"Firewall" question

[Ike 2K#]

Is our computer still safe from hackers when we have our "firewall" turned on? My sister (not a PC geek like you guys) told me that.....

hackers evolve and they create codes that can penetrate your PC even if you have your firewall turned on.

I dont know if this is a myth but i think there is a 50/50 chance that she's right.

So what kind of firewall should i buy (or download) that is "Aces High and Head 2 Head mode"  friendly? I still have a firewall but its gonna expire. I went to chat at yahoo and some chat user who got pissed at another chat user got hacked and he/she posted the IP address at the chat box to encourage everyone to hack that user. After he/she got hacked, i never used yahoo chat again

[Martlet]

You are never truly safe from a good hacker that really wants to get into your system.

If you are talking about a home pc, then you probably don't have anything a hacker really wants on there.  When they hack home pcs, it's generally just to cause you grief, and/or launch another attack using your computer.  If they come up against too much trouble, they usually don't bother and move on to an easier target.

That being said, if it depends on your level of concern, and how you connect to the internet.  If you use cable, I'd suggest getting a router.  Linksys makes decent ones for cheap.  That alone is usually enough deterrent.  For added protection, you can put Zone Alarm or something on it.

If you need help, or have a different set up, feel free to email me.  It boils down to personal preference, though, so you'll probably get a million other suggestions as well.

[Ike 2K#]

can hackers still get my credit card number if i delete my "cookies" inside the Internet Explorer?

[straffo]

It can happen if he get full control of your PC .

But except if your computer is on a corporate network the risk is pretty low (it won't be interresting enought for a real hacker).

You will be more likely be a victim of some script kiddie who will scan your PC for open port using hacker's tool downloaded form the net ...
The risk is more to see your connection go to hell and perhaps to see your PC crash.


In general the hacker (the real one) are searching : disk space , bandwith , corporate date (credit card databases) ...


If you've not those ,there is virually no risk.

[devious]

It`s not the OC that is vulnerable, it`s the OS and the applications.

A personal firewall is an application itself, and exploits exist to break it (Last I heard was the Kerio personal firewall).

The grade of security increases with a edicated firewall. But still, you have to have packets pass through, which will go to your applications, and might break em.

Port 80 (HTTP) is almost never blocked in corporate networks, AND one of the most easily exploited.

My advise is to think Application/OS centric. so:

- Deactivate Microsoft Network Protocol on your Connection

- Deactivate all "Services" for remote hosts

- Deactivate Active Scripting in IE (!)

- Do not use M$ software at all if  possible. They offer the most exploits, and M$ won`t tell YOU until their patch is out. Hackers already know weeks in advance....

- Don`t panic about the amount of portscans etc. attempted

- About the only use for a little dialup PC is breaking for fun (but you can defeat the script kiddies) or use as a slave in a DDOS attack, so so search for backdoors. Get a good virus scanner.

[devious]

Some links concerning personal firewalls (these are german, maybe babelfish.altavista.com can help)

http://www.iks-jena.de/mitarb/lutz/usenet/Firewall.html
http://www.rz.tu-ilmenau.de/~traenk/dcsm.htm#Firewall)
http://www.fefe.de/pffaq
http://www.fefe.de/pffaq/halbesicherheit.txt
http://home.arcor.de/nhb/pf-umgehen.txt
http://home.arcor.de/nhb/pf-austricksen.html

[straffo]

Do you use one Devious ?

If so wich one ? (my german is pretty rusty )

[Vulcan]

A personal firewall is a damn good idea. Most of them are fairly robust. I'd recommend Blackice quite highly.

However, a firewall is only PART of the equation. You should combine it with good active virus checking. McAfee is my preference. AND make sure you keep both products up to date.

'Exploits' tend to be attacks focussed on those running services (such as web servers, ftp sites etc). Exploits are not limited to M$, Linux and Mac O/S's are equally as ripe - and Linux possibly more so - with exploits. At most an exploit will make your net connection run slowly. A firewall will usually alert you of such attempts.

Once you have a firewall running then your next vunerability is from the inside. Usually this is in the form of a trojan which may steal passwords, keystrokes, and send them out via your firewall. A combination of a good firewall and virus checker will stop this.

Are you vunerable as a personal user? Hell yeah. Assuming that because its your personal home PC is the biggest and DUMBEST mistake you can make. Serious 'thieves' know personal PC's are where the $$$$ are.

For example a keylogger/trojan could:
 - watch you login into your corporate VPN, giving a thief unrestricted access to your corporate network
 - watch for credit card numbers and details
 - watch for online banking logins and passwords
 - watch for other passworded services such as paypal or ebay
 - read your emails

Get a good virus checker.

Get a good personal firewall (preferably with application lockdown, both Blackice and McAfee's have this).

KEEP them up to date.

Do this and you'll find out your sister is talking 'myth'.

[Dingbat]

Originally posted by devious

- Do not use M$ software at all if  possible. They offer the most exploits, and M$ won`t tell YOU until their patch is out. Hackers already know weeks in advance....

Oh Puh-Leese, That's like saying there are no viruses for linux.  Everyone has bugs that allows exploits.  The only reason they are more popular in Microsoft Products is because they are the biggest provider of application and OS software.  Do  you really think that if everyone used linix that exploits wouldn't be found, really .   Say you were a hacker which do think U would have teh easiest time hacking, something that's popular or something not so popular.

[devious]

Open Source software exploits are more readily published, and more quickly fixed than M$...

But no software is bug-free, so you`re vulnerable anyway-

[EDIT]I for one would NOT recommend using outlook express or IIS[/edit]

[Vulcan]

Not true, the BIND problems have never really been fixed.

Then take a look at http://www.macsecure.com for the issues with the underlying code in OS X.

Theres nothing wrong the Outlook Express or IIS. Just implement the latest patches, good virus checking, and reasonable security practises (ie don't double click on EXE files people mail you) and you'll be fine.

And of course now it appears some of the Linux source code is stolen. So much for open source. I wonder what the Linux crowd are gonna do when the royalty man comes knockin?

[Vulcan]

Originally posted by devious
The grade of security increases with a edicated firewall. But still, you have to have packets pass through, which will go to your applications, and might break em.

Port 80 (HTTP) is almost never blocked in corporate networks, AND one of the most easily exploited.

BTW this is completely untrue. If you knew a pinch about corporate networks you'd understand why.

[lord dolf vader]

And of course now it appears some of the Linux source code is stolen. So much for open source. I wonder what the Linux crowd are gonna do when the royalty man comes knockin?


cite?



bill gates did a little dumpster diving himself. that much we know.

anyone ever collect from him?

[Mini D]

towd...

IBM is currently being sued by SCO for supplying some UNIX code currently found in LINUX.

http://news.com.com/2100-1016_3-999371.html?tag=fd_lede1_hed

MiniD

[straffo]

I thought SCO was out of action ?