How does a person like sailor, or myself, for that matter, who never opens any unknown attachment or runs unknown code, at any risk from Internet virii?
[quote]
How does a person like sailor, or myself, for that matter, who never opens any unknown attachment or runs unknown code, at any risk from Internet virii?**
The new virus that is going around can be activated by previewing an email if you have not updated windows (klez worm). some web pages can couse problems if you leave scripting on (just by visiting them) and major problems if you leave javascript on.
Thanks Barney. I’m also running Win XP, which includes a stateful firewall in the OS itself. However, that’s the same story as NAT, it’ll let anything out that’s inside the firewall. All of the programs you’ve mentioned above are either disabled on my computer, or have been neutered. I also run Kazaa, and there are ways to prevent Cydoor/Gator/etc. from working while it is running. Occasionally I’ll run netstat from the command window just to check up on my ports, so I can see what’s being sent, and what’s connecting to what. By doing that, I can say I feel fairly secure. Best of all, Steve Gibson can’t see me! Nanny nanny boo boo!!!
All things considered, I completely agree with you about the need to monitor what goes in and out of a computer, but I keep a close watch on what goes in, so I feel safer about what gets sent out. 
Yup, that’d be the one that attacked my whole campus this week. Nasty little bugger, too.
There is a another way to protect shares on your local network from being accessed over the internet. Don’t bind file and print sharing to TCP/IP. I am using NAT with a Linksys router now, but I still use IPX for local file and print sharing, just to be sure. There are Microsoft Knowledgebase articles which describe how to do this, it is relatively simple. Also, NAT is no help at all in protecting against email or web page script viruses.
As for relying on weekly updates from MS to prevent security holes, forget it. IMO it is Microsoft’s greatest weakness that they take so long after a security hole is discovered to release a patch.
As for Macs, while there may be fewer virii that can affect you, and therefore your risk is lower, that doesn’t mean you are immune.
For an average broadband home user, the odds of getting hacked are fairly low.
There are roughly 4 billion possible valid Internet addresses. In order for someone to hack into your system, the hacker would first need to determine your specific Internet address. Since you aren’t running any type of server service, it’s doubtful that your Internet address would be published online, so the hacker has a few ways of determining your address. He could set up a script that would randomly poll valid address to see if he could get a response, thus indicating that there is a live machine on the other end. Alternatively, he could try to exploit a piece of software you both use, say, a file sharing program or a direct connect chat program to pull your address from that.
Assuming the hacker somehow got hold of your address, he would then have to scan the open ports on your computer in search of a potential weakness (there are quite a few popular/well-known ones in Microsoft’s OS’s, unfortunately). Port scanning doesn’t directly damage your system in any way, but it is an information collection tool for the hacker. Assuming he found a weakness, he could then exploit it. Of course, you could attempt to identify the exploits yourself and take measures to prevent them (toubot’s suggestion is a good one, for instance), but how far do you want to go with this?
One advantage you have is that you’re a moving target. Your computer isn’t always on. Some broadband services utilize dynamic addresses, so your address might change (other services use static addresses, however). You might not always have the same ports open as your did yesterday. And so on. It’s security by obscurity, which isn’t security at all, but as a private broadband user, you’re pretty darn obscure, relatively speaking. Sure, any time you utilize any kind of server service, there’s the potential that the server operator can look up your address and initiate a scan against you, but is, say, the Chicago Reader going to reference their web log to figure out your address? Probably not. Is the random guy from whom you’re downloading MP3s going to? Who knows.
Of course, if you’re talking about viruses (especially trojans), the hacker’s job is simple. If you’re running, say, a trojan, you basically are running a server on your machine and reporting your presence to the hacker who planted the trojan in the first place.
Do you really need a firewall? I suppose not, but hey, better safe than sorry. You don’t technically need to lock your front door at night; it’s not as though your neighbors typically go around trying front doors to see if they’re unlocked (at least, I hope they don’t), and if someone really wanted to get in your home, they’d just break in anyway. In the same vein, firewalls aren’t the be-all, end-all of security, but they can help keep you a bit safer. Unless you have a specific reason why you don’t want a firewall (the software hogs up all the system resources, it crashes/interferes with programs, cost too much money), I’d say you might as well throw up a firewall and install anti-virus software. But there’s no real reason to lose any sleep over it if you don’t, either.
Besides, as others have already mentioned, firewalls are not only useful for keeping unwanted traffic from coming in, but also useful in controlling what data you want going out.
>> The new virus that is going around can be activated by previewing an email if you have not updated windows (klez worm).
- My windows is updated and your should be too.
>> some web pages can couse problems if you leave scripting on (just by visiting them) and major problems if you leave javascript on.
-
My scripting is off. For most pages, if they need scripting on I go elsewhere. I find it quite unprofessional. For a very few select sites, I include them in the list of safe sites.
-
Outlook Express is part of Internet Explorer. Set the email to “Restricted Zone” so no scripts etc will be run.
I am not saying I cannot catch a virus but up until now it has not happened and antivirus software has given me too much trouble. I also know people who do have antivirus software and have viruses and have sent some to me.
how do you do this?
also remember that even if you set your security to the above settings, new virii are always created and MS is not all that speady in plugging holes. AV compainies have a better chance at stopping a new bug since it is directly scanned for instead of trying to plug the hole that the virus exploits.
Nobody is going ot force you to use a AV program or a firewall but you are taking a greater chance if you go without.
That is not necessary. Most attack scripts will scan for open ports over a large address. Open ports are open game, while closed ports indicate a live machine.
Only stealthed ports will fend them off.
Regarding the OP.
You should always have a firewall if you are connected to the Net for any length of time, more so if you use broadband (because it is a lot likely that you will stay on the Net for long periods of time) and/or run any services.
You can use either a hardware firewall - some routers double as firewalls - or a software one.
cheezit,
That is odd
Another point, why use IIS when you can use apache?
I use BlackIce, it was easy to install and seems to work fine, doesn’t hog memory or interfere with anything else. For those you you who insist you don’t use a firewall and have never had a problem: You would be AMAZED at how often various types of intrusions are attempted against your machine. Fortunately, they usually fail. But ultimately there is the possibility that someone could hack you.
BlackIce works by identifying who’s trying to hack, and then silently blocking them. As far as I can tell, it works. Haven’t tried ZoneAlarm or any of the others, though.
I, too, must say that ZoneAlarm alerts me of a great many requests about my computer. I deny all of them and it has never damaged my internet connection in any way so I can pretty much assume that whether these probes are harmless or not they certainly are not necessary, and that alone is enough for me to stop them on my computer.
In my opinion—and maybe I am just waxing philosophical here—there is no way to create a perfect (and possibly a near-perfect) bug free operating system, nevermind regular software. The more popular any system is the easier it is to exploit inherent weaknesses effectively. Microsoft is a victim of their own success in this regard (please, though, this is not to say they couldn’t be better before anyone thinks I have done so).
>> Outlook Express is part of Internet Explorer.
>> Set the email to “Restricted Zone” so no scripts etc will be run.
>> how do you do this?
In OE: Tools - Options - Security - Restricted Zone
Then emails will be treated as web pages in the restricted zone.
Many attacks are from crackers trying to use your computer for attacks on other computers. They spread around trojan horse programs and then scan around for computers that become infected.
If your computer manages to get a trojan on it, then they can use your computer to send out “denial of service” attacks and such against other targets, usually various servers.
On another note, if you think antivirus software is a hog, you don’t have to use it all the time. I’ve turned off the automatic scanning features on mine, and I only use it to scan any new downloads/attachments or to run a periodic sweep of my system. As long as you’re careful about what comes in and goes out, you can be relatively safe. And part of that caution is to have a good firewall. I think it’s a must.
check out Gibson Research for some of the best info on computer security. http://grc.com/default.htm
That’s because the majority of “hackers” today are the “skript kiddiez,” who twiddle automatic scripts to try and break into various computers. The scripts aren’t sophisticated enough to handle non-Windows systems, and the kids themselves aren’t smart enough to modify them to do so, so all us non-Microsoft people are spared as a result.
Viruses are so rare on the Mac that the mere appearance of one makes for headline news at the Mac news websites. The last major Mac virus IIRC was the “Autostart worm” from 1998, and that only got a lot of attention because it was accidentally pressed on copies of MacAddict magazine’s freebie CD-ROM.
Yeah, I get Windows viruses in my email all the time. I usually ignore them, but sometimes for fun I’ll open it in a text editor, read the embedded error messages (“This .BAT file cannot run in DOS mode”), and snicker.
sailor thatnks for the tip - I see that my OE is set to restricted zone by default but it never hurts to check
BTW, I’ll mention ZoneAlarm runs without problem on my Jurassic P233 but when the traffic is heavy (like when using NetMeeting) it slows the computer considerably.
Also check out grcsucks.com for some of the best info on Gibson Research.
Steve Gibson has a long history of hysterical overreaction. His page on the Windows XP Internet “threat” is a recent example of him trying to cause an uproar. But Windows XP has been out for six months now and somehow the Internet is still standing.
His LeakTest page is useful, but take the rest of the site with a grain of salt.
Quoth k2dave:
What is this business of “previewing an email”? Is that some Outlook thing? Because I’ve never seen the like in any of the versions of Netscape I’ve used. And the worst that scripting, of any sort, has ever been able to do to Netscape is crash it, in my experience.