No relation to SED; but people here tend to give answers. I looked at ZA, and what turned me off, was that they "require" one to use IE *and* Active-X to test the computer. Why should i use a swiss cheese browser and then add insult to injury as well? And if ZA itself only works with IE, i consider it to be junk.
Pray tell me that solution...
And how does one connect a router between the serial port of the computer and the external modem?
I know very little about how attacks are actually done. However, i have prevented a number of processes, and have a long list in my HOSTS file. As a result, the GRC ShieldsUP tests show only two open ports for a Win2k computer: 135 (RPC) and 1025 (COM/DCOM); and show others for the present Win98SE computer: stealthed 106, 108, 109, 111; open 139 (NetBios). Now it seems that GRC has a DCOMbobbulator program that might fix the port 1025 problem. But what about the others? If i close the open ports, then would i be very safe?
Please explain why the need for the software firewall in that case.
Well, a teletype is a bit slow...
...and does ZA work with NetScape (i *RIPPED* out IE by its roots)?
AHA!!!
Testing my system with GRC's tools showed me safe inbound, but not outbound.
Pondering your suggestions I discovered that everything you recommend can be handled via the SMC Barricade router setup.
Now all I need to do is determine what outbound ports to allow ;-)
...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC\'s and Discrete Systems | manus |
| Phoenix, Arizona Voice:(480)460-2350 | |
| E-mail Address at Website Fax:(480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
As I have said several times (and others have said too), a router does a very good job of blocking incoming connections (such as from hackers), but LITTLE OR NOTHING to stop outgoing connections (such as from spyware). A router cannot determine what program is trying to open the connection.
-- 105 days until the winter solstice celebration "Today, the theory of evolution is an accepted fact for everyone but a fundamentalist minority, whose objections are based not on reasoning but on doctrinaire adherence to religious principles" -- James D. Watson
You use the ethernet jack on the computer. Serial port routers are available (I had one for several years before cable became available here). These let you connect modems.
-- 105 days until the winter solstice celebration "Today, the theory of evolution is an accepted fact for everyone but a fundamentalist minority, whose objections are based not on reasoning but on doctrinaire adherence to religious principles" -- James D. Watson
Turns out NOT to be a correct statement for my SMC Barricade router. I can arbitrarily block outbound ports, and I can do it selectively by machine IP address.
...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC\'s and Discrete Systems | manus |
| Phoenix, Arizona Voice:(480)460-2350 | |
| E-mail Address at Website Fax:(480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
These should never be allowed on the internet.
It's better to block them at the router. Don't forget to disable uPnP.
Only PARTIALLY safe. You never know when a program (maybe some Windows update?) will turn it back on. You might even forget to turn it off again after re-installing.
BTW, I've had NO virus or spyware infections in the last year.
-- 105 days until the winter solstice celebration "Today, the theory of evolution is an accepted fact for everyone but a fundamentalist minority, whose objections are based not on reasoning but on doctrinaire adherence to religious principles" -- James D. Watson
And this is unsafe. You never know when a program will open a port. It could do so at any time.
-- 105 days until the winter solstice celebration "Today, the theory of evolution is an accepted fact for everyone but a fundamentalist minority, whose objections are based not on reasoning but on doctrinaire adherence to religious principles" -- James D. Watson
From other posts this morning, it appears NOT. I use Firefox with NoScript Extension and I'll NEVER go back to IE.
But I need to learn more about my SMC Barricade router. Looks like I can use it to block outbound ports as well as inbound. The GRC "Shields Up' test show ALL my inbound ports as "stealth", except for
113, which reports "closed"....Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC\'s and Discrete Systems | manus |
| Phoenix, Arizona Voice:(480)460-2350 | |
| E-mail Address at Website Fax:(480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
In the Barricade you can open/block *specific* ports. I suspect they can also be password protected. I need to RTFM ;-)
...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC\'s and Discrete Systems | manus |
| Phoenix, Arizona Voice:(480)460-2350 | |
| E-mail Address at Website Fax:(480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
It's just a small number of people compared to the whole.
Consider that many occupations such as medicine and farming would not be very productive without the acceptance of evolution.
-- 105 days until the winter solstice celebration "Today, the theory of evolution is an accepted fact for everyone but a fundamentalist minority, whose objections are based not on reasoning but on doctrinaire adherence to religious principles" -- James D. Watson
Yes. If you don't have multiple PCs on a LAN you can close all ports and dispense with a firewall and router. Here's my article with instructions for Win 2K:
Art
Is that for outbound?
There's not much content in the (on-line) Barricade help, but the example they show allows only mail, news, browser and DNS.
...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC\'s and Discrete Systems | manus |
| Phoenix, Arizona Voice:(480)460-2350 | |
| E-mail Address at Website Fax:(480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
Tortured syntax aside, it's HALF a software firewall. As Clifford Heath points out in a post further down the thread, Zone Alarm (et al) are useful for *egress* filtering.
The Micros~1 "firewall" does not filter *outbound* traffic
--making it mostly useless.
I don't believe this is correct
--unless this is a new tweak to the app. (Steve Gibson's site has long had Shields Up to check firewalls.)
Since firewall principles havn't changed in over a decade, "updates" are not necessary
--newer versions have simply become more bloated.
The old stuff does the job just as well--better IMO:
Malware writers are becoming increasingly savvy and are incorporating mechanisms that shut down software firewalls. It won't be long before software firewalls are completely useless. Clifford Heath alluded to this in the very 1st response.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.