Firewalls?

How many, on average, should one need? Well, it's obvious that ONE is not enough, but at one point does sensibility lose out to paranoia?

 

Log in or Sign up to hide all adverts.

One is more than enough for a normal civilian. If you are one you are worrying for no reason

Now if you are the CEO for a large corporation that houses financial records online, or are the webmaster of the Senate's homepage, then you should look carefully at firewalls.

Most hackers do not target desktop PC's of Joe Computer User, there is of little value for them in that.

 

Log in or Sign up to hide all adverts.

I would disagree with that. One major to hack a PC is to install a trojan that helps participate in Distributed Denial of Service Attacks or an open Mail Relay a spammer can utilise I.E. Sobig.

I for one have a modem that acts as a simple port blocker, a router with NAT and Norton Firewall on the PC. Never have a problem with being scanned. Place PC in the routers DMZ and the router in the modems DMZ (to use Netmeeting) and I get clobbered by Sub7 and other trojans.

 

Log in or Sign up to hide all adverts.

I use a NAT router with hardware firewall, an ip blocker, and a software firewall. Last month that didn't help as I got hijacked on the internet while going to whatsmyip.com I don't think the addy had anything to do with getting the virus but I do think that IE did. Even though I was running a virus software at the time it passed right on through as if there was no protection. Since I have lost the computer and have removed IE as my browser of choice.

Minutes before its last gasp, the cratered computer had gotten a clean bill of health from the symantic site scan.

 

Eeek.

So ... what browser would you recommend?

I currently use some former build of Mozilla ...

 

Get Mozilla Firebird. It's still early software, but it's fast, stable and streamlined.

And if you want a firewall, then why not build a linux one? All you need is an old 486 and some cables.

 

Firewalls won't protect you from viruses, the 2 are fairly unrelated.

A firewall is designed to prevent hackers from tapping into your computer.

Anti-virus software is meant to deal with viruses. However it isn't very effective, because someone (like a huge company with important data on its harddrives) has to get infected first before a company like symantec can develop a preventative measure. They can always create general safeguards, but they can't protect you ahead of time from a specific virus they don't even know exist. Just like a Flu vaccination won't protect you against AIDS

If you're someone who wants tight online security, you can completely forget about being able to do anything. If you truly make yourself secure you'll wind up severely restricting what you'll be able to do with your computer online. Just like Thed pointed out he can't use Netmeeting without setting himself as a host in the Demilitarized Zone.

If all you do with your PC is check your e-mail, go right ahead and turn your PC into a fortress. But for anyone who wants to play online games, you can forget about this stuff - you'll wind up wasting time with alot of frustrating tasks, and still limit yourself or leave yourself open if you decide to do something that falls outside of the bounds of e-mail or web surfing highly secure sites.

 

So is Firebird safer than IE?

How do Firebird, Mozilla, and IE measure up against one another? Security-wise? And of course, some other pros and cons?

I did get Firebird (already have mozilla), and I like what little I see of it. It hasn't crashed once in the three days I've used it.

Mozilla has had its share of crashes, but no more than IE.

 

Definition of a Firewall:
A firewall is a program or system that is rigged up to "check" various rules against incoming and occasionally outgoing data.

The rules themselves are either generated from a batch file as compared to a standard selected ruleset from firewall developers, or are implaced by a systems administrator.

Firewalls can allow certain data connections from various IP's and ports to various Internal ports/IP's, Also they can block various internal ports and IP's being accessed.

Who should use a firewall?
In certain respects everyone should use a firewall, as it does increase not just the safety of your own computer but adds to the safety of the whole internet.

Individuals should use firewalls as although a main target to a hacker might be an online database, they will occasionally use methods of hiding their attack through the use of "Proxies".
The proxies they use aren't the same as something like www.anonymiser.com but more likely to be "trojan servers" they control on other peoples computers. (This in short means that a hacker can turn your connection into a remote attack tool)

A firewall on an individuals machine can stop people connecting to open ports that are being listened to by servers and trojans, and in turn can also stop ports that are not identified throughout the "allowed" list as having legitimate services running from outputting data.

Some trojans have been developed to attempt to "Disable" firewalls and virus scanners (notibly the ones aimed at are the ones you'll find on sale in your high street store)
[On a different note the same method that is used to identify firewalls and virus scanners can also be used to identify Debuggers and realtime hex editors in the memory]

Corporates that have a constant connection on the internet, and multiple numbers of machines on a network should have at least one firewall between their network and the internet.

The usual ruleset for such corporate machines isn't just to stop things like trojans connecting, but also the users of the network from using programs like KAZAA, or messenger programs. (Managers and Directors tend to think that such activities do not just incriminate a company but lessen the productivity of it's staff.)

[One of the worst places in a Corporate office for potential attack is a large printer that is network linked. Most machines will be following new security protocols and have updates to software, but the large printers that are found on office networks potentially have their own harddrive space for cacheing printing.
these harddrives have been known to be turned into Warez servers that nobody in the company knows about until a memo gets moved through the ranks of the company complaining about the time a print takes, or that the calls for printing keep getting dropped and no-ones getting printouts.]

Why do trojans get mentioned by Anti-Virus programs?
Simply a trojan is made to become a backdoor in someones computer, and it would be no good to the people who develop them if they could be seen. So the use of code to make the program stealth occurs and this is what anti-virus programs tends to spot.

anti-virus programs look for code that is trying to be hidden, afterall a virus tends to try and be something else to continue it's life of propagating altered code, and it wouldn't succeed if it was caught.

Trojans rarely contain viruses (unless the writer has developed a payload they can trigger). If you were to ask which one was safer to have hidden on your machine, I would personally say the trojan since they are possible to disable or block communication to/from.

A virus is something you don't want on your machine since they are damaging, there entire process is about destruction of data through the self-replication of their process.

 

Firebird is the future of web browsing. You see, since Microsoft already has a monopoly on the web browser market, they don't plan on releasing a new internet explorer until 2005 or so. The thing about Firebird is that does everything (or can be programmed to do anything) that a bloated web browser such as IE or netscape does, with a fraction of the resources, and some very spiffy add ons. Tabbed browsing as an example.

Whats amazing is that it isn't even finished. They've written the code, but it's still in beta. It can only get better...

Firebird is basically a concerted attempt by the open source community at providing the public with good, stable, secure easy to use web browsing. Something that MS doesn't really care about.

Bringing me to security issues...

For beta software, firebird doesn't have too many holes. The reason: it's not bloated. Less code means less exploits. It even has a built in pop up filter. You can easily set up a proxy too if you want. Very simplistic, but rich in features.

Last year, I would have recommend K-meleon (a similar browser) but it's nothing compared to firebird.

The only benefit with IE is that you getting plugins is easier than picking your nose. It fails in all other categories. And as firebird become more popular, it will have that kind of recognition, too.

Mozilla has a lot of features (most of which you'll never need) and a lot of configurability. But it's still pretty heavy, and there are better alternatives for a similar browser.

It's not for everybody, especially at such an early stage of development, but once its complete, expect firebird to become extremely popular.

 

http://download.com.com/3000-2092-10039884.html

 

from my experiences (and thanks to some sciforumers), having multiple firewall can mess you up. I didn't realize that XP has a firewall, so I decided to install McAfee firewall. Result? Messy filtering.

 

so, does XP's firewall surely protects u from hackers?? is it recommended?

 

Well, I can't say, but given that XP is popular, many must have been trying to whack its security system. I don't recommend having the XP firewall only, but I don't know if it can be completely shut down.....

 

If you need more than one firewall (assuming you don't have more than one physical connection to the internet, or a complex segmented network at home) either you have the wrong firewall or (more likely) don't have it set up correctly.

All firewalls do essentially the same thing (some have more bells and whistles than others).

Basically all firewall is a router with tighter control of what traffic comes in and goes out of your network.

A simple router with standard IP port, address and pool blocking and NAT capability is more than enough firewall for any single user (and most small networks even).

It all depends on how you configure it.

 

I use an NAT as well as NIS (Norton Internet Security). Pretty much the only thing I use NIS for is blocking programs from accessing any network. This way if by chance I get some custom made trojan that my antivirus doesn't pickup, I can block it from ever contacting the outside world. My NAT can't do that.