Goodbye Dialup....Hello DSL

[MadReferee]

</font><font color="blue" class="small">( I have had DSL for a couple of years, and I use ZoneAlarm as a software firewall on my server. The machines are up 24/7 and I get over 100 "probes" an hour, on average, that are caught by ZoneAlarm. I am certain that many of them are looking for Microsoft security holes. )</font>

They are looking for ANY security holes, not just from IE. I am currently at a client and just looked at the firewall log for their Symantec. In the last hour there were over 200 attempts blocked. Most were trying to access over non-commonly used ports, just fishing for an application that might have an open port.

Yes Microsoft has problems but that is a fact of life when you have 95% market share and rather complex code to maintain. It's no fun or challenge for a hacker to go after linux or mac systems when the result will affect only a very small minority of systems.

However, I look for linux to be the next great target for hackers since it is open source and gaining market share. It should not be all that hard to figure out how to get into the system by a back door or whatever. Not my cup of tea, but then again it may be someone's.

 

[gsxr1100]

I had a firewall and removed it. I now have to routers and work fine.

Dialup..now that is old school! /forums/images/graemlins/grin.gif

 

[riptides]

</font><font color="blue" class="small">( People that aren't taking responsibility for their computer security have lawmakers all in a fluff about starting to regulate certain things in operating systems. Making the choices for people. Many lawmakers have shown interest in turning computers into "appliances". Making them special purpose, and banning generic all purpose machines because. Under pressure from lawmakers, hardware and software vendors have joined organizations to blaze the trail towards what is being touted as "Trusted Computing Initiatives". This trust does NOT mean that you trust your computer, it means that a company trusts that you have not been able to tamper with anything and make it work in a way they don't see fit.)</font>
"Trusted Computing Initatives" is/are not bad things. In fact if properly done, they can save both the consumer and the provider. The onus to play in the environment will allow the consumer a level of protection from your lawyer examples that is not currently offered.

</font><font color="blue" class="small">( First I have heard of this. Just another example of government intrusion into private affairs. I doubt if anything will every come of this insanity. )</font> I think the government is *very* concerned about privacy. e-Commerce today is under attack due to privacy issues. Identity theft is a huge problem that can derail business transactions if allowed to continue. There are *many* parties involved in the government to ensure your identity and information is not exposed or transgressed. I view this as another good thing.

I ask you all today, how do you like dealing with your credit report? Had some info in ChoicePoint? - Private industry - without accountability.

-Mike Z.

 

[getut]

The only people/entities that will find something good coming from Trusted Computing Initiatives are the big guys.

It is nothing but a thinly veiled opportunity to lock out any software/media/content that doesn't meet the companies idea of what is trusted. Trusted Computing could be a wonderful thing if it "nexus" obeyed the owner of the computer, but that is not the way Trusted Computing is being designed. They will lock out home user created software and innovations because the computer owner will have no way to tag something as trusted.

***Edit: Even as security concious as I am. If the cost of trusted computing is loss of total control of my own PC to gain the ability to reliably use online data, then that cost is too high. For a non-geek it may not be. But for someone who spends 75% of their life in front of a computer, it will reduce innovation far too greatly.

 

[anojones]

Well- I use a router firewall, and set up WEP on my wireless network. I wouldn't broadcast the network at all- except the Tivo needs to see it to access the network. We also run anit-virus software on our boxes- but sometimes I feel it's a scam.
As a result of this thread I tried out Firefox- I don't know if it's safer than IE- but it sure is a better browser! After messing around with it for a couple of days, the tabbed browsing becomes very helpful- and in particular for web based forums such as TBN. I can open threads in new tabs with the "middle click" option from the index pages and then go back and read them. A bit of a learning curve, but worth it.

 

[getut]

Yes.. there is a big scandal right at the moment for Symantec.

Viruses are one thing, adware/spyware is another. They are not QUITE viruses.. not bad enough that they get added to virus definitions and if you get technical about it, the user usually OK's adware/spyware to get on the machine. End result is that adware spyware takes different software to detect and remove.

Symantec has their Internet Security software package that is supposed to be 4 items in 1 (Firewall, adware/spyware detection removal, antivirus, pop-up blocker). They just got caught taking money from a few adware/spyware makers to NOT detect and remove their product. Lavasoft Ad-Aware just also removed detection for a certain adware/spyware package. They got caught doing it and then immediately put out a stand alone remover for that package.

The whole industry is getting more and more corrupt.

 

[getut]

anojones:

Check out this thread. It has info on how to make the Firefox browsing even better than it is by default.

 

[MadReferee]

</font><font color="blue" class="small">( I think the government is *very* concerned about privacy. e-Commerce today is under attack due to privacy issues. Identity theft is a huge problem that can derail business transactions if allowed to continue. There are *many* parties involved in the government to ensure your identity and information is not exposed or transgressed. I view this as another good thing.

I ask you all today, how do you like dealing with your credit report? Had some info in ChoicePoint? - Private industry - without accountability.)</font>

What do these statements have to do with how secure my home PC is?

Most identity theft occurs because people gave their identity info to a non-secure site or over another non secure media like a telephone. I will bet that only a very small percentage of identity theft happens because my home network was broached by hackers. Now allowing spyware and data mining and such on my PC may compromise my identity but for the most part that is preventable by simple common sense and proper, readily available security methods.

This thread is now digressing beyond the original DSL question. Back to our main programming. /forums/images/graemlins/shocked.gif

 

[TOMLESCOEQUIP]

I don't have my DSL install yet but did install the "FIREFOX" browser.......all I can say is AWESOME !! The adblocker rocks !! Thanks to everyone for their help & suggestions.........Tom

 

[Durbob]

All i can say is my homepage got hijacked with IE once. I hope nobody ever goes thru what i had to to get rid of it. What a learning experience that was. Switched to Firefox and it won't happen again. BTW, i have at least 12 browsers and my favorites are Firefox, Avant, Opera, Slimbrowser, and Netscape. Not necessarily in that order.

Dur

 

[SnowRidge]

<font color="green"> 1) Do not rely on a software firewall such as BlackIce Defender or similar. They can be good backups in addition, but your first line of defense should be a good hardware firewall/NAT router. Linksys or DLink are good names (The linksys BEFSR41 is probably my best recommendation). Stay away from the Belkins (sometimes sold at Walmart). Don't let the phone companies installer give you a DSL modem connected by USB. Make sure it is an ethernet connected modem so you can use your hardware firewall with it. </font>

Netgear is fine too. Absolutely stay away from USB modems.

<font color="green"> 2) Do away with Internet Explorer or any frontend based on IE that masquerades as an alternative browser. Use IE ONLY to go to Windows Update and get your security updates and software patches. Go with Firefox or Opera. Also, do not use Outlook Express or Outlook for the same reasons as above. There are currently security problems for these packages that are over 8 months old and still there is NO fix for the problem. ***Edit: Thunderbird or Eudora are good email software replacements. </font>

Yes, yes, yes. For the Windoze world, you can add "The Bat." Whatever email client you use, make sure that HTML is turned <font color="red"> Off </font> for inbound emails. You should turn it off for outbound too.

<font color="green"> 3) Tell your installer that you want your PC configured with only standard configurations. Tell them you do NOT wanted any branded configurations. If the installer tries to put any CD's or diskettes in your PC, slap him upside the head. </font>

Better yet, configure it yourself, if you can.

<font color="green"> 4) Make SURE your PC is up to date and protected by the router/firewall and also up to date antivirus software BEFORE connecting it to the network. Current statistics show an unpatched PC connected via a broadband connections takes on average only 3 minutes to be compromised by malicious software. </font>

It's a bit difficult to update firewall software without being connected, but absolutely go with a hardware router/NAT from the get-go.

<font color="green"> 5) Don't rely on your firewall to protect you. Firewalls ONLY protect against brute force attacks. You can still VERY easily be compromised by passive attacks coming in through trusted sources such as email and requiring you to click on something. Once your machine is compromised by the passive attack, the firewall does no good, because your PC connects outbound to the attacker. There is no inbound attack for the firewall to stop. </font>

But a good "state aware" or "stateful" firewall can help by monitoring for and blocking improper outbound connections.