Firewalls revisited:Newbie

View Poll Results: Your Idea On The Situation.

Voters
36. You may not vote on this poll
  • The cops we protecting themselves.

    1 2.78%
  • The cops jumped before they thought.

    9 25.00%
  • The cops should be kicked off the force.

    8 22.22%
  • This just proves it, cops are @$$}{0 | _3S

    18 50.00%
Results 1 to 10 of 10

Thread: Firewalls revisited:Newbie

  1. #1
    Banned
    Join Date
    Dec 2002
    Posts
    394

    Lightbulb Firewalls revisited:Newbie

    Attacker's have just comprised your system. You only left it to your ISP, to protect you from attacks.
    Lets look at firewalls that can help you get on your way of securing your system. A Software firewall such as ZoneAlarm, Norton, my personal favorite Blackice Defender. These are just examples of software firewalls. Download one from a secure source, like the vendor of that product or purchase at your local store. So even if you can't afford one you can obtain a good one. Once installed, check out all the options that you can change to configure it 2 your liking. If you newly installed any *nix distro try ipchains, Linux Journal, and others say its very good.

    For the Paranoid: After installing a software firewall install a hardware firewall.
    They come in black boxes like routers, and are programmable through a smart card that connects to your PC. 2 set the configurations that you prefer!!

    hardware firewalls are more secure than software firewalls, though they can run U from $79
    to $400 but combined together you'll be more secure.

    Ps, check your syslogs, or what ever log your firewalls logs attackes to!!

    It's beeeeeeeeeen ƒ|_|N peace!!!!!!!!!!!

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    They come in black boxes like routers, and are programmable through a smart card that connects to your PC. 2 set the configurations that you prefer!!
    Although some Hardware Firewall come like this (They are referred to as Appliance Firewalls, and are pretty much plug-and-play).

    I still think that a crappy old 486 dedicated to run ipchains properly configured is still the best way for home users to protect themselves from the wild, wild west, that is the Internet.

    But remember, having a firewall setup this way not only relies on the configuration of the rulesets for your protection, but also relies on the strength of the operating system. Strip all services that are not essential. This will reduce the vulnerabilities associated with the OS, whether it be *nix or WinDoze
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    I still think that a crappy old 486 dedicated to run ipchains properly configured is still the best way for home users to protect themselves from the wild, wild west, that is the Internet.
    I agree. I have an pI 200 w/32mb ram with smoothwall on it. It acts as the firewall and proxy and router if you want.

    Well, I have a couple of routers too, but that is just so I can do some subnetworking and playing around with cisco routers.

    I love it.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    Banned
    Join Date
    Sep 2001
    Posts
    113

    standard user vs. server

    A standard user probably only needs a software firewall whereas a server probably needs a hardware firewall.

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Most home users are not savvy enough to build their own firewall. If anything, they will have something that came bundled from NAI or Symantec.

    I have a 486 DX2 running RH 6.2. This little guy is perfect for home firewalling!!
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Junior Member
    Join Date
    Sep 2002
    Posts
    16
    For the average user a software firewall is the easiest to set up. I have set up some of the cheaper firewalls like Lynksys and they are not bad. But they may be more of a technical challenge for the average user.

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    yeah but things are getting easier these days. Especially with the older people having the old 486's and stuff where they can run some sort of firewall software on it. I've setup a few people like that to run Coyote Linux...and run it personally at home.
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  8. #8
    Junior Member
    Join Date
    Mar 2003
    Posts
    4
    I dont know what I would do but I'd plan something realizing how lazy I am and that if all I have is my ISP I'd just formatt my HDD and start from scratch.
    If at first you don\'t succeed, call it Version 1.0

  9. #9
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    Yes but do you know how time consuming that is, especially if you have to do it over a few computers (or more)? Sure you can use something like Ghost or some sort of drive copy program, but still aren't you creating yourself more work by doing that? The simple answer would be to have a firewall setup so that a "hacker" can not get into your computer<s> and cause trouble to start with! Plus having a firewall up can keep people from getting into your system and using your connection as part of a DDoS, or take personal files, or even search through your cookies looking for "private" information.

    So sure you could format/reload, but that only fixes the extreme problem of being hacked... WHEN YOU KNOW ABOUT IT! What about all the other times you were hacked and never knew?
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  10. #10
    Member
    Join Date
    Jul 2001
    Posts
    62
    Instead of ipchains you should use iptables for linux. It replaced ipchains and has many more options and stateful inspections.

    One free windows firewall that I personally like is Outpost Firewall. It monitors both incoming and outgoing connections from your machine.

    And finally if you were actually hacked, a clean install is the only way to ensure you cleaned it well enough. There could be backdoors or rootkits or whatever (depending on the system you were using) installed on your system from the hack. So a fresh wipe and install would get rid of all this, but make sure you don't put it back online until your firewall is up and running.

    Just my opinion.
    dAggressor

    It\'s a long life, until you die

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides