Okay, I’m using my computer with a broadband connection. I haven’t got IIS running and I haven’t got any other server type programs (like FTP server) running which would leave any obvious port insecurities.
So do I really need a firewall? Is there any harm done by scanning my ports?
Please be critical. I need to understand exactly why I may or may not need to use ZoneAlarm (the firewall I currently use).
Thanks computer guys.
I’m not a computer guy, so take what I say in that context, but I’d have a firewall long before I’d have virus software on my system.
Hell, that’s how I did it and still do it.
I hate virus software and think it clogs up an already clogged up process. I go without and haven’t had a problem yet.
In terms of a firewall, on the other hand, I have it for the obvious reasons of people scanning my ports and all that fun stuff, but more importantly, I have it to thwart outbound traffic.
Nothing irritates me more than applications that have no business phoning home doing just that. If you want to access the internet, ask me. Tell me what you’re up to and I might allow it. Assuming you have the right to do what you want, without my knowledge, on my f’nn system, no less, will get you knowwhere fast.
That kind of thing irritates me so much I have ZA for that pupose alone. It’s a hopeless battle, but one I’m willing to spend the time on fighting. I wish others would do it too so these companies could get it through their skulls that openness and honesty might often get you farther than slyness and deception.
OK. Rant over.
That’s the only reason I have one. If that weren’t an issue, I don’t know what I’d do. Truth is, it’s never been a non-issue, so I’ve never really had that option.
But in terms of the fears people have about hackers, crackers, and the like, I tend to agree with you, it’s all over-rated and over-blown hysteria.
I agree, that’s also the biggest reason I use a firewall (the free version of ZoneAlarm). And I AM a computer guy!
My machine runs Windows ME and uses a DSL line. I installed a firewall after I got a message while shutting down one day informing me that ‘Bruce’ was still logged on to my machine, did I want to sever his connection? HELL YES! Who the #!# is BRUCE?
I downloaded and installed ZoneAlarm the next day. Bruce hasn’t bugged me since then.
I used to feel that way too, but when the Code Red worm started hitting my machine as many as 100 times a day it hit home how important a firewall is. Although Code Red didn’t do anything to normal PCs, with all of the MS vunabilities being discovered I figure better safe than sorry.
I ran an IIS server on my computer out of college and i got hacked by someone in Malaysia. The only reason i knew i got hacked was because blackice told me what happened. The hacker pulled a UTF backtick and he eventually got command access at the root level; blackice didnt shut it down because I had ports forced open for FTP and HTTP. I was kind of hoping that it would shut down the connection, but again i guess telling me was enough at the time. He was really cool though, he he could have tanked my computer but instead he just tagged my webpage.
The moral of the story is that firewalls are a good thing to have (even though sometimes they dont work) and that IIS is a POS. If you are going to use that software for your server make sure you go to the MS site at least every week to get the lastest security patch, that I think is almost more important than having a firewall on your server.
I’ve got a NAT (Network Address Translation) firewall with my router, it cost about $60, and I don’t have to install ZoneAlarm, Blackice, or any of that stuff now. It lets everything of mine out (cause I’ve configured it that way), but it only lets 3 ports in… HTTP, FTP, and RDP. It also routes them to my computer specifically, so no other computer on the intranet can even get touched. I would highly recommend this type of solution if you’re worried about software bloat.
Oh, and regarding viruses, my campus was just hit with one that could have easily been prevented, except that people a) didn’t have b) didn’t update their virus scanners. I had about 50 email viruses sitting in my Inbox, thanks to this lack of simple antivirus protection. So I would recommend antivirus software for anyone, but a firewall/router only if you have a broadband connection.
Did your firewall do anything to protect you? Even with a NAT firewall, and software based firewalls, and even virus software from what I remember, I would have been hit with it (I think). I’m not trying to be snotty or anything, but how did a firewall protect you back then?
And just so we’re clear, it’s not that I’m against virus protection software or firewalls per se, I just think their more of a pain than they’re worth, moreso the virus protection programs than firewalls.
If their gonna getch’ya, their gonna getch’ya.
I’d rather spend my time doing other things than dicking around with various firewall programs and virus programs, except in the case of managing outbound communications, that’s relatively an easy thing.
I’ve never run a firewall, and I’ve never been harassed by “skript kiddiez” or viruses or the Windows Worm du jour.
Then again, I use a Mac. 
Well I just have a home PC (no IIS), so perhaps that makes a difference. Yes ZA blocked all of the access attempts. The reason I’m pretty sure that it was the Code Red worm is because most of the blocked access attempts were from IP addresses simliar to mine which was a “feature” of Code Red (variant 2, IIRC). The “hits” went WAY up right when Code Red was rampant.
Also, for the home user, ZA doesn’t require any fiddling with once installed. If you have a server, I imagine things get to be a lot more complicated however.
I have only had problems with anti-virus programs so I have never used any in some years now. I have carefully configured everything I can think of in my computer (email, browser, ports, network bindings, etc) as tightly as I can and I do not “open” any attachments I am not positive are safe. In over four years I have never been infected even though I have received my fair share of bad stuff.
A couple months ago I installed Zone Alarm and have found out about certain programs (like RealAudio and ICQ) phoning “home” when they shouldn’t so I feel ZA has given me abetter level of knowledge and control.
go to http://grc.com/default.htm - select shieldsup! - have this web site test your shields and scan your ports you might be supprised.
I use a linksys dsl router and occationally install zone alarm just to see if anything is getting through this is what i found:
nothing unexplainable gets through the linksys router as reported by zonealarm.
if i put my computer in whats called dmz zone (meaning the linksys is not acting as a firewall) then zone alarm will occationally report some strange hits.
using shildsup that I told you about this is want i found:
using just the linksys - all ports are stealth (they are not seen by the internet)
using just ZA - all but one port is stealth - one is closed so noting can connect to is
using nothing - some ports were open, some were closed, none were stealth also the web site could see my network resources - my harddrives and printers the resources were password protected though.
I have used ZA in the past but had to uninstall it due to the fact that it is a memory hog. I have a dial-up connection. I use Window ME (boo–hiss). I also have 256 megs of memory. Every time I would have ZA running, I constantly got an “out of memory” or a “resources low” warning. I would turn ZA off and no more warnings. It made no difference whether I had rebooted or not.
I do, however use Nortons Antivirus. It has, in it’s quaranteen area, 4 different virus’s. Three of them were found while scanning incoming emails. The other one was from a web page when I clicked on a link. (A Trojan Horse, whatever that is.)
I have tried other firewalls but found them extremely difficult to set up. (Probably due to the fact that I am a computer idiot. 
)
I wish I could use ZA, but it just doesn’t work for me.
I agree that ZoneAlarm works extremely well at letting you know what your own system is up too. Real Audio and its relatives are bad at trying to “phone home”.
I also had something called “tmconfig” that kept trying to set itself up as a server. It was configured in the Registry to start itself up when the system started. I have no idea what it is but I eventually killed it and nothing seems to be broken.
I also get a few notices every time I use the system telling me that someone is trying to access my system from the outside. Last weekend I had someone from the same IP address trying to access me every four or five minutes for about two hours. Don’t know how long they would have kept trying except I turned the system off then…
I’ll second rjung’s slightly smarty-pants comment. I also use a mac, with DSL, and have never had any problems that I know of. I don’t leave it running all the time, because the support tech at earthlink advised against it.
Are me an’ old rjung asking for trouble? I assume not, because no windowheads have jumped on this yet.
Peace,
mangeorge
You should definitely use a firewall if you share any folders on your computer. People can access them directly if you have a public IP.
You don’t have to worry too much if you use NAT…unless your router gets hacked.
If you use the internet you must, MUST use an anti-virus program. I recommend Norton (and I DON’T recommend McAfee). If you don’t use one, at some point, you will regret it.
If you use a broadband connection* I highly recommend using ZoneAlarm even if you also use a hardware firewall. ZA is pretty much transparent to the user, its very effective, and its completely free!
*If you use DirectPC you’re not very vulnerable due to the very roundabout way it works.
abel:
Even if you are using NAT, you should still use a firewall. NAT won’t protect you if a program on your side of the firewall initiates a call to the outside. Many programs access the web behind your back.Even “legitimate” POS programs like RealPlayer,Media Player, and Acrobat work this way. A firewall will alert you if this happens.
An ounce of prevention…
Hail Ants
just curious why do you highly recommend using zone alarm w/ a hardware firewall. It just looks like a great way to consume system resources.
err…make that you should still use a software firewall