gravid
|
posted on June 15, 2001 06:13:26 PM new
I recieve a news letter on computer security called CRYPTO-GRAM. In the latest issue they speak of setting up a "honey pot" a server easy to break into to attract hacker attacks and measure how much activity is actually happening in a real world situation. The Red Hat system was attacked quickly but here is what they said about a common windows sytem-
"A common home user setup, with Windows 98 and file
sharing enabled, was hacked five times in four days. Systems are subjected
to NetBIOS scans an average of 17 times a day. And the fastest time for a
server being hacked: 15 minutes after plugging it into the network."
Lot of flies around that pot.
|
Borillar
|
posted on June 15, 2001 06:45:54 PM new
Yes. Thanks to AW Users, I was made aware of how vulnerable my computer running Windows 98 and using a cable modem is. I downloaded the free for personal use ZoneAlarm http://download.cnet.com/downloads/0-10105-100-5789031.html?tag=st.dl.10001-103-1.lst-7-1.5789031 and was SHOCKED at how many times a day someone was trying to find ways into my system!
Other good resources to check your computer are at GRC.com http://www.grc.com
Even if you do not use DSL, Calbe Modem or other high-speed access, this program is a must and a god-send!
|
jlpiece
|
posted on June 17, 2001 04:34:56 AM new
The best firewall and privacy suite I am aware of - the one I currently use, and the only one that the firewall leak tester at the above site could not penetrate is a program called Freedom 2.0, which can be downloaded for free at http://www.zeroknowledge.com. Nothing comes close.
|
gk4495
|
posted on June 17, 2001 04:48:44 AM new
I had been using Black Ice Defender, but switched to Zone Alarm. I wasn't so shocked by the numbers of times my system was probed, but by the numbers of programs that I had that were sending information *out* of my system without my knowledge. Alarm Zone shut them down too. I'm not only concerned with what is coming in. I want control over what is going out too.
|
Powerhouse
|
posted on June 17, 2001 05:18:39 AM new
Using zone alarm.
Results of shield test:
"Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion."
"Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet."
Looks like I'm covered (for now). 
|
gravid
|
posted on June 17, 2001 07:22:49 AM new
Yes that's what I do also - run in stealth mode with invisable ports.
Something Zone alarm does not do that is nice to add on is to request your data through a proxy server. AdSubtract can be configured to do that for you. It took a little effort to set it up correctly but once it is working it is entirely transparent to the user except for the proxy name flashing on the task bar briefly.
|
jamesoblivion
|
posted on June 17, 2001 07:27:08 AM new
Whatever happened to that little thing awhile back, when it was revealed that AW servers were probing our ports a few dozen times a day and Mark claimed to have no idea why?
|
ubiedaman
|
posted on June 17, 2001 09:39:28 AM new
We use a 3rd computer (old boat anchor basically) as a server for the other 2. It's an old Pent II with nothing on it other than the OS..just a keyboard hooked to it...then we network our other puters from this...It acts as a firewall, and even if it IS hacked, (the HD has been split into 2 sections, with Windows on one section, and our cable set up on the other) there is nothing available to a hacker...
Keith
I assume full responsibility for my actions, except
the ones that are someone else's fault.
|
roofguy
|
posted on June 17, 2001 07:03:29 PM new
ubiedaman, how do you configure those three computers to allow the other two to access the internet?
|
ubiedaman
|
posted on June 17, 2001 07:52:01 PM new
roofguy.....
I had one of the IT guys from work help set it up...we have the cable modem going into the "blank" puter, and then use wireless network to run the other 2...Win 98se, and ME both have built in settings for networking...
Keith
I assume full responsibility for my actions, except
the ones that are someone else's fault.
|
gravid
|
posted on June 17, 2001 08:32:22 PM new
But their drives don't show as readable on the one recieving the cable?
|
ubiedaman
|
posted on June 17, 2001 08:36:47 PM new
Nope..the first computer doesn't show that there is anything else to look for...just a mostly blank HD
Keith
I assume full responsibility for my actions, except
the ones that are someone else's fault.
|
