Are you Hacker-proof?

I have spygate and spybot running so i should be ok.

 

Thanks for the link, I'll try that later.

/Peter

 

wow.......... hackers.........

 

I don't care how savvy you think you are...................they will find you.

 

"Traffic Sent

Packets were successfully sent to your computer. The server was unable to obtain a connection or any traffic from your computer. This generally indicates that your firewall blocked the traffic successfully.

If you did not see an event warning it may indicate that the traffic did not reach your computer at all.

This could be due to any of the following reasons:

You are connecting to the Internet through a proxy server. When we attempted to connect back to the IP address your web traffic came from we actually were connecting to the proxy server, not your computer.
You are behind a corporate firewall which is redirecting traffic in an unexpected manner.
You are connecting to the Internet through a NAT (network address translator). When we attempted to connect back to the IP address your web traffic came from we actually were connecting to the proxy server, not your computer.
In any of these cases you will not see an event notification on your computer because our connection attempt did not reach your computer. In any case, your computer is secure."

 

Files can be executed just by clicking on a link or accessing a web page so it is a continual battle. Files can be viruses, ad-ware, spyware, key-loggers, etc..

 

The worst one doing the rounds at the moment is (search the web) one of the most annoying things i have ever come across, took me ages to get rid of.

 

If you're just running a "home" version of an operating system, like Windows 2000 or XP, you really don't have to worry about hackers at all. Hackers, for the most part, will exploit holes in applications or services on servers.

For a HOME user, the following should be adequate:
1. Automatic updates turned ON and functioning. This keeps your operating system up to date and patches it against any bugs in OS coding.
2. Anti-virus software. I prefer Norton; its really a matter of preference. There are pluses and minuses in all the different vendors. DON'T RUN TWO DIFFERENT ANTIVIRUS PROGRAMS ON THE SAME COMPUTER. It can cause a conflict.
3. Anti-spyware software. Spybot, Ad-aware, Pest Patrol, etc, etc, etc. This has been covered ad nauseum on the board.
4. Optional - IDS (intrusion detection) software. This would be something like BlackIce, Norton Internet Security, etc. Basically, it will watch your pc for suspicious activity.

You should have some sort of hardware firewall, but in reality, firewalls mean absolutely nothing to hackers. Certain ports (such as port 80 for web traffic) have to allow traffic, and any even mildly competent hacker could tunnel illegitimate traffic through a legitimate port. Again, you really don't have to worry about this on your home machine.

Software firewalls pretty much do the same things as hardware ones, but often include an IDS component. It can't hurt, but it can become a PITA if you start trying to configure it, don't know what you're doing, and then all of a sudden can't get out to certain websites or parts of the internet.

Server software (Windows 2000/2003 Server, any flavor of *nix with server components optional, etc) is a whole different beast.

 

These days i usually don't install ANYthing on my computer with first consulting Randy Schatten - he's like my own, personal information superdaddy...!

 

Has anyone heard/uses PrevX. Supposed to be a good anti-virus. I use it ... dunno exactly how well it works. I also have Norton (antivirus and internet security), Ad-Aware, and SpySweeper ...

 

Or maybe the site itself exploits vulnerabilities in your computer.
So, as the devil's advocate, you try out this website, "probe" your computer, and it says that you have no problems. Great, no fixes needed. Now the owner of the website logs that XXX's computer can be accessed in this way (and it won't change since XXX thinks he is protected.)

I have no idea if this website is legit or not. But I get enough "drive-by" threats, that I do not need to solicit an opening to my computer. I am not going to ask an unknown website to "attack" my computer and look for potential weaknesses. Though they have the MacAfee logo on the website, they are not part of MacAfee. Not a secure website, so your "Hit Me" inquiry and results are not encrypted. Diligence - don't click on links that "test" or "probe" your computer if you don't know what they are.

UroTrash, nothing aimed at you, but there was a link posted this week here that downloaded a virus, so caution should be used. There are many websites designed to look like protection, but are really the threat. Makes it even harder to stay clean.

 

Also, if you are using Windows XP, consider installing XP SP2 (do some research if your apps are compatible prior to install) and run windows update regularly.

 

To be honest if you are a home user, and you are using a DSL router with firewall, anti-virus software and a spyware blocker (would recommend spybot pay version - always on), you should be OK.

Your router will block icmp packets, so most hackers who sweep ip subnets for open ports won't get an ICMP response and prob. won't bother with you.

Also if you are behind a router, you're pc is on a private ip range behind the router, so first they have to hack your router to get at your PC - too much hassle, they will go for the easy target, DSL modems with no firewall running.

If it is someone who specifically wants to access your PC, then if they put enough effort in they will get in. But this has to be a specific attack against you.

 

I agree except if you let them in. If you click on a link or website w/code designed to execute or open an email attachment none of this will protect you. You have to continually scan..........

 

I dont know for sure but it seems that, that website must have some ties with mcAfee, since my guardian is telling me that the ip is in the range of mcAfee's IPs.

 

Check out Open Office, it reads word/excel/powerpoint/etc files just fine and can save into those formats also.

http://www.openoffice.org/

 

sorry - I disagree. hackers are looking for more 'bots to launch attacks or SPAM from. What was the rental rates I saw a few weeks ago? $100USD/hr/1,000 machines I think it was. Home machines are great for this.

Also hackers looking for free storage - we had one client's machine (they did stupid things without us involved - really stupid) - had 4GB of MP3's on it over a weekend.

Won't be long before worms start trolling for CC info.

 

yes but it what i do for a living

 

I agree that you should keep your computer protected, but most people don't have to worry about hackers. I think we're running into a semantics debate... someone who writes viruses/worms/scumware, pirates software, or launches (D)DoSes isn't a hacker.

Yes, you should protect your machine, but the "hackers" aren't what your problem is going to be.

 

yeap Mike - will violently agree with you all day. Have a good one!

Now if I can just get this condom wrapped around my firewall maybe I'll be safe! How many firewalls can one person have in one house after all...

(linksys, pix501, pix506, Linux firewall project, Fortinet, Norton s/w firewalls on every machine, XP Pro SP2 on every machine, Adware.... when does it stop!) not all firewalls are active this second. darn - needed a 24 port switch just for the network gear, I think that's a sign of a sickness.

 

Oh man...

I just finished sketching out a network diagram for the house that I'm buying. Perimeter firewall, DMZ, VoIP, internal firewall, multiple network segments, multiple NIDS boxes... I'll probably use a linksys out front, then build the other firewalls and IDS machines. Don't forget Snort, and simplify your life with VMWare!!!

 

BTW, did you see the new Linux Journal? There's a cover story about a company in NYC that built their own linux-based routers rather than using Cisco. From the website:

Point-to-Point Linux by Phil Hollenback
When this Manhattan investment company decided to mirror its critical data off-site, the IS staff built their own T3 and T1 routers. How did that work, and would they do it again?