Skip to main content

Do you feel safe when connecting to the Internet ?

More
21 years 2 months ago #698 by klemens
i feel more secure now after i had my Linux firewall/router installed,
though my IPTables knowledge still sucks :D

at least when some worms try to exploit Windows' flaws, it cant go through :)
More
21 years 2 months ago #701 by Chris
Klemens,

IPtables take some to get use to :)

We are planning to cover the topic at some point, but there are also plenty of good resources out there.

Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
More
21 years 2 months ago #726 by bwana
Replied by bwana on topic einstein, for real?
2 years and no firewall? I just saw a report that said a naked machine on the net gets msblaster within 4 hours. Just lookin at my router logs I see lots of random connection attempts since i enabled 'respond to wan ping'. How do you remain invisible?
More
21 years 2 months ago #729 by sahirh

I have a Constant connection to the internet. My Windows 98 (i'm not proud of the os) has been connected for 2 years now basically non stop and noone has entered or stolen my information. I don't have a firewall and i understand all that goes on in my machine. My answer is the i feel confortable. [img]images/smiles/icon_smile.gif[/img]


Personally, I like to remain paranoid.
As anyone who's in the security business can tell you, over the last few years things have become quite bad. This is a direct result of three things :

a. more people getting online
b. software getting more complex
c. homogenity of o/s (windows)

If you look at statistics of (security) bugs found annually, you'll see a very definite upward trend, that means there are more security holes found each year.. when you couple this with the fact that there is now such easy access for script kiddies with no real knowledge to just download some point and click exploit and root thousands of hosts.. you have a situation which is not pretty.

As bwana said.. two years without a firewall.. and NO attempted breakin is not possible -- trust me -- while sure you may not have had someone *in* your computer, (windows machines are decidedly unattractive targets to crackers), just stick up a personal firewall and watch those logs for a few minutes.. you'll invariably find random webserver requests, the usual blaster traffic, the odd telnet request etc etc...

While you may not have been infected, it could be that your ISP is doing a good job.. theres an article called uhh.. 'ISP's - The Poor Man's Firewall' which details how ISP's are taking drastic precautions to prevent their networks getting infected.

Forget having your machine hacked into or even infected with a worm -- the next time you click on a link and get a 404 page not found.. you never really know if that might be someone exploiting a cross-site scripting vulnerability, i've seen personal homepages where the links have little script tags in them !

Consider also that recent bugs in internet explorer can allow an attacker to silently make your machine download and load an executable, or run arbitrary code.. just by your looking at the page..

The fact remains, just because you're not seeing anything doesn't mean you've not already been exploited in some way -- a clumsy script kiddie scanning huge ranges of ips to exploit any random IIS4.0 webserver may not cause you any trouble, but its the skilled ones -- the ones who know perfectly well how to cover their tracks and make you feel like nothing is wrong -- those are the ones to worry about.

As far as privacy is concerned - forget it.. just about every website you visit is desperately trying to pull some personal info out of your machine.. something as benign as the referer header that tells a server which website you linked from can contain so much info...
It can be interesting to see who comes to your site after visiting randompornwebsite.com lol

As a real life equivalent - sure you can leave your front door unlocked for 2 years and probably nothing will happen... but would you do it ? Then why do the same online ?

Interesting post, and if you're interested in seeing just how much bad traffic really floats around the net, visit
isc.sans.org/

(when you click that link how do you know I haven't embedded javascript tags in it which send me cookie and possibly password information.. the cgi that runs this board is phpnuke (i think).. an awesome bit of software.. which nonetheless has been plagued in the recent past by vulnerabilities.. it might be vulnerable ;))
have a look
www.google.com/search?sourceid=navclient...hpnuke+vulnerability

If you want to read a very interesting article on how the number of people using a single o/s (windows) on the net is a major security problem, i really reccomend you read this article
www.ccianet.org/papers/cyberinsecurity.pdf

One of the authors, a well known expert called Dan Geer lost his job as Chief Technical Officer at @stake.. because microsoft didnt like the article and gave @stake a call.

Anyway I'll stop sounding like a paranoid android now :) :)

Cheers,

Sahir.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 2 months ago #734 by tfs
Lots of great points there.

Personally, I'll take Paranoid over a dead system any day.

I myself handled a system that had no bad viruses, works, trojans, hacks (did have a couple of irritants periodically due to some inadvertant email attachments - but nothing really bad).

Then we got bought up and the New company connected to ours via VPN and without proper security precautions and in 1 month we got hit with Code Red, Code Red 2 and Nimda. Could not figure out how - as I had all the patches up to date and all the antivirus definitions files up to date. We just couldn't figure out where it was coming from.

Then we found that the new company had been fighting the viruses and it was apparent where they were coming from - through the VPN connection (I could just cry).

We did manage to eradicate most of the problem (and disconnected our system from theirs), but one day every month we would start having connection problems ( no apparent cause) and the next day it would go away until next month.

As I said, a little Paranoia goes a long way.

Tom.

Thanks,

Tom
Time to create page: 0.147 seconds