January 4th, 2003, 04:57 PM
firewalls for newbies
i have been doing alot of research recently on firewalls and ports...being a newbie myself to security...so heres some basic steps to securing your system
firstly install a firewall i recommend agnitum outpost.... but if your a total newbie to firewalls like i was i found zonealarm to be pretty much idiot proof and a good starting point easy to configure etc goto www.zonelabs.com for zonealarm (cant remeber exact address for agnitum just do a goggle)
i would also recommend diableing file sharing goto control panel ->network connections >choose connection-> right click-> then propties-> then at the top networking->uncheck file/printer sharing(maybe even uninstall it if your not gonna need it)
also goto a dos prompt ie c:
in win xp goto start-> run-> type cmd
in win 95/98 me goto msdos prompt
then type netstat -a
this will give you a list of all ports and what they are doing
ie listening ,connected etc
so u can see what program are connecting using what port
hopefully this is some help to you fellow security newbies
a man with hole in his pocket feels cocky all day
January 4th, 2003, 06:57 PM
You can use netstat -an to get the IP's you are connected to.
If you like to monitor the connections you make in a certain period you could use :
netstat -an 3 >> c:\connections.txt
and then filter the output by using:
find /I "established" c:\connections.txt
Note that the setting of 3 (seconds) will fill a log rapidly and it will downgrade your system a bit.
If you would like to read even more visit these threads:
Securing your box
January 4th, 2003, 11:18 PM
To monitor ports/connections and their associated applications, you can use fport or tcpview . Fport is executed from a command prompt once installed. However, tcpview uses a GUI to give you real-time information on the applications in use with what ports. They have many other tools on both sites. I would highly recommend them both to Newbies and Oldheads alike. Although piping a netstat to a file and filtering is very intuitive. Great posts gang!
Edit: I hear that Tiny Personal Firewall is pretty good also. You can find it here.
Opinions are like
holes - everybody\'s got\'em.
January 8th, 2003, 08:11 PM
hey i recommend two firewalls which is sygate go do a google search if u go on download.com it wont work seems to be virus messed and also agnitum outpost FREE firewall
sygate is free now that is better then zone alarm man you get more idea even a rook would under stand it.
January 8th, 2003, 10:11 PM
You could also use the program Active Ports, its just a GUI based alternative to fports. Download it from here:
And here is a description:
Active Ports - easy to use tool for Windows NT/2000/XP that enables you to monitor all open TCP/IP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to close any port. Active Ports can help you to detect trojans and other malicious programs.
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]
January 8th, 2003, 10:11 PM
I used Agnitum's Outpost firewall and loved it. Unfortunately, it isn't compatible yet with ICS. The version 2 is supposed to correct that, if it ever makes an appearance. When we networked our computers here, I tried several firewalls, ZoneAlarm, Tiny, and Look and Stop Lite before settling on Sygate. For me, Sygate is by far the best software firewall available for ease of use. We now work through an old 486 box running Slackware Linux, which I think is much safer, considering we're connected 12 to 14 hours a day.
January 8th, 2003, 10:15 PM
OpenBSD with packet filtering and authpf..
July 31st, 2003, 09:24 AM
Problems with a Firewall
HELP ME !!!!!
I'm new ( only registered today !! ) and i have a problem....
I've been using a chat station by Lycos from my office machine for months with no problems, now all of a sudden, the Firewall is blocking my access into the site. I cant approach the network administrator for obious reasons and need some advice.
i can still get on to warez.com and such like sites,
July 31st, 2003, 02:58 PM
well shy look at it like this... using your office machines to chat when you should be working is generally frowned on by most UK bosses. The sysadmin at your place may be a little pissed if you're using machines under his/her care for your own purposes during working hours (remember they are not YOUR resources, they are the companies)... and has thus blocked access to the chat program.
if you're only using it through your lunch break etc then I don't see a problem with you asking the sysadmin to unblock access... why can't you ask your sysadmin? Is he/she really that much of an ogre?
No one here is going to tell you how to bypass the company firewall and i certainly won't - the best thing for you to do is talk to the sysadmin and be real nice to them or just grit your teeth and learn to live with it. Remember it's abuse of company resources that leads to situations like this.
Quis Custodiet Ipsos Custodes
August 1st, 2003, 04:49 AM
warez.com ? what kinda stuff do they have there ?
surely if you appeal to the admin and say "well warez.com is ok, then why not chat ?"
he/she will say.. " yeah warez is ok so chat must be ok too "