etc...

    -Dave
     
  18. John_Berger

    John_Berger Cinematographer

    Joined:
    Nov 1, 2001
    Messages:
    2,489
    Likes Received:
    0
    Trophy Points:
    0
     
  19. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    Trophy Points:
    0
    A hardware firewall/router can't protect you from a DoS attack. It will become just as overwhelmed as your computer would if it gets spammed with tons of ICMP data or whatever.

    A hardware firewall/router is nice to have and they cost next to nothing these days, so that is a good way to go. Still, they don't do anything about outgoing data. You can get a trojan on your machine and your hardware firewall will cheerfully let anything through going out from your computer without a peep, unlike a software firewall which will query you about the traffic at least once.

    For the vast majority of people, having up-to-date antivirus software and a good software firewall will put them pretty far ahead in the game. I severely doubt any script kiddie out there looking for a system to compromise will bother with a firewalled one when there are such masses of machines out there with no protection whatsoever.

    Either way, not matter which way you go, you can render your firewalls ineffective with ease. For instance, you can do something like putting your computer in the "DMZ" in a router like my D-link instead of just setting the router up to forward FTP connections. The former is much easier than the latter, but the former also totally nullifies the router as a firewall...
     
  20. Matt Stryker

    Matt Stryker Screenwriter

    Joined:
    Oct 12, 2000
    Messages:
    1,307
    Likes Received:
    0
    Trophy Points:
    0
     

Share This Page