Internet Firewalls

[DocL]

I recently read about firewalls and how they prevent outside servers from entering your computer through your modem.Tonight I downloaded a program called Zone Alarm and it detected an invasion while I wasn't on the net. Furthermore, it was from a server that I had never visited! Shesh, I can't believe that this invasion of privacy can exist, it really scared me.

I reccommend to everyone, no matter what type of modem that you use, to download a freeware program. I went to www.zonelabs.com and got theirs. I'm not endorsing any one program as I'm sure they are all good.

[This message has been edited by Dr.Lane (edited 20 February 2001).]

 

[Lud]

There are a lot of people who just scan IPs to see what ports are open... My home computer on a static IP (DSL) gets probed all the time, probably once every hour or two, usually originating from somewhere in eastern Europe or Asia.

 

[Larry Bastanza]

Funny you guys mention this. I just switched from dialup to cable modem. In discussions with my development staff (we make web based imaging software) we talked about how the cable modem setup really offers NO PROTECTION, as opposed to a dialup ISP that "theoretically" would have a firewall to insulate you as a subscriber, from the kind of intrusion you mention.

I went to www.grc.com and downloaded a firewall program called TPF(Tiny Personal Firewall), don't let the name fool you, this firewall has caught everything on its way into my machine, and you are correct, they are always trying to get in!!!!!!!!!!!!

I am not really endorsing it, just a comment about the amount of traffic and intruders that are out there. BEWARE!
LarryB

 

[Electro]

Ahh now this is my specialty...

Internet and internal network securty... I work at a web shop, and I'm responsible for maintaining the securty of my webservers in an enterprise environment - among a few other things. So I am familiar with the methods and techiques "crackers" or "script kiddies": Those that use computers on any network as a means of committing a crime or obtaining illegal information; not to be confused with the media's improper use of the term "hacker": one who uses networks with respect to those who maintain them, which most are usually system administrators or network engineers, in an effort to exploit vulerabilities for a higher level of security so those 'script kiddies' wouldn't be able to walk right into a network and damage or steal whatever the see fit...

Now with that said, while I won't argue that alot of these personal firewall programs offer a good deal of security, you can not believe everything it tells you.. Especially if its reporting that you are being attacked while you have no active network connection.

Whenever I do scans on my network, from inside the firewall and from the outside of the firewall, 60% or more of the reported vulerabilities are reported falsly.

Usually upon further investigation of these false reports, that is if you know what you're looking for, one can tell if it is a real security risk or not. So alot of the times u have to use your own judgement..

Alot also comes from logic - if u *know* u aren't connected to the internet and the security program alerts you of an attack, then its possible that another running program or the operating system itself may have caused this... some programs "use" the network interface (or modem/network card etc) by sending a network request to itself, even when there is no active network connection to a network or the internet. Normally, when you are surfing the net, and you are doing nothing more than looking at web pages, you should never see an incoming connection from an unknown source. I usually lock everything down and open things on my firewall as I need them...

Hope this helps..... -Electro