Page 5 of 5 FirstFirst ... 345
Results 41 to 47 of 47

Thread: the nessessity of a firewall?

  1. #41
    This is beginning to grow annoying, because only a few people are listening.

    I'd rather block NetBios at the perimeter than try and make sure every one of my hundreds of users has it switched off, besides I like NetBios.
    This isn't about a hundred users, it's about a single home system. Please read the origonal post.

    Try running Nmap on yourself.
    Been there, done that, port 135 - 139 still disabled after shutting down NetBIOS.

    I cannot tell you how many times someone has used a friends computer.. Next thing you know there is a trojan on the computer that opened a port letting the whole world connect. Something as simple as having Zone Alarm installed would at least pop up a notifcation
    This is a singular system, and the only person that uses it is me. Thus I really don't have this problem of friends disturbint my computer.

    You can see attempts to hack your computer, and where they come from.
    That's great, now what? Report all 500 attacks a day to an ISP? No, you would simply do whatevery one else does with a home, single users, firewall logs. Look at them. And it would end there

    Even if it's not related directly to you, wouldn't it make sense to have that extra protection in case someone else moof's it?
    Not at all. I researched ISP's before I chose one, and comcast (as you can see), is the one I chosen to be the most open. Comcast does not disable any ports for any reason, and I know this after many calls with their support team while preparing wargames with friends of mine. I also know port 135 exists regardless of comcast because I secure other comcast users (friends) machines who have it running from start, but ends after disabling NetBIOS. This means that the entire security of my system is up to me, my knowledge, and my configurations.

    Once again... everyone, we come back to the first step. If you feel a firewall is something I need, then by all means assist MsMitten in the Proof-of-concept attack. You want to make your point? Crash my box, crack it, hack it. If you can't, then my point is made. If you can, then I learn something new. Have fun!

  2. #42
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    If you feel a firewall is something I need...
    I didn't think this was a "convince Pooh" thread since you started it off with

    Why do you think a home user should work behind a firewall if closing ports and disabling services preforms the exact same functions?
    You want us to convince you of something that may or may not be possible right now. So if we don't find any vulnerabilities in the UDP stack (which is the only open stack you have), then that proves you right(?). I don't think that's an accurate statement for a home user. You are a rarity for home users. You do spend the time to learn but, IMHO, you are basing your success on the lack of success of an attacker at this moment.

    I won't do the DoS because while your ISP may be open -- particularly for it's users -- they may not take it too kinda to a UDP DoS (and there is a nasty one for XP via the IKE -- 500/UDP port) as it may disrupt service to other users. I suppose if I wanted, a simple UDP attack against any of the ports I found open would do it.

    When I look at security, I tend not to look at the here and now but also the "what ifs". And that is, what if I am wrong? What if I have done everything possible and still, it's not enough? So I do all that I can and available to me so that I mitigate any possible risk to such a small amount that if the attacker got in he'd/she'd a) have to have a really strong desire b) would be amazing c) represent 0.00000001% of all attackers out there.

    If you don't want a firewall, don't use it. If you feel safe, by all means, stick with what you have.

    Personally, I don't make any assumptions about the OS even if I do lock it down. There is no way I can 100% trust an OS built by any human because of the potential of error (not bad nor good; just reality). I have to do what I can to mitigate that potential error.

    Anyways, I honestly don't think you'd change unless it was a dramatic show of "attacking" and I don't feel comfortable doing that over a network that might take issue (especially with the laws in your country -- I do want to visit it at some point in the near future )
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #43
    This is my breather post. -takes a deep breath-

    I was upset. I was defensive. I was on edge because I was afraid to fall into the catagory of admins that use a firewall without ever knowing the specifics of why it is useful in the first place, by not knowing their own system. You all have valid points, and all I did was fight then because of my fear of having to defend my thoughts and knowledge. That was immature of me, and I know now that if I would have listened much harder rather than played defence, things would have gone a lot smother. I apologize if I upset anyone or insulted them during this thread, but I also thank you for having patience, kindness, and the ability to pound something into the head of a tired person.

    I am new here, and need to remember that sometimes. Take care, as I will implment my new firewall when I get home, and thus acknolwedge that there are still a lot of things out there I do not fully understand

    Pooh Sun Tzu

  4. #44
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Thus here we are, discussing it in terms of actual admins versus users. Why people keep mentioning home users after I agreed on page one, is beyond me
    This isn't about a hundred users, it's about a single home system. Please read the origonal post.
    LOL, relax mate. Its an interesting thread.

    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  5. #45
    Join Date
    Aug 2001
    out of curiosity really.. which firewall did you settle for?
    I blame you cos my mind is not my own, so don't blame me if I trespass in your zone!

  6. #46
    Zone Alarm Pro. $$ but worth it... I hjope.

  7. #47
    I may be wrong, but in reading the original post, I made the assumption that the question asked leaned more towards Is there a need to have a firewall installed. The proof of concept is under the premise that the your system is hardened by you, who by the way is experienced in computers, networking and the such. I really thought the original question pretained to the average joe blow's system and not just your system.

    Now, if the question is do YOU need a firewall, my answer would be maybe not.

    If the question is does the average user need a firewall, the answer is by all means yes.

    I'm feeling that the proof of concept here is slightly biased, because the given is the user knows how to harden their system.

    I think the proof of concept should be based on the average joe blow user who just bought an emachine from Best Buy and installed DSL yeseterday.
    - Boyam

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts