Replies

You two to do nothing but scare ignorant people.

Hackers and ScriptKidz prey on vulnerabilities, most of which are present in SERVERS, not typical home systems. The average home user who keeps his Micro$oft system updated won't be vulnerable to an attack. His biggest vulnerability will still be email. Hackers don't sit around for hours trying to break "Joe Sixpack's" computer. They prey on known vulnerabilities in programs like Apache, BIND, IIS, SQL, and such.

Spend your time educating home users on the threat of emails rather than scaring them into useless firewalls. Millions of ports get probed everyday. It doesn't mean you're "under attack".

When you say firewall, are you referring to software or hardware? I'd agree a hardware firewall would be overkill.

The problem is that the default installation of MS OSes (like the Pro/Server versions of 2000/XP) comes with those services (HTTP/FTP/SMTP/???) turned on and running by default. The good news is that MS has recently indicatedthey would be locking these down by default.

Sure XP/2K might not be your typical home setup, but 95/98/ME had their own set of vunerabilities. The l33t k1dz will go for _any_ vunerability and the best way to cut out _most_ types of attacks is a firewall and ZA is an inexpensive solution.

Personally, I've gone the ZA & Linksys router combo and it works great.

You are correct that email and downloads are the main culprits for most people. However, I'm not most people. Everything I've said, except to answer Parsifal's question, has been about always on connections such as Cable and DSL. I get an email every morning from my hardware firewall listing 20 to 300 attempts to penetrate (scans) with trojans--every day. I don't want to scare ignorant people. I want to educate ignorant people. The average home user on a 56k modem is not vulnerable to the kinds of scans I see. But that does not mean they don't get scanned and it does not mean they do not get hacked. More importantly, as "Joe Sixpack" moves from his 56k modem to DSL or Cable, he must understand the dangers that come with always on connections.
I haven't said it on this thread yet, so I will. The best defense against having your computer penetrated by a virus or trojan is to not be connected to the Internet unless you need to be connected to the Internet. When a computer on my home network is not being used, I expect it to be turned off. When no one on the network needs to be on the Internet, the cable modem is on standby. When we are not at home, everything is turned off. Just because you have an always on connection does not mean that it should always be on. When it is on, you need a minimum of protection against virus and trojan invasion. Software such as Zone Alarm needs to be coupled with virus protection. Norton Internet Security contains both. I go for overkill. I have a hardware firewall and NIS. I also have Zone's Pest Patrol. I get at least one email daily that tells me my efforts are warranted.
Your mileage may vary.

You two to do nothing but scare ignorant people. Millions of ports get probed everyday. It doesn't mean you're "under attack".

I wonder why million of ports are getting probed every day? Could it be because of ignorant people who don't close their ports? Making their systems vulnerable to zombies that can then go out and probe another million ports.

Sometimes, ignorant people need to be scared, to get them off of their dead @sses and take some responsibility for their corner of the internet.

I agree that a port probe doesn't equal a DOS attack, but, it is an attack, none the less.

Slackers make my life difficult every day. Those ignorant souls that don't secure their email servers from relays, help fuel the mountain of spam my organization deals with every day. Those that don't secure their servers and desktops systems from zombies, just insure we'll have more Code Reds and DOS attacks.