What is safe anymore?

I've been here at AO for a little over a year and have learned all kinds of ways to secure my computer, which , in the long run has helped me greatly and made me (and other users of this computer) somewhat more comfortable being online. I have the basics, firewall/trojan scanner/AV/registry key monitors and at one point, an IDS. All this is really not needed on a home PC, but I enjoyed the process of seeing how all these programs worked and how the internet worked in general. With all this being said, let me get to the point of my rambling.
How secure am I really?
After visiting Internet Security Systems I felt like all my work could be easily bypassed by any skilled cracker. Remote packet sniffing for starters(amongst the plethora of other attacks a person can attempt) that are completely out of my control. I may be able to secure *my* computer, but what about my ISP's server? and all the other 'hops' along the way?. I understand encrypting data and keeping up on patches could help to some extent, but am I wasting my time looking for ways to further the security of my data?
I don't mean to be pessimistic, but how safe is my data really?
(I'd be glad to hear some input from you guys)

Well what os's are you running...? Nothing is EVER 100 % secure.There simply is no such thing...Your not being pessimistic.Your being concerned, which is good..You data is only as secure as how much you stay up to date with security patches and new vulnerabilities that are being found...And how much you try to harden your systems and update them all the time...

let me turn this question on a slight slant - how safe is your home from a burgular really??

if anyone really, really wants your data they will get it - the most you can do is delay them to the point where getting hold of your data becomes uneconomic or unreasonable for the amount of effort.

Z

if u keep updated u'll be safe. that will keep script kiddies away. the fact is this: if a real hacker wanted 2 break into your system, that can almost always be done (this does not apply 2 military machines). no real hacker will be interested in a home user with nothing interesting 2 offer (and please don't interpret this as an offense). real hackers aren't 'dangerous', just because of this fact, though u should be aware of script kiddies. so, in that respect, applying the necessary patches and using a firewall, etc. will keep u safe.
cheers, consoleknight.

I might add, you are being realistic also. From my point of view, I know I'm not going to keep everybody out. My goal is to first keep script kiddies out, then keep the intermediate crackers out, and lastly, be able to monitor and learn what the real "hacker" is doing.

It's just a big game to me. But then again, I'm not in charge of any big networks, or protecting sensitive data. At worst, I am just going to be inconvenienced for a day or two.

EDIT: I forgot to add, just because you can never be 100% secure is no reason to give up. Every time you step off a curb you have like a 1 in 50000 chance of getting hit by a car. Does that mean you stay inside?

well put groovicus! 4 me it's a game 2. and 1 other thing (in general): true hackers realize at once if your system is 'interesting' or not, and a home user is not interesting. and, in many ocassions, if not all, they look 4 very specific things. 4 example, they never grab an ip scanner and start looking for weak hosts, that's 4 script kiddies. so, i think the top priority is keeping script kiddies out, and crackers (and other stupids).
pd: all this i know because i know a real hacker (friend of mine), and ocassionally we talk about this.

Quote:

---

Originally posted here by jpr*
if u keep updated u'll be safe. that will keep script kiddies away. the fact is this: if a real hacker wanted 2 break into your system, that can almost always be done (this does not apply 2 military machines). no real hacker will be interested in a home user with nothing interesting 2 offer (and please don't interpret this as an offense). real hackers aren't 'dangerous', just because of this fact, though u should be aware of script kiddies. so, in that respect, applying the necessary patches and using a firewall, etc. will keep u safe.
cheers, consoleknight.

---

If you keep updated youll be safe? You could keep up to date, have 300 firewalls running, and someone could still find a way in. It's all code made by a human, meaning smoewhere is a mistake. That mistake gives people root access to anythni they want all the time.

How does all of this not apply to a military machine? I'v known of a few break ins on military machines. The only difference with them, is that they have highly secured OSs tu run on.

And, real hackers aren't dangerous? real hackers are not always white hats. I hate to burst this bubble of kitty cats and puppy dogs many people live in, but there are grey hat hackers. The one that are not afraid to use there skill for there own offensive defence.

The kiddies are the ones that download and have no idea how **** works. Crackers have an idea of how it works, and some would be hackers if they didnt have a taste for destruction. And then there are hackers, building and securing everything. But, dont forget, to secure something, its best to know how to break into it first, only then will you tuely understand the project your working on.
not to say that hackers ever walk around breaking machines, but they know how, if they didnt, they wouldnt know how to stop it from happening.

Are you safe when walking on the street? Do you feel safe when you are at home at night? Do you feel safe when being at work,skool, piano courses, golf playing or skiing? How do you expect to be safe on the web then???

Even a newbie like me can tell you that....

If you want to be very, very safe:

1. Only use machines running the RISC operating system
2. Use about 20 of them, but randomly...never network them..except in private, and only in the presence of consenting adults
3. Get your own 100MBPS spine to run your machines off (so you have a private subnet!)
4. Learn Arabic and use that as your language.....ensure that your sites/presence implies pornography and anti-Islamic propaganda
5. Bribe your local police to charge you with murder, firearms and drug dealing offences.


If anyone goes after you after that...........just shoot them :D

Cheers

And a merry Christmas :)

Nihil: That must be a particularly good Chardonnay you have there tonight..... ;)

Shag: If everything was as secure as it could/should be there wouldn't be any need for AO really, would there?

It's the Wild West out there Kids.... Untamed and woollie..... There are nice people and nasty ones.... some want to help and others wait like vultures for you to make the slightest mistake....

It's a lot like Detroit really......

We all know there is NO way you can be 100% secure (but i have heard a japanese company say they had invented a 100% secure box, it had something to do with physical HDD for the SO and a different one for net usage, i really dont recall, if i find it i'll post it)...
but just because you can be mugged that doesn't mean you'll go out with all your gold rings and stuff right? Use proggies that handle security (fw,av,spy/ad cleaner,vuln scan,etc) and buy a hardware fw too if the money doesn't make you that much of a difference. Updating is alwayas good, but don't update your M$ SO right away (so i've learned here in AO ;) ), give it a minute to read feddbacks from others who have patched their sys, you never know when the latest-super-needed.patch is going to overwrite your settings.

Quote:

---

Shag: If everything was as secure as it could/should be there wouldn't be any need for AO really, would there?

---

sure thing, if this was a safe world, what would the AO community be doing in their free time?

Oh and think how many people depend on computers not being secure just for jobs...;)