I have noticed the increasing number of attacks on my computer in the form of the Backdoor/SubSeven Trojan Horse. My NAV keeps me constantly aware of these attacks (to the tune of half a dozen per day) which appear from all over the world when I track them back.
Do others get so many warnings?
Apparently there must be something substantial to gain from employing this tactic, enough unprotected PCs to warrent its use, and little preventive action employed by ISPs. It’s analogous to having perps walking by and checking the door handles of my car at the mall parking lot, while I’m still in the car!
Although I’ve never suffered any damage from viruses and such, I got to wondering and become a bit paranoid if I’m some sort of “mark.” I understand I can try to report the abuse to the respective ISP, but with so many attacks from such different sources, this seems inefficient.
Any suggestions or ideas on how to minimize this? I’ve heard of some type of “ghost surfer” products but have no idea as to their applicability.
A firewall will render you all but immune to such attacks. And it will protect you from threats that may escape NAV. I use and recommend the free ZoneAlarm, from Zone Labs.
Oh, you didn’t say you had NIS too. Norton Internet Security is a firewall with integrated antivirus support. To be honest, I don’t know much about it, since I’ve only ever used ZA. ZoneAlarm can also block access from your computer, something many firewalls fail to do. I don’t know if Norton does this or not.
My NIS regularly flags the same attacks, Haste. There shouldn’t be a problem with them working together-when I check for updates, NPF and NAV both are polled for the latest antivirus definitions and firewall enhancements.
When setting up firewall rules, I had to tell Norton what programs were allowed to access the net, so I believe that function is covered, Q.E.D., as is outgoing email scanning for viruses.
There is a huge difference between using a software firewall (NIS/BlackIce/ZoneAlarm/etc.) from using a hardware firewall, like a $35 router with a firewall built in. The vast majority of hackers are “download hackers”, usually teenagers who have little or no computer skills and they download programs that do basic, irritating (and illegal) things. Often, they run port scanners that search large ranges of IP addresses for those with easy vulnerabilities. Software firewalls report these probings as attempted connections. 95% of the time they are not. I’m convinced the constant pop-ups in these programs (including those above) are to make you feel like they are working. Bottom line: If you have anything important or private on your PC, or if you are sick of constant warnings about hackers, get a router with a firewall in it.