Being Secure

In this day and age of constant Internet Viruses and Hackers, I was wondering if we are possibly being a bit too paranoid about these threats. I know good up to date Antivirus goes without saying.

I have got myself Trend Micro's Internet Security package but have turned off the built-in Firewall and installed Zonealarm. Reason being, that the built in firewall doesn't tell you which applications are trying to get in and out. It just tells me which Port is being used.

A point to mention here is that the built in firewall passed all the probe tests I threw at it, Gibson and the Sygate on-line test. But it failed the Gibson Leak test.

So what I was wondering is, am I being over cautious? If the Trend Firewall passes all the probe tests, should I be bothered what applications are trying to get in and out? It is stopping coming in what it is meant to stop coming in, so is doing it's job. Is the leak test really that important?
Are hackers really that bothered about my Home PC and the junk that I have got stored on it?

I would be interested in your thoughts.

Out of curiosity, what AV and Firewall are you using?

 

I use no firewall or Av software.
I have my broad band thru a router, that is a first line of defense, any one noseing at my connection will see the router IP anbd not the remote. Granted if they know what they are doing they can still get thru, but to my mind if they are that determined a software firewall wont stop them.
For anti virus i use housecall online free scanner, at least with that you can be fairly sure it has the latest deffinitions.

 

It just might.

The most likely reason for someone wanting access to your computer is to hijack it and use it to send out spam or to mount denial of service attacks. Other reasons include harvesting passwords and credit card numbers.

Anti-virus is mandatory for stupid people, but for those of us who don't blindly open email attachments, anti-virus is of limited use.

A firewall, such as Zone Alarm, should be mandatory for everyone. Correctly used, it will stop applications (including worms and trojans) from sending anything out over an internet connection. It will also spot and quarantine dodgy email attachments and force you to stop and think before opening them.

 

a good hax0r will get a pipe thru a firewall. Also a decent connection used with multiple DoS attacks will lock up a software firewall and render it useless (i know, i use to do it )

 

1) NAT on my ADSL Modem

2) Norton AV

3) BlackIce

You'll find that NAT will block most probes from the outside.

Pennance, did you use NMAP by any chance

 

have used it, most port scanners will do the job, some are faster.
Then get the smurf's

 

i use Norton Internet Security. every couple of hours i get a backdoor / sub 7 attack which has been blocked. usually i just ignore them but you can get as much info or as little as you like.
my old pc was hacked to hell as i had zero protection there. this one is just fine and has passed all the web based firewall tests i've tried.
50 quid a year and updates automatically without me even having to think about it. i love it cos i can ignore it and get on with things.
cheers


julian

 

I run without AV, but don't use Outlook at all (I use Forte Agent which is way more secure) and every now and again I use Symantec's on line scanner. I am no fool, I never run attachments on emails and Agent will never run them without my permission the way Outlook can. I have used a PC now since 1987 and have never once had a virus! I also run Lavasoft Adaware every couple of weeks to hoof off any crap cookies IE has brought in. I keep the XP Pro OS patched to the current security level.

As for firewall, I can't see the need to waste bandwidth with a third party product when XP's built in one stealths all the ports successfully. My PC passes all the shields up tests, and I'm not bothered about leak testing as the only stuff that goes out from my PC is what I want to go out!

Tony.

 

You would probably be shocked if you knew how many programs were using your internet connection to make requests out. I was. I'll stick with Zone Alarm. That way nothing talks out unless I say it's OK.

 

I use Norton Internet Security and have just integrated it with System Works Pro which i picked up cheap last week. Since switching over to BT Yahoo broadband last week I now access all of my mail via the BT Yahoo website and very rarely use Outlook or Outlook express now. I figure that their ( BT Yahoo ) AV software is probably better than mine. I do a scheduled auto scan of my complete system at 6am everyday, (nobody is using this computer at this time anyway so i might as well do something useful). Also I have Nortons 'Live update' switched on all the time , this automatically updates my AV software with the latest Virus definitions on a regular basis.
I will freely admit that i'm a bit of a computer duffer though and so there are probably a few holes that need filling, Although i just did a security check via the Symantec website and they said I'm safe and resisted all of their probes.
On the very few occasions ( 2 or 3 in 3 years ) when i have been sent a virus, Norton has always managed to snag and quarantine it before it infected my system.

BTW, I picked up My copy of Norton System Works Pro 2003 for just £8 off e-bay the other day. It is the genuine article and includes all auto updates for a whole year from the day you first register it, pin money really for the facilities it offers.

 

So if I may add further to the debate.

Which do we think is the most effective way to go? A stand alone Firewall or a Built in Firewall?

I have asked the original question on a PC Forum, so far the feeling I get is that the built in firewall is sufficient. Any more than this and I am being way too Paranoid .

 

Seconded. Great product IMO.

Michael.

 

Do you use dial-up, adsl or cable ?

 

Norton antivirus and Zonealarm Pro

Zonealarm is excellent.

Robert

 

I am on NTL BB.

 

And your ethernet port on the PC connects straight into the NTL box, if so I'd look at a cable modem router.

2 reasons for going with this :-

1 most of the routers nowerdays include a firewall

2 you'll be able to connect more than 1 device to broadband if you use a router

Cable Warehouse are quite good IMHO

But I'd still run some sort of AV on each PC.

 

Such as? I deliberately steer clear of shareware / freeware stuff and have no P2P file or music sharing etc. The only things I have that I know sniff around are MSN Messenger and Windows Update, but I have a fair idea what they are sniffing for so let 'em get on with it! I have absolutely no processes running in task manager that I can't identify (I've disabled everything that is not essential), so I'd be very surprised if anything nasty were lurking my side of the firewall.

Tony.

 

ZoneAlarm and AVG

AVG picked up and isolated a worm when I first put XP on, but was unable to reMOve it. Needed a seperate reMOval tool which was quick and easy.

I think it must have got onto my computer in the time it took to download ZA and instal it on first connecting to the net after upgrading the OS! So appears XPs built in stuff didn't work there, or perhaps the default settings were just too low?

Anyone have links to any of the port probing sites? oo err!

I used them a few years ago and ZA (I think I was using the pro version at the time) kept them all out. However another page (which I can't find now, but is/was somewhere on www.astalavista.com), managed to sucessfully show me several screen shots from my computer such as program files and such!

I've not got anything like credit card details, phone numbers, addresses etc stored on here, but still, I don't fancy being no ones spam MOnkey!

 

Ditto here Julian2002, I seem to be getting a lot of little wankers trying to use the Backdoor/Subseven Trojan Horse on my system at the moment. The record so far is 28 attmepts in one day!. Thankfully all I get is a polite message from Norton Personal Firewall to let me know that they were unsuccessful and the option to trace their IP. Hmmmm.. wonder if a I should get some people removed from their ISPs?

So to get back to the original question, I would say from my experience that it is probably worth investing a little money in a decent firewall, either software or hardware, as in the long run it could save you some serious headaches. If you'd rather save your cash for hifi then there are a few free software firewalls that you could consider, try this link for some of them http://www.homenethelp.com/web/howto/free-firewall.asp

 

probably just random port scans
not something that most ISP's will worry about tbh