Is a Firewall Necessary with Dial-Up?
Chris Hecker
I have a dial-up internet access. Could you tell me if a firewall is
necessary? Thanks in advance for any info.
Chris
Christopher's Place - http://www.solarwinds.com/users/chrish
x y
your system even if you're on 56k dialup, though it will probably happen
less frequently. Software firewalls like Sygate are free for noncommercial
use, so there's little reason not to use one.
"Chris Hecker" <chr...@solarwinds.com> wrote in message
news:ueh6a07...@corp.supernews.com...
Larry W4CSC
Norton Anti-Virus that's kept up-to-date with weekly definition
updates from the Auto update facility. You'll be scanned on dialup,
but it means nothing.
I DO recommend getting away from Outlook Express, which is like
walking around the city with a huge "KICK ME HARD" sign on your back.
OE is what the worms are all targeted for, so why be a target. The
systems I setup all use Pegasus 4 for email, Free Agent for text
newsgroups like this one, SBNews bot for stripping binary newsgroups
and XNews for selectively downloading binaries from newsgroups.
There's another message I posted, yesterday, that tells you the
particulars of my recommendations which are very successful. While
you're uninstalling OE from the Windows Setup tab of Add/Remove
Programs in Control Panel (or wherever Billy hid it in XP), uninstall
Windows Scripting Host, too. Windows Scripting Host (WSH) is Billy's
gift to the worm coders. It runs "Visual Basic Scripting" (.vbs)
files. If vbs worms have no operating system installed in Windows,
they can't run! Sound logical? It's not rocket science. Both of
these cracker targets are part of Windows, any flavor. Without OE
spreading the worms to your Address Book friends and WSH running them
on your computer....you're immune even if you DO get one! You don't
need WSH at all. It was a gift to the spyware spammers.
There are two main issues on browsers that are big security
holes....javaSCRIPT (not Java) and ActiveX....both of which allow
webpages to run vicious code. It's like giving webpage operators
their own little operating system on trust to run code on YOUR
computer. I handle this problem by having one browser (Opera 6 here)
with everything turned off....no cookies, javascript, activex,
nothing.....and one browser (IE6) with everything turned on for when I
just gotta have it and am forced to trust the webpage (like Windows
Update). Javascript and ActiveX are being used by vicious webpage
operators to run code on your system to trash it like a virus....but
sneak past the FUDware firewalls, etc., which allow the browser access
to the internet.
Another great addition to your browser is WebWasher from
www.webwasher.com, the great engineers from Siemens in Germany.
Webwasher is a proxy server all html runs through. It sits between
the browsers and the net, filtering out spam, popup windows, cookies,
web bugs, URL code with embedded data collected from your computer,
etc.....before it can get out on the net. Code calls for a spam from
doubleclick. WW intercepts the call and REPLIES with a byte, making
the code think it got to talk to the server, thwarting their efforts
to spam you but not waiting for the browser call to time out. Dialup
customers, like yourself, will REALLY appreciate the increase in
speed, not having to load those moving GIF monster movies on every
commercial webpage and those popup movies from the spammers. WW is
free for home use. Works great!
Look for W4CSC back to yesterday to get direct access on
www.tucows.com to get the shareware/freeware above.....
Larry
News
need a firewall when you are on the Internet, no matter where and when.
This morning only, we had 1436 attempted break-ins into our corporate
network. We have a hardware firewall but also insist that all employees have
Norton Personal Firewall installed for the times when they take their
laptops home (which all of them do) and we see regular attacks on each of
the laptops just by simple home dial-up internet use.
I totally agree with you that ActiveX and Java are a real danger to the
integrity of any Computer.
Norton Personal Firewall can handle all the JavaScript, ActiveX and cookie
business very well and gives you excellent security.
Regards,
Oliver
--
Please reply to post only as email will not work.
"Larry W4CSC" <spami...@knology.net> wrote in message
news:3ce8e6b6...@news.knology.net...
Larry W4CSC
wrote:
>Sorry, but this is not correct. Whether dial-up or broadband, you always
>need a firewall when you are on the Internet, no matter where and when.
>This morning only, we had 1436 attempted break-ins into our corporate
>network. We have a hardware firewall but also insist that all employees have
>Norton Personal Firewall installed for the times when they take their
>laptops home (which all of them do) and we see regular attacks on each of
>the laptops just by simple home dial-up internet use.
Hogwash. What do you mean "attempted breakins"? Are you talking
about someone pinging your server? scanners lookin' for Sub Seven?
People trying to connect to your FTP server?....These are not
breakins, they're just connect attempts.....to dead, closed or open
ports with nothing to answer them. Big deal. What a bunch of FUD
nonsense. Connection attempts to all the open ports in the world
don't do a damned thing, except waste your CPU time saying
no....unless there's a port there to answer them. Just connecting to
a port DOES NOTHING!! You have to connect to SOMETHING. Then it may,
or may not, be dangerous.
>
>I totally agree with you that ActiveX and Java are a real danger to the
>integrity of any Computer.
Java isn't dangerous. JavaSCRIPT is dangerous. Java just turns your
computer into a dumb terminal for an externally running program.
JavaSCRIPT, on the other hand, is a program running INSIDE your
computer. So, is ActiveX. Very dangerous....and no solution in
sight.
>
>Norton Personal Firewall can handle all the JavaScript, ActiveX and cookie
>business very well and gives you excellent security.
It does? How does it stop Javascript from running imported code in
the computer??? CERT hasn't said anything about this feature, nor has
SecurityFocus.com on any alerts I've read. If it gives a browser
internet bi-directional access, how does it stop the browser,
selectively, from calling out and loading in??
Larry
Lee Higdon
configuration. If you only use a dial up connection and do not have a
network card installed for accessing the internet *and* have unbound TCP/IP
from Client for Microsoft Network and/or Microsoft Family Log-on *and* are
not running any services that expose you to file sharing, then a firewall is
not *necessary*. Now, of course, if you download everything in sight and
visit a lot of porn sites, well....you'll need more than just a firewall ;).
--
Peace,
Lee Higdon
Curtis
lot of vulnerablilities within Microsoft Products, and other products that
could be exploited to destroy your PC. Even over a dial up. Certain
vulnerabilities may not have even been discovered yet, and having a firewall
in place could stop these future problems. The chances are slim but are
there.
-Curtis
"Larry W4CSC" <spami...@knology.net> wrote in message
news:3ce93433...@news.knology.net...
Nick
--
------------
Nick
Victoria Concordia Crescit
"News" <nos...@anywhere.com> wrote in message
news:10219115...@demeter.uk.clara.net...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.362 / Virus Database: 199 - Release Date: 07/05/2002
Nick
to break in. I only stated using a firewall about 2 weeks ago and do
recommend them. Companies that produce them may prey on paranoia.
--
------------
Nick
Victoria Concordia Crescit
"Chris Hecker" <chr...@solarwinds.com> wrote in message
news:ueh6a07...@corp.supernews.com...
BoB
HOW one connects to the internet is not relevant.
Tiny Personal Firewall v2.14 is a good free one to try.
www.kerio.com
BoB
News
You seem to be a rather emotional person. So just stop swearing and turn
your attention to the subject in a professional manner.
First of all, how do you know for what reason somebody tries to connect to
whatever service on your machine ? How do you know what ports somebody might
have open and served and which ones not ? If you want to be on the safe side
then you use a firewall. This is now really simple.
Have you ever done traffic pattern analysis ? Probably not because otherwise
you would know that one can very well distinguish between "attempted
break-ins" and the occasional attempt to connect to a port. When I am
talking about 1436 attempted break-ins" the I don't mean 1436 individual
connection attempts, I am talking about a systematic approach by scanning
all the IPs and ports looking for some to be open and served. If you had a
specific trojan sitting in your machine listening (for whatever reason) you
would be at risk from loosing or corrupting your data or , just to give one
more of many examples, become party to a distributed attack without you even
knowing it. I am not talking out of my guts here, I have spent most of my
professional career in sorting out companies having been devastated by such
attacks.
I am very well aware that we are talking about JavaScript and I appologise
for having upset you by not spelling out the whole term ;-)
As far as Norton Personal Firewall is concerned, it simply prompts you
whenever your browser tries to download an ActiveX control or tries to
execute JavaScript code. You then can allow or block such a piece. You even
have the possibility to define different allow or block policies for
different web sites. How it does it, I don't know. This would be a question
to be directed to Symantec. However, it does work
I hope to have clarified things a little bit,
Regards,
Oliver
--
Please reply to post only as email will not work.
"Larry W4CSC" <spami...@knology.net> wrote in message
news:3ce93433...@news.knology.net...
Larry W4CSC
wrote:
>
>First of all, how do you know for what reason somebody tries to connect to
>whatever service on your machine ? How do you know what ports somebody might
>have open and served and which ones not ? If you want to be on the safe side
>then you use a firewall. This is now really simple.
I don't care why they are attempting to connect to a port. No
services are running here or on any machine I setup. This is what
netstat -an should look like:
C:\WINDOWS>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:1041 0.0.0.0:0 LISTENING
TCP 127.0.0.1:8081 0.0.0.0:0 LISTENING
TCP 192.168.0.2:1041 209.249.90.101:119 ESTABLISHED
C:\WINDOWS>
The top and bottom ones are opened by Free Agent to get and send to
Supernews' server this message. The middle one is WebWasher, a proxy
server that protects me from the html garbage to my browsers......on
port 8081, not 8080. There are no services running here.....
>
>Have you ever done traffic pattern analysis ? Probably not because otherwise
>you would know that one can very well distinguish between "attempted
>break-ins" and the occasional attempt to connect to a port. When I am
>talking about 1436 attempted break-ins" the I don't mean 1436 individual
>connection attempts, I am talking about a systematic approach by scanning
>all the IPs and ports looking for some to be open and served. If you had a
>specific trojan sitting in your machine listening (for whatever reason) you
>would be at risk from loosing or corrupting your data or , just to give one
>more of many examples, become party to a distributed attack without you even
>knowing it. I am not talking out of my guts here, I have spent most of my
>professional career in sorting out companies having been devastated by such
>attacks.
If you have a trojan, as you put it, it is because you don't scan the
system enough with a virus scanner updated immediately. The
devastating attacks are caused by the naive managers too cheap and too
misinformed or uninformed to call in a professional in security to
seal up the system, correctly. You, obviously, know the types I'm
talking about. They have no business leaving these people access to
the internet, without professionals helping keep them safe.
>
>I am very well aware that we are talking about JavaScript and I appologise
>for having upset you by not spelling out the whole term ;-)
>
>As far as Norton Personal Firewall is concerned, it simply prompts you
>whenever your browser tries to download an ActiveX control or tries to
>execute JavaScript code. You then can allow or block such a piece. You even
>have the possibility to define different allow or block policies for
>different web sites. How it does it, I don't know. This would be a question
>to be directed to Symantec. However, it does work
It does the same thing the browser itself will do when set to PROMPT,
instead of enable. It doesn't filter the javascript code like a virus
scanner might. WebWasher, my HTML proxy/washer, can also scrape off
the javascript/ActiveX crud if asked.
>
>I hope to have clarified things a little bit,
>
>Regards,
>Oliver
>
I didn't intend to push your buttons. I'm sorry. These newsgroups
are full of people so fearful of the FUD put out by the companies to
dump products of dubious quality on them, you never know who you are
conversing with....
Larry
News
I appreciate this. I think we basically agree. I am not a pusher of
firewalls and there are plenty of dubious products out there, however, I
have found some of them to be very usefull.
Regards,
Oliver
--
Please reply to post only as email will not work.
"Larry W4CSC" <spami...@knology.net> wrote in message
news:3ce9da90...@news.knology.net...
Larry W4CSC
wrote:
>Thanks Larry,
>
>I appreciate this. I think we basically agree. I am not a pusher of
>firewalls and there are plenty of dubious products out there, however, I
>have found some of them to be very usefull.
>
My problems with software firewalls is the FUD they are sold with.
They keep the FUD paranoia active with the continuous popup alerts
every time some kid's scanner attempts a connect or some poor sap puts
the wrong IP in an html request on his spammer...(c; It's crazy!
Of course, NONE of the FUDware simply uninstalls the Windows Holes
like NetBIOS, file/print sharing, etc., when it installs.....which
does more for system security than the FUDware, itself. FUDware is
about MONEY....$$$$$$....selling internet FUD is a billion dollar
business. Then, to satisfy the other members of the software unions,
they make the FUDware like Swiss cheeze so it doesn't alarm if a
spyware calls home or a spamware downloads like a browser masquerading
as IE 6 and sends back your registry data. No, no....not us....BS!
Larry
donut
> Of course, NONE of the FUDware simply uninstalls the Windows Holes
> like NetBIOS, file/print sharing, etc., when it installs.....which
> does more for system security than the FUDware, itself. FUDware is
> about MONEY....$$$$$$....selling internet FUD is a billion dollar
> business. Then, to satisfy the other members of the software unions,
> they make the FUDware like Swiss cheeze so it doesn't alarm if a
> spyware calls home or a spamware downloads like a browser masquerading
> as IE 6 and sends back your registry data. No, no....not us....BS!
>
>
>
> Larry
>
Is there a safe way to uninstall these vulnerabilities from Windows? I
remember someone on one of the Windows help boards very laboriously
uninstalling IE from Windows 98. It was a a royal PITA. Was it worth it?
Larry W4CSC
>
>
>Is there a safe way to uninstall these vulnerabilities from Windows? I
>remember someone on one of the Windows help boards very laboriously
>uninstalling IE from Windows 98. It was a a royal PITA. Was it worth it?
IE, itself, is pretty safe. JavaSCRIPT and ActiveX is unsafe. You
can DISABLE javascript and activeX in the browser's options section.
Sometimes you need an unsecured browser, like when you want to get
Billy's latest patches for Windoze from WindowsUpdate. So, I use TWO
browsers.....Opera 6 with cookies, javascript, activex, all that crap
turned off.....IE6 in Medium Security mode with it all turned on. I
browse with Opera, which confounds them itself, because it doesn't
have the same holes, but probably as many, as the "popular browsers"
the crackers have hacks for. If a site won't work on a dumb browser
with it all turned off, and I just HAVE to go there and trust the
site, I'll copy the address over to IE6 and fasten my seatbelt for the
spams.
AS far as securing Win98 itself.....
Open Control Panel.
Open Add/Remove Programs
Open Windows Setup tab and let it grid away loading components.
UNcheck Windows Scripting Host hidden inside the Accessories tab so
your computer won't run .vbs visual basic scripting worms any
more..... Slide down the main list until you see OUTLOOK EXPRESS and
UNcheck it! Outlook Express is the target the nasty bastards on the
net are after....trying to get it to run .vbs worms, using its Address
Book to propagate to all your friends.
To to www.tucows.com and get Pegasus 4 for email, Free Agent for
text-based newsgroups, Xnews for binary newsgroups.....all freeware
and free of spyware/adware/crapware.....and immune from the WORMS!
Larry
Steve Gent
wrote:
PMJI, but I am curremtly trialling Agent 1.91 with a view to replacing
OE. How would you rate the email module in Agent against Pegasus ?
Thanks, Steve.
NB: Change 'red' to 'blue' to reply by email.
donut
>>AS far as securing Win98 itself.....
>>Open Control Panel.
>>Open Add/Remove Programs
>>Open Windows Setup tab and let it grid away loading components.
>>UNcheck Windows Scripting Host hidden inside the Accessories tab so
>>your computer won't run .vbs visual basic scripting worms any
>>more..... Slide down the main list until you see OUTLOOK EXPRESS and
>>UNcheck it! Outlook Express is the target the nasty bastards on the
>>net are after....trying to get it to run .vbs worms, using its Address
>>Book to propagate to all your friends.
>>
>>To to www.tucows.com and get Pegasus 4 for email, Free Agent for
>>text-based newsgroups, Xnews for binary newsgroups.....all freeware
>>and free of spyware/adware/crapware.....and immune from the WORMS!
>>
>>
>>
>>Larry
Actually, I am running WinME, and there is no check box in that area for
Windows Scripting Host.
Outhouse Express is the first thing I do away with when installing
Windows. Already using Opera for browsing, and Eudora for email.
How can you get rid of WSH in ME?
Larry W4CSC
<steve...@blueyonder.co.uk> wrote:
>
>PMJI, but I am curremtly trialling Agent 1.91 with a view to replacing
>OE. How would you rate the email module in Agent against Pegasus ?
>
>
>Thanks, Steve.
I've never tried Agent, so can't really say. Pegasus 4 is true
multi-user on multiple servers on multiple systems with encoding,
decoding in all the available formats, server types with an interface
that's very easy to use, never crashes Windows or itself and never
drags me off against my will to be spammed to death. I don't see how
Agent can be any better than that, do you. Any number of people can
use the same Pegasus 4 by simply entering their own password at bootup
time and Pegasus boots their own preferences, databases, address
books, distribution lists, any number of different mail storage
directories all tailored to that one individual and secure from
everyone else using it.
Pegasus 4 is freeware......Why pay for Agent?? Geez, if you got a
problem or a suggestion, Pegasus' AUTHOR will even converse with you!
Larry
Larry W4CSC
Slide down the page until you see how to uninstall it in
Win2000/WinME. They tried, unsuccessfully, to hide its presence from
the customer....dammit.
Save this webpage....great stuff on sophos.com's support.
Larry
Jeremiah Kristal
Agent is a great newsreader. Agent is a barely functional mail client.
I've heard many good things about Pegasus, but I'm an old pine fan, so
I'll sit in the dark ages.
Jeremiah
Steve Gent
wrote:
>On Wed, 22 May 2002 13:56:56 GMT, Steve Gent
I'm only a single user so the multi-user aspects of Pegasus would not be
of any benefit. I take your point on it being free !. Agent has some
extra features over Free-Agent in the Newsreader and I liked the idea of
the mail and news combined with the same general interface. I did try
Pegasus briefly some months ago and although I liked the interface, it
seemed to run a little slow on my machine but I may take another look.
My query was more from the security perspective as you say OE is a prime
target for the bad guys, but thanks for the input.
Larry W4CSC
<steve...@blueyonder.co.uk> wrote:
>
>I'm only a single user so the multi-user aspects of Pegasus would not be
>of any benefit. I take your point on it being free !. Agent has some
>extra features over Free-Agent in the Newsreader and I liked the idea of
>the mail and news combined with the same general interface. I did try
>Pegasus briefly some months ago and although I liked the interface, it
>seemed to run a little slow on my machine but I may take another look.
I'm only a single user, but have 3 email accounts, including the one
on this message that stays amazingly spam-free because it has spam in
its real email address! Evidently the spambots reject all email
addresses with the string "spam" in them...(c;
The three email accounts are on two different servers. Pegasus just
calls them all, in sequence, when it boots and every 3 minutes after.
>
>My query was more from the security perspective as you say OE is a prime
>target for the bad guys, but thanks for the input.
>
>Thanks, Steve.
Either one will be "untargeted", not necessarily secure. Using
obscure software usually eliminates it being targeted like the big
guns with big money.
Larry
Steve Gent
wrote:
>On Thu, 23 May 2002 00:18:49 GMT, Steve Gent
><steve...@blueyonder.co.uk> wrote:
>
>>
snip
>
>I'm only a single user, but have 3 email accounts, including the one
>on this message that stays amazingly spam-free because it has spam in
>its real email address! Evidently the spambots reject all email
>addresses with the string "spam" in them...(c;
>
>The three email accounts are on two different servers. Pegasus just
>calls them all, in sequence, when it boots and every 3 minutes after.
>>
>>My query was more from the security perspective as you say OE is a prime
>>target for the bad guys, but thanks for the input.
>>
>>Thanks, Steve.
>
>Either one will be "untargeted", not necessarily secure. Using
>obscure software usually eliminates it being targeted like the big
>guns with big money.
>
>
>
>Larry
A bit like hiding the tree in the forest. I've downloaded Pegasus so I
will trying it out. Thanks for the insight.
Leythos
says...
> Hello everyone,
>
> I have a dial-up internet access. Could you tell me if a firewall is
> necessary? Thanks in advance for any info.
Chris,
I run a shop with many developers. Some of the developers are only able
to get dial-up at their homes (they live in the sticks). Most of my
developers run IIS and several other internet related applications on
their laptops and workstations (at home and work).
The dial-up guys thought they were safe, but I told them to get LAN-
MODEMS (modem with a network jack) anyways for the NAT protection, and
to run Tiny or ZoneAlarm. All but one of them followed my instructions.
The one lone renegade developer that didn't run ZA or NAT has had to
rebuild his system at least 5 times in the last month due to being
hacked (not infected via email) while connected via dial-up.
If you are online you need Zone Alarm or something like it. If you can
afford it, get a LAN-MODEM and also run Zone Alarm.
--
--
Leyth...@columbus.rr.com
(Remove 999 to reply to me)