Ivers Guide to keeping your system secure and safe.

mozza

mozza

mozza

Suspended
Permabanned
Joined
10 Dec 2002
Posts
1,476
Location
Who wants to know?
Just read Through the Sticky and was very helpfull. I found the link to the PeerGuardian 2 IP database here. On this page there is a link to a Zonealarm Pro 4 XML Format list, ready to copy. How do I go about copying this list into Zonealarm Pro 4. I had a look through my Zonealarm directory and could'nt work out how or where to put the XML list of IPs. The list is here.

Thx
 

stuartam

stuartam

stuartam

Associate
Joined
18 Oct 2002
Posts
397
does anyone know where i can download an english version of 'XP Antispy' the site given in the link in the 1st post no longer works.

regards
 

Caustic

Caustic

Caustic

Soldato
Joined
21 Oct 2002
Posts
4,678
Location
Oxford
"If you have an always on connection and\or static IP you would be crazy not to have one."

Perhaps a quick comment saying that routers in NAT mode make an excellent hardware firewall.

Also, as two people have suggested, make sure you put a link to GRC and the very informative Shields Up page in your firewall section.

Great post, good work all.

CD
 

Iver Athlon

Iver Athlon

Iver Athlon

Suspended
OP
Joined
18 Oct 2002
Posts
2,655
Location
Back in blighty babeh
Perhaps a quick comment saying that routers in NAT mode make an excellent hardware firewall.
Click to expand...

Originally posted by technomage (in another threed)
I also have a router, I use NAT, I don't reply on NAT for virus or firewall protection. NAT (Network Address Translation) was not primarily designed to act as a firewall it was designed to conserve the very much used and not large enough IPv4.
It was designed so that computers or networks can connect to the internet without the need of a public IP address, this conserves the IPv4 IP addresses because home users and offices alike can use a private IP and there is then only need for one public unique IP address. I don't think I will go into how this works, to long...

NAT used with other measures by your ISP allow the internet to stay alive, without it you and me would probably find it hard to be able to connect to the internet. This is why IPv6 is coming, and its also the reason why you should not rely on NAT for firewall protection.
Think of it this way, you can buy a router that uses NAT (it would be pretty silly for a router not to be able to do this), and some also come with firewall measures built in, they would not use a firewall if NAT was enough.

Port forwarding or PAT (Port Address Translation) is meant as part of addeded security if you use filters also, it also helps direct certain traffic to certain ports for the likes of servers. This also should not be relied on as your sole security.

N.A.T does not protect against the likes of Trojans or Worms, although a Virus can be very destructive Trojans and/or Worms are more of a threat i.e. Identity Theft, Computer Misue and Abuse.

My recomendation is to use a software or hardware firewall WHENEVER you connect to an unsecured medium i.e. Internet, Wireless network etc

Like HEADRAT said, CODE RED works if there are intranet/extranet services running on your sysytem, CODE RED then exploits the IIS services into doing its damage. This is another reason why you should always make sure that there are no unrequired services running to exploit. The likes NIMDA worked in a different way and could be spread simply by having shares and a network connection, it could also be spread by simply remote viewing an infected machine, you don't need to download a file or anything to become infected, this is why NIMDA was such a BIG thing because you HAD to effectively shut you network down to destroy it. N.A.T does not protect you from this.
Click to expand...

From what i can gather NAT only refuses incomming IP's, it will not stop out going nastys like trojans etc... So i would still reccommend some sort of firewall as well:)

Also, as two people have suggested, make sure you put a link to GRC and the very informative Shields Up page in your firewall section.
Click to expand...
I was under the impression GRC was the laughing stock of the internet security world:eek:, www.grcsucks.com Exellent idea tho so as an alternative Norton have a simular web based security check located here: (hope it works) Security check

:)
 

Rancidelephant

Rancidelephant

Rancidelephant

Soldato
Joined
20 Oct 2002
Posts
3,264
OH THE IRONY

first time i install a firewall .... get a virus :/

I have been functioning perfectly happily for about 4 years on the net, dl a firewall + antivirus etc and WHACH i get one :p

Have done virus scans in the past and found nothing :/
 

element

element

element

Suspended
Joined
18 Oct 2002
Posts
2,898
Location
de_aztec (home = plymouth)
Originally posted by Rancidelephant
OH THE IRONY

first time i install a firewall .... get a virus :/

I have been functioning perfectly happily for about 4 years on the net, dl a firewall + antivirus etc and WHACH i get one :p

Have done virus scans in the past and found nothing :/
Click to expand...

same here, ive never had a virus.. i scan maybe 1 a month if i can be bothered, although when i heard bout msblaster i did a scan.. i didnt find a virus but i found a trojan :eek: probably why my firewall password wouldnt work :mad: uber hax0r'd.. aw well smoothie box again soon :)
 

NickK

NickK

NickK

Soldato
Joined
13 Jan 2003
Posts
23,663
Agnitum provide a free unlimited trial version of "Outpost" v1.0. It has feature better than ZoneAlarm, plus a few plugins such as DNS Cache, Advert blocking, Active content blocking, popup window blocking, content blocking, attachments blocking etc.
 

Chocki

Chocki

Chocki

Associate
Joined
18 Oct 2002
Posts
1,682
Location
Wolverhampton UK
If your after purchased software, I can recommend McAfee Internet Security.
This comprises of firewall, antivirus and internet security.
firewall stops anything getting in, internet security stops anything getting out without you knowing about it and viruscan checks everything that does come in or out.
The internet security part is, well, not very silent as it warns you loads and it is very tempting to just switch it off, but I suppose this is until I have set up all regularly visited sites.
For each site you can set whether to accept cookies permenantly onto your PC, or just this session.
Yes / No Filter this site.
Allow / Warn / Block Direct cookies.
Allow / Warn / Block Indirect cookies.
On / Off Referer filter.
On / Off Ad filter.
Allow / Warn / Block Web bug killer
On / Off Popup Killer
It shows stats for each site, you can assign login names and passwords for each site, these are encrypted and you have to drag and drop them etc.
All traffic is monitored and you initially setup information you want blocked, like your name, your e-mail address, your telephone number, the last 8 digits of your visa card etc, and whatever you want within reason, now if anything tries to send any data containing anything from your restricted data lists, it is stopped and your permission is asked or you can set it up so it blocks it period.
This is incredibly useful if you have children with their own user entry on a multiuser PC, as you can enter your childs name, address, telephone number etc which will prevent them from giving out their details etc.
The list of features goes on and on....
It can be a little bewildering at first due to the amount of options available, but this in turn makes it very flexible and if set up correctly, very secure.
If you want more info, go check out McAfee Internet Security

Note, I have nothing to do with this site, just sharing advice with people.
 

Chocki

Chocki

Chocki

Associate
Joined
18 Oct 2002
Posts
1,682
Location
Wolverhampton UK
Further review of McAfee Internet Security 5.

I have been playing with this program a little more and I definitely recommend it to parents who would like to restrict full access to the internet for their children, the parental controls are very comprehensive, the filters are very good and the restrictions you can place are also very good, you can also select to just allow access to certain sites and you can allow what hours during the day this access is available etc.
Another point in it's favour, is that from within McAfee Internet Security, you can also set what programmes on you PC your children have access to and set up a file guardian which will only allow specified files to be opened with the specified program you select. This will prevent your children from opening any files with sensitive information, even if they try to use another program to do this.

It is a little heavy going and the amount of options etc can be quite bewildering, but to help, it does come with a 130 page manual, but only in electronic format as a PDF file, but don't be put off by this, it is broken up into the seperate sections, viruscan, firewall and internet security as well as installation instructions. The best way to look at it is as three seperate packages which you configure individually.

If your used to having unrestricted access to the internet, this package will get on your nerves to begin with as it stops and questions everything you do regarding internet access and you have to set and adjust permissions, but to make things easier, there is a "browser buddy" with the main settings allow/ deny etc for cookies / popups etc, and once you have set these up it won't bother you again for that particular site.
There is a global setting you can set for all unknown sites, but I recommend you leave this set to block everything and set things on a per site basis.
Note: Whatever you set up as administrator regarding cookies / popups etc, applies to the restricted accounts which you would allow your children to use.

I would give this package marks out of 10:
Features 9.5 (Too many to list here).

Ease of use 3 (Not for the faint hearted).

Parental Security 8.5 (I tried to be clever here and find ways of shutting down the security from within a restricted account but could not, but the security is only as strong as your password, it already filled in your user name when requesting permission for things you have restricted, so that's half the battle lost already, that's why I knocked 1.5 points off).

Internet Security ? (I can't really give a figure to this, after all it depends on who set it up in the first place, It can be a 10 but worst case, it could also be a 0).

Overall, a very good package but not for those who struggle with basic system management.
Initially very time consuming just setting permissions up.

If you want to protect your children and your system and are prepared to spend the time doing so, then I can definitely recommend it.

Andrew Cichocki.
 
You must log in or register to reply here.
Back
Top Bottom