Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
893 posts

Ultimate Geek
+1 received by user: 46

Trusted

  Reply # 65252 28-Mar-2007 08:04
Send private message

stevenz:
xlinknz: well it stands to reason that by not using windows or outlook would significantly reduce threat exposure, that said an open port is an open port


As far as that goes, I think if the scanner at grc.com thinks all your ports are stealthed, you shouldn't have too much issue. Even with the OS X firewall turned off, it's not finding anything. Just make sure your router is configured properly. Failing that, ZoneAlarm will work fairly well as a software firewall, even if it is a bit bloated.

If people are paranoid to the point where they're turning the modem off in case someone singles them out for attack, then you might want to start investing in a good router that will filter DOS attacks and SYN floods etc.

People can't just remotely install apps onto your PC without you having to have done _something_ to enable them to do so such as opening an attachment, or visiting a malicious website. If there's no back-orifice or other hidden TSR/Trojan installed for them to access things with, you shouldn't have an issue. They certainly can't just scan for your IP, hack into an open port and install a program unless you've really got things wide open with unpassworded shares or telnet server.

Keep AVG running & updated, do your daily windows security updates, get a router with its own firewall (should be nigh impossible to find one without one),tell the router to block external ping requests and you should be fine. If they can't find you, they (almost) can't hack you.



In other words, an open port is only a problem if (a) there is something listening to that port that can be exploited or (b) the OS has some vulnerability that can be exploited via that port.




 

794 posts

Ultimate Geek
+1 received by user: 68


  Reply # 65261 28-Mar-2007 09:51
Send private message

And this is why so many vunerbilities are on port 80 [http] as it is invariably open and why so many security fixes are for browsers

my point is if one isn't using the Net then there is no need to be connected, I don't leave the power or appliances on at home when I don't use them

The view that one should be always connected even when one doesn't need to is no different to leaving ones house unlocked on the basis that one has a good alarm system !

maybe geeks lack common sense Wink


BDFL - Memuneh
60800 posts

Uber Geek
+1 received by user: 11675

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 65262 28-Mar-2007 10:01
Send private message

xlinknz: And this is why so many vunerbilities are on port 80 [http] as it is invariably open and why so many security fixes are for browsers

maybe geeks lack common sense Wink


No, geeks don't lack common sense. It looks like there's some misunderstanding around, and doesn't look like it's from the geeks' side.

Vulnerabilities from the outside, when no one is using a computer are related to SERVER processes. The port 80 you are talking about is a SERVER process on your computer, if you have a web server installed. If you don't have a webserver installed (IIS, Apache, OmniHTTPD or whatever) then there's nothing anyone from outside can do to go through this port.

Of course this is a generalisation from your part. Many malware use other ports. For example SQL Servers, FTP, even file sharing programs. Those open ports on your computer, waiting for external connections.

Now, a web browser is not a server and vulnerabilities on port 80 will not affect browsers. The web browser is a client, and other types of vulnerabilities exploit clients - but most require YOU, the user, to actually visit a malicious website (or one carrying a malicious code without knowing) to have that loaded.

That's where a good antivirus and antispyware comes in handy. It's when YOU go to sites or open an e-mail with malware that this will be blocked.

If you have a fully patched system, with adequate security software in place is the equivalent of having a lock on your home.





794 posts

Ultimate Geek
+1 received by user: 68


  Reply # 65265 28-Mar-2007 10:50
Send private message

Hi freitasm

I appreciate your clarification, yes I did generalise but it is hard not to on this topic

I agree if everyone had up to date virsus scanners, patches [the later 2 reactive] and correctly configured firewalls the Net would be a better place

But unlike us geeks Wink imho most people i.e. the general public out there have little idea about network security. This is why so many PCs are compromised with virsus and malware etc

Common examples I see often are:
 
1. people with ZA installed but when prompted they promptly allow whatever is being asked for  e.g. "do you want to allow program x to use port x to address x.x.x.x" u know what I mean !

2. No Wifi security

An excellent recent example if the keystroke logger malware that was installed onto the NFL site which compromised thousands of PCs [yes it did exploit a vunerability]

I want to stress that patches etc are reactive, much damage is done b4 the vendors have fixed vunerbilities and have new virses signatures

ps: maybe we should start a security forum on here ?









1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.