• All Purchases made this month instantly go into the draw to win a USD $ 100.00 credit to your HoP account.
 

onewheeldave
GOLD Member since Aug 2002

Carpal \'Tunnel
Location: sheffield

Total posts: 3252
Posted:I guess a lot of you will know about this, but I thought it would be usefull for those who don't.

You can download a really good 'firewall' from here: -

http://www.zonelabs.com/store/content/promotions/zap4/zap_trial.jsp?lid=pdb_zaptrial
br>
A firewall is used to stop unwanted access to your pc whilst on the internet; this could be either hackers or devious websites who want to put programs on your system.

The net is rife with these, there's always hacking software scanning for computers with undefended ports.

Zonealarm, despite being free is considered to be an excellent firewall, in the reviews I've read, both on the net and in books, it's always done well and often outperformed many of the non-free alternatives.

If possible, it's worth buying a pc security book with a chapter on how to configure the program, or maybe there's a FAQ on the site.

Also, for those who don't know, in Internet Explorer you can alter your pc security settings by going into TOOLS>INTERNET OPTIONS>SECURITY>CUSTOM LEVEL

Using the 'HIGH' setting will virtually eliminate pop-up ads and stop web sites being able to run Java programs on your system.

It does mean that some web pages won't work as well e.g. for HOP you need to be on a 'medium' security setting for the times of posts to be displayed.

With 'Zonealarm', intelligent use of security settings and decent anti-virus software (don't forget to ensure your 'virus definitions' are up to date, either by enabling 'automatic udate' or manually checking) your pc should be safe from most of the devious stuff flying around the net.

I'm no expert on pc matters, so feel free to correct any of this or offer more tips.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete Topic

Spanner
BRONZE Member since Feb 2003

Spanner

remembers when it was all fields round here
Location: in the works... somewhere...

Total posts: 2790
Posted:I can certainly recommend it, it protects my PC on the LAN

"I thought you are man, but
you are nice woman.

yay,

:R"

Delete

Posted:Zone alarm is ok, but it's not the best software out there. it will stop the most prolific viri (viruses, whatever! ) but it's not that good at stoping either a dedicated attack or a targeted virus.

If your feeling really techy IPCop is very, very good. Its a downloadable CD-image which needs to be installed on a completely clean machine and run this as your gateway. It installs it's own operating system (linux) and runs from there. and is as completely configurable as most other Linux system. It's also free.
IPCop

The other option is to use port blocking. it won't stop items coming through via email or dodgy websited, but any decent virus checker should get those, what it will stop is anybody getting access to your machine on the common ports, I think the port range is 22000 to 27000 but don't quote me on that. There will be documentation on this on the internet somewhere!
this will all be dependant on the modem / router / switch / hub you are using, and how this is set up to your PC.

btw... Appologies to Dave, I hope I haven't been harsh m8?

I respect your opinion and I have used ZoneAlarm in the past. Whilst it will tell you about a lot of stuff I ran some tests with some "talented" friends of mine and they got through, unnoticed, in about 30 minutes! A good hacker will be through it in a lot less.

ZoneAlarm is very good for general internet usage, but if you want to be really secure I would use something else, but a combination as Dave suggests is always going to be better!

SpyB.


Delete

onewheeldave
GOLD Member since Aug 2002

Carpal \'Tunnel
Location: sheffield

Total posts: 3252
Posted:quote:Originally posted by Psylent_BoB:


btw... Appologies to Dave, I hope I haven't been harsh m8?

No probs, I found your reply really interesting.

My view on security is that 100% safe is virtually impossible to approach unless you're a real expert, or have the time to become one.

So I'm after a compromise between effectiveness and ease of use which for me is zonealarm, norton and a bit of tinkering with security settings.

Even so, I'm a bit surprised that zonealarm is so easy to bypass.

It'd be good if you could post any good simple ideas on security here, especially ones that can work on a standard windows based system.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

Posted:Thanks Dave, I didn't want to completely blow you out, but I used to think the same about Zone alarm and trust me m8 I was just as suprised to find out how easy it was to get round! I'd been using it for ages and telling everyone how great it was, then one of my work m8's had his security team try to crack it, I was very unpleasantly suprised!

IPCop is for the really security concious, and techy minded! it took far too long to set up, now I just use a wireless router with minimal open ports and AVG resident shield. And I was virus free till someone brought their PC over last weekend and flooded my home network with Nachii

Having said ZoneAlarm is not the best, working in conjunction with Norton or AVG (a very good free virus scanner and resident shield) and some basic web sense anyones machine should be secure enough. Unless your the target of some international hacker ring!

I think the biggest thing people should be aware of is strange behaviour. If your machine suddenly starts doing things differently, you haven't changed anything, and it does the same different thing again and again you should start to be wary.

I was hit with MSBlaster and derivatives twice in the space of 3 months, both times it infected my machine on someone elses network, and I only spotted it because my machine would randomly shut down!

When I finally tracked it down, I realised it was a virus, and nothing had picked it up. I had to clean the infected files and registry settings myself, not fun, especially when your flat m8's machine is infected and keeps reinfecting yours!

I do agree with what you've said Dave, 100% security is impossible, but as long as people are aware of:

* how to protect themselves as much as possible
* what to look for should anything go wrong
* how (or who) to put it right

They should be ok.

Hope this helps some ppl.

PsyB.

[ 07. November 2003, 04:28: Message edited by: Psylent_BoB ]


Delete

Matthew B-M


Matthew B-M

Lemon-Aware Devilstick-wielding Operative
Location: East London Wilds

Total posts: 605
Posted:*mutter* security synonymous to risk management *mutter*

*mutter* not really my job, honest *mutter*



Luv 'n' Lemons
purity :: clarity :: balance

Delete

Posted:Yes Matt, but we're talking about home security here, not some huge multi-million pound company network where security is a prime concern!

tsk , some people eh!



PsyB.


Delete

Matthew B-M


Matthew B-M

Lemon-Aware Devilstick-wielding Operative
Location: East London Wilds

Total posts: 605
Posted:It's still synonymous to risk-management, though. It depends on what value you place on various things as to what measures you use. What are you scared of happening? why? Is it cheaper for you just to use intrusion detection (of some sort) and good backups? what value do you place on your time? All these will dictate how much time you should spend setting up "security" measures, and how effective they should be.

ZoneAlarm is all very well, but it tends to lead to useless ISP tech support calls (at expense to the ZoneAlarm user, and frustration of the ISP end), when you get things like "Your nameserver was just sending me packets on UDP/53 and my ZoneAlarm flagged it as an attack" (this is normal operation of a nameserver, for those that actually care).

In terms of PC security, more recently, the hot topic is viruses (yes, that is the plural of virus), and the way in which they spread. They are often based on a failure of "human security" (which is, by far, the most common failure mode of security systems), and are based on what is termed "social engineering". They work based on the fact that people open all sorts of funny forwards from their friends. So, saying something like "I found this wicked screensaver, hope you like it", and attaching an executeable file for them to run: works. The fact is, that it shouldn't.

So, what can you do to stop this. If you get something that asks you to double-click on it, your first reaction should be to stop and think. If you really think it might have been a friend who sent it to you, then the easiest thing to do is to store it, email them back and ask if they really sent it (a lot of the viruses these days fake things, or send without the user's knowledge). If they say yes, you still want to treat it with some suspicion, as it may be, what is termed a "trojan", (for the greek myth of the Trojan Horse, a gift to the trojans filled with armed soldiers, so they could attack the city from the inside), and your friend may already have been compromised. If on the other hand, they say no, then you can safely delete it, in the knowledge that it was almost certainly malicious. This very simple extra verification step takes a little longer but makes you an enormous amount less susceptible. In fact, this applies to any attachment due to certain features of the way that file extensions work on Windows, and if it's (apparently) from a colleague, it is often worth going up to them and asking if they sent it.

If you want to start getting technical, you can also analyse the headers of the mail, which will tell you where it originated, and where it's been, and that will often also tell you if it's likely to be a virus/worm/other kind of malware.

Faking mail is easy. Faking mail to be untraceable is not quite so easy.

With regards to popups, as someone else has pointed out, a lot of the newer browsers include all sorts of useful features to stop certain bits of the scripting language being able to arbitrarily run (eg. my browser is set not to popup anything I don't explicitly click on, the code cannot resize windows, or raise and lower them), this kind of thing makes such attempts to be devious very obvious, or to just not work at all.

The internet is no longer a cooperative environment and should not be treated as one. The company I work for specialise in physical security in server hosting as complementary to data/information security (hence me saying that this is, at least vaguely, related to my job).


Luv 'n' Lemons
purity :: clarity :: balance

Delete