Word to the wise, please read

[loser]

I don't know anything about firewalls.  

My DSL ISP say they have a built-in firewall.  Should I trust them when they say I am protected?

Also I know XP has a built in-firewall.  How do I check if I have it enabled? Or how would I go about enabling it?

Also, are there any free firewalls that I can get? Or at least any firewalls that have free trial periods?  

I'd like to try one of these retail firewalls to see if I'm being protected, but dont want to spend the extra money if my ISP is already providing adequate coverage.

Thx in advance.

[Chairboy]

Spiffykraits, you are incorrect.  MSblaster, sobig, and a bunch of other worms don't require you to open anything.  Telling people they don't have to have AV running all the time is irresponsible and incorrect.

[Tarmac]

Loser, get ZoneAlarm.  It's free in its standard edition (I think the Pro edition costs 30 bucks or so).  I dunno anything about the effectiveness of ISP firewalls, but it can't hurt to have too much protection.  I wouldn't trust anything they say.  

I've been using it for years.  I feel like I should buy the Pro version just to support the company for providing the free one for so long.  

ed:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp

[ply]

Or use a NAT type router. It gives your lan computer(s) a non routable IP address (like 192.168.0.2) and they cost less then $20 on sale with rebates. The Dlink DI-604 has worked well for me here. AH does not require any special ports to be opened and you don't have the overhead of software running on your computer.

[Vulcan]

Originally posted by ply
Or use a NAT type router. It gives your lan computer(s) a non routable IP address (like 192.168.0.2) and they cost less then $20 on sale with rebates. The Dlink DI-604 has worked well for me here. AH does not require any special ports to be opened and you don't have the overhead of software running on your computer.

Kind of incorrect, AH requires UDP ports 2000-~3000 open if you want to use UDP. Otherwise it switches to TCP and you get poor-mans-warp.

[Wolfala]

I once terrorized a networking product manager with Sub 7. It was an attempt to get him behind promoting firewalls and IDS solutions.

Nuthing worse than some salamander at the other end of the country opening and closing your cd-rom drive all day ... or swapping your mouse buttons... or disabling the space bar on your keyboard intermittently. The really cool thing is to record from the laptop mic when you do it so you get to hear the swearing  I once terrorized a networking product manager with Sub 7. It was an attempt to get him behind promoting firewalls and IDS solutions.

I read this and it brought a fuzzy feeling to my stomic. You remind me of myself when I was messing with people in 8th grade 8 years ago Though I could've done without the FBI blacklist during highschool.


Wolfala

[AHGOD]

Originally posted by Sturm
I am sure quite a lot of you are running cable for internet connections.  I just did a week long study on my PC  of possible intrusions.  What I have come up with is quite alarming.  57 intrusions that had the intent of gaining access.  Now I am using Black Ice as a firewall, and I weeded out the usual intrusions from your ISP, but I was able to localize 57 of them as to possibly being harmful.  If you are cable I highly suggest you go out and get some software that prevents intrusions, IE Firewalls.  If you have any questions about there usage I can assist.  

------------------
Sturm6 StaffelKapitän
JV44 Platzschutzstaffel
Airfield Defense Squadron
Campaigning for the rights of the ME-410.

You know I thought I made this post in a drunken stupor last night, very odd I tell you.  But it seems someone knows more about me then I wish wtf?  Then I saw the date and now I know it was me lol.

[Skuzzy]

Originally posted by Chairboy
Spiffykraits, you are incorrect.  MSblaster, sobig, and a bunch of other worms don't require you to open anything.  Telling people they don't have to have AV running all the time is irresponsible and incorrect.

I'll take issue with that one.  AV does not need to be running all the time.

If you protect ports 13x, and 443, from the get-go, then you have just plugged up the biggest security holes you can have.

With the above, MSBlast cannot get to your machine (unless a system on the LAN has it, then it is matter of blocking th 4xxx port that it used).
SoBig can only be had via email.  When getting your email, by all means you should have the AV enabled.

The problem with AV programs running when you are playing a game, is they tend to false trigger on the network packets and will cause AH to CTD.  Most of the time you cannot get past the login for AH if you have the AV running.  Other times, you will get severe packet loss.

Run the AV when you need to, email, surfing the web, but when gaming, all the above programs should be shut down anyways.  You can safely shut down the AV as well.

One other thing;  AH requires ports 2000-5000.  And you canont get a virus/worm on an open AH port.  That would impossible.  Worst case is a disco.

[trolla]

dont forget you guys dw. stuff from kaaza etc.... will sooner or later get you infected with somthing.


I am not rasing a finger here to tell you somthing, but beware of the worms yoy dw beside the music and films.

kaaza made hell for our campus last year with that

[dracon]

Originally posted by ply
Or use a NAT type router. It gives your lan computer(s) a non routable IP address (like 192.168.0.2) and they cost less then $20 on sale with rebates. The Dlink DI-604 has worked well for me here. AH does not require any special ports to be opened and you don't have the overhead of software running on your computer.

Gents, This is where it's at Black Ice Defender is more of a PIA with many False Positives.  Zone Alarm isn't much better.  The most efficient way is the router.  You can buy a 1-Holer for no more $50.00.  As Ply mentioned there are rebates.  They are a Piece of Cake to set up.  A quick explanation of what a router does?  It tells the world you live in one place (WAN IP).  When in fact you live in another (LAN IP).

Want a "Kick-Butt" AV progie??  Here ya go.  http://www.grisoft.com/us/us_dwnl_free.php  Only as intrusive as you want it to be.  Easy configuration and Update.

GL,

[DAVENRINO]

I certainly feel safer behind a router/NAT firewall and it doesn't use any resources. I also run Sygate Personal Firewall (free) as it uses few resources and I have no problems running it with AH, but I do turn off Norton AV when playing games on Skuzzy's advise.

If you have or are considering using Black Ice, I would suggest reading these pages:
http://grc.com/lt/scoreboard.htm

Steve Gibson's best recomendation is a Linksys NAT router and Zone Alarm.  I used to use ZA but it does have some issues running with AH.  I always leave Sygate on in case anything gets through my Hardware NAT firewall. I didn't have the NAT router prior to the release of the latest worms/viruses and Sygate kept me safe, but I sleep better now with my Linksys router.  Sygate also catches traffic trying to leave your puter.  Yesterday it caught a spyware program trying to send info out.  I found it and killed it.  
DJ229 - AIR MAFIA

[wrag]

Hmmm  Spyware!!

I like this

http://www.lavasoftusa.com/

and this

http://security.kolla.de/news.php?lang=en

I run em both one after the other right after I get through surfin the web.  Usually what 1 misses the other catches.  Catches and removes alot of spyware.

Got AVG runnin for virus and ZoneAlarm for firewall.

Turn AVG and ZoneAlarm off when I go AH.

Also had a router when I had dsl/cable but don't have either anymore so router is out of loop for now and settin in the closet boxed up.

[DAVENRINO]

Wrag,
This one was a little more complicated than that.  I tried Spybot and thought it was a bit too intrusive and removed some things I didn't want removed.  I do run Ad Aware daily and I probably removed this spyware numerous times without reading what it was.  I used to just click the boxes and make them go away.  These bastages are getting sneakier now.  When I googled this spyware that Sygate found, it seems others had a similar experience.  I BOUGHT  Kiplingers Willpower and installed it last April.  This Spyware didn't try to access the net till last month.  I found it running as a process in Task Manager but not in services or startup.  A drive search found an .exe installed in Prog Files.  I assume it installed the spyware on every boot.  I had been removing it with Ad Aware but it just kept coming back.  I assumed I was getting it from the same website repeatedly.  I uninstalled the .exe, removed the spyware with Ad Aware, and it hasn't come back.  I would thank Kiplinger for the free spyware, if I could be sure it really came from them.  I haven't installed any free progs this year and I don't do Kazza, etc.

DJ229 - AIR MAFIA

[spiffykraits]

Originally posted by Chairboy
Spiffykraits, you are incorrect.  MSblaster, sobig, and a bunch of other worms don't require you to open anything.  Telling people they don't have to have AV running all the time is irresponsible and incorrect.

I use win98 not XP and any server function is turned off ncluding windows Media, and I don't use any MS Mail programs or Messenger either, I run Norton Anti-virus and Nortons firewall on my gateway PC which I use for games, and never have had a virus in the last two years affect my PCs. All have been caught before they can infect my network.
All mail is collected with a networked PC which has ZA running on it which is not visible on the Net directly. I do get plenty of virus attempts via attachments but these are locked and always scanned for virus.

I DO run antivirus when not playing and for any surfing the net and this is updated every week, but it is not necessary when playing (with win98) but I DO run the firewall all the time, which does block a lot of Trojan attempts and dozens of scans.

[SC-Mutt]

Originally posted by DAVENRINO
If you have or are considering using Black Ice, I would suggest reading these pages:
http://grc.com/lt/scoreboard.htm

Steve Gibson's best recomendation is a Linksys NAT router and Zone Alarm.  I used to use ZA but it does have some issues running with AH.  DJ229 - AIR MAFIA

I'll add a hearty "SECOND!" to that Steve Gibson motion!
I've been a fan of his since 1996, when he blew the lid off 'Bloatware' by reducing a 45 meg copy of Win 95 to a better , and more stable 460[?close anyway] KILOBYTES using Assembler.
(MS made him remove the proofs, but there is still a vague reference to it I believe).

Aside from being a programming genius,  He's like Ralph Nader on Steroids!  He's called "Bull S**T" and made it stick on so many erroneous claims, that the offenders either fixed it or quit!

You owe it to yourself to take the time to read his archives.  He publishes his exchanges with the 'Big boys', and he hits em with so many facts they just stutter.

Sorry about getting carried away, But this guy should have a statue erected !!!

http://www.grc.com

(Oh yeah,  I've been running ZoneAlarm Pro for almost 2 years now, and it's money well spent, IMO)

Also;  Will a '10/100 Switch' do as well as a 'Router' ?

Thx
S!