Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
899 posts

Ultimate Geek
+1 received by user: 46

Trusted

  Reply # 65252 28-Mar-2007 08:04
Send private message

stevenz:
xlinknz: well it stands to reason that by not using windows or outlook would significantly reduce threat exposure, that said an open port is an open port


As far as that goes, I think if the scanner at grc.com thinks all your ports are stealthed, you shouldn't have too much issue. Even with the OS X firewall turned off, it's not finding anything. Just make sure your router is configured properly. Failing that, ZoneAlarm will work fairly well as a software firewall, even if it is a bit bloated.

If people are paranoid to the point where they're turning the modem off in case someone singles them out for attack, then you might want to start investing in a good router that will filter DOS attacks and SYN floods etc.

People can't just remotely install apps onto your PC without you having to have done _something_ to enable them to do so such as opening an attachment, or visiting a malicious website. If there's no back-orifice or other hidden TSR/Trojan installed for them to access things with, you shouldn't have an issue. They certainly can't just scan for your IP, hack into an open port and install a program unless you've really got things wide open with unpassworded shares or telnet server.

Keep AVG running & updated, do your daily windows security updates, get a router with its own firewall (should be nigh impossible to find one without one),tell the router to block external ping requests and you should be fine. If they can't find you, they (almost) can't hack you.



In other words, an open port is only a problem if (a) there is something listening to that port that can be exploited or (b) the OS has some vulnerability that can be exploited via that port.




 

798 posts

Ultimate Geek
+1 received by user: 70

Trusted

  Reply # 65261 28-Mar-2007 09:51
Send private message

And this is why so many vunerbilities are on port 80 [http] as it is invariably open and why so many security fixes are for browsers

my point is if one isn't using the Net then there is no need to be connected, I don't leave the power or appliances on at home when I don't use them

The view that one should be always connected even when one doesn't need to is no different to leaving ones house unlocked on the basis that one has a good alarm system !

maybe geeks lack common sense Wink


BDFL - Memuneh
61200 posts

Uber Geek
+1 received by user: 11981

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 65262 28-Mar-2007 10:01
Send private message

xlinknz: And this is why so many vunerbilities are on port 80 [http] as it is invariably open and why so many security fixes are for browsers

maybe geeks lack common sense Wink


No, geeks don't lack common sense. It looks like there's some misunderstanding around, and doesn't look like it's from the geeks' side.

Vulnerabilities from the outside, when no one is using a computer are related to SERVER processes. The port 80 you are talking about is a SERVER process on your computer, if you have a web server installed. If you don't have a webserver installed (IIS, Apache, OmniHTTPD or whatever) then there's nothing anyone from outside can do to go through this port.

Of course this is a generalisation from your part. Many malware use other ports. For example SQL Servers, FTP, even file sharing programs. Those open ports on your computer, waiting for external connections.

Now, a web browser is not a server and vulnerabilities on port 80 will not affect browsers. The web browser is a client, and other types of vulnerabilities exploit clients - but most require YOU, the user, to actually visit a malicious website (or one carrying a malicious code without knowing) to have that loaded.

That's where a good antivirus and antispyware comes in handy. It's when YOU go to sites or open an e-mail with malware that this will be blocked.

If you have a fully patched system, with adequate security software in place is the equivalent of having a lock on your home.





798 posts

Ultimate Geek
+1 received by user: 70

Trusted

  Reply # 65265 28-Mar-2007 10:50
Send private message

Hi freitasm

I appreciate your clarification, yes I did generalise but it is hard not to on this topic

I agree if everyone had up to date virsus scanners, patches [the later 2 reactive] and correctly configured firewalls the Net would be a better place

But unlike us geeks Wink imho most people i.e. the general public out there have little idea about network security. This is why so many PCs are compromised with virsus and malware etc

Common examples I see often are:
 
1. people with ZA installed but when prompted they promptly allow whatever is being asked for  e.g. "do you want to allow program x to use port x to address x.x.x.x" u know what I mean !

2. No Wifi security

An excellent recent example if the keystroke logger malware that was installed onto the NFL site which compromised thousands of PCs [yes it did exploit a vunerability]

I want to stress that patches etc are reactive, much damage is done b4 the vendors have fixed vunerbilities and have new virses signatures

ps: maybe we should start a security forum on here ?









1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.