Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Re: Protecting your computer from worms/viruses

Reply
Thread Tools

Re: Protecting your computer from worms/viruses

 
 
~misfit~
Guest
Posts: n/a
 
      08-17-2003

"Joe Bloggs" <(E-Mail Removed)> wrote in message
news:wRw%a.3597$(E-Mail Removed)...
> Below is a summary of how to protect your computer better from this and
> other viruses/worms. This information is from the
> http://www.microsoft.com/security/ web site.
>
> For more specific information on the blaster worm see
> http://www.microsoft.com/security/incident/blast.asp - it includes steps

on
> how to remove the virus.
>
>
> __________________________________________________ ________________________
>
> Here is what to do to get protected and stay protected.
>
>
>
> 1. First, turn on the Internet Connection Firewall in Windows XP.

Having
> the firewall activated will protect your computer from this security issue
> as well as many many others. Even if your computer has already been
> infected, activating firewall software will help limit the effects of the
> worm on your computer.


<snip>

I'm using a machine running XP as a gateway for my LAN and that machine is
the only one with XP's firewall enabled. Is that enough? Or do I need a
firewall on all my machines? Should I also put something like Zonealarm or
Kerio on it?

TIA.
--
~misfit~



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003


 
Reply With Quote
 
 
 
 
Chris Wilkinson
Guest
Posts: n/a
 
      08-17-2003
Hi there,

~misfit~ wrote:
>
> I'm using a machine running XP as a gateway for my LAN and that machine is
> the only one with XP's firewall enabled. Is that enough? Or do I need a
> firewall on all my machines? Should I also put something like Zonealarm or
> Kerio on it?


As long as your firewall is fully configurable. You should be able to
specify whether port probes are accepted, rejected, or dropped, and
which ones also...dropping is the best policy since any hacker probing
random IP addresses will not get a response back. Thats called
'stealthing'. Make sure logging is on, since a persistent hacker may
find a weakness somewhere...at least if you see what IP address they
attack from and what time, you can report the activity to their ISP
and the ISP will be able to take action of some sort against the hacker
(close their account, legal action etc...)

Kind regards,

Chris Wilkinson, Christchurch.

 
Reply With Quote
 
 
 
 
~misfit~
Guest
Posts: n/a
 
      08-17-2003

"Chris Wilkinson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi there,
>
> ~misfit~ wrote:
> >
> > I'm using a machine running XP as a gateway for my LAN and that machine

is
> > the only one with XP's firewall enabled. Is that enough? Or do I need a
> > firewall on all my machines? Should I also put something like Zonealarm

or
> > Kerio on it?

>
> As long as your firewall is fully configurable. You should be able to
> specify whether port probes are accepted, rejected, or dropped, and
> which ones also...dropping is the best policy since any hacker probing
> random IP addresses will not get a response back. Thats called
> 'stealthing'. Make sure logging is on, since a persistent hacker may
> find a weakness somewhere...at least if you see what IP address they
> attack from and what time, you can report the activity to their ISP
> and the ISP will be able to take action of some sort against the hacker
> (close their account, legal action etc...)
>
> Kind regards,
>
> Chris Wilkinson, Christchurch.



Thanks Chris. I can't find any way to configure XP's built-in firewall
(please correct me if I'm wrong Nathan) so I may run another one on it as
well. The old 'belt and braces' policy.

Cheers,
--
~misfit~



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003


 
Reply With Quote
 
Joe Bloggs
Guest
Posts: n/a
 
      08-17-2003
From the Start menu, select the Help & Support section.
In the Search box, enter "Internet Connection Firewall overview" and execute
the search.

Have a read of the "Internet Connection Firewall overview" topic.
Specifically instructions to manually configure the firewall can be found
off the "Add a service definition" link (under the "How Internet Connection
Firewall (ICF) works" sub section). You can open up ports and turn on
logging...

Regarding the question about the firewall on the gateway - I believe the
answer is yes, only the firewall on the XP machine directly connected to the
internet requires the firewall to be enabled.
You might want to read further at: (which has a lot of information on home
networking including security).
http://www.microsoft.com/windowsxp/homenetworking/
http://www.microsoft.com/windowsxp/e...ies/july30.asp


"~misfit~" <misfit@'SPAMTRAP'orcon.net.nz> wrote in message
news:uIJ%a.119096$(E-Mail Removed)...
> Thanks Chris. I can't find any way to configure XP's built-in firewall
> (please correct me if I'm wrong Nathan) so I may run another one on it as
> well. The old 'belt and braces' policy.
>
> Cheers,
> --
> ~misfit~



 
Reply With Quote
 
~misfit~
Guest
Posts: n/a
 
      08-18-2003
Just tested my computer (at https://grc.com/x/ne.dll?rh1dkyd2) which is on a
LAN with the gateway machine running XP's firewall:

GRC Port Authority Report created on UTC: 2003-08-18 at 00:23:26

Results from scan of ports: 0, 21, 23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
25 Ports Stealth
---------------------
25 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

I'm very pleased, chalk one up for Microsoft.
--
~misfit~




---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003


 
Reply With Quote
 
Steve B
Guest
Posts: n/a
 
      08-18-2003
On Mon, 18 Aug 2003 12:50:41 +1200, "~misfit~"
<misfit@'SPAMTRAP'orcon.net.nz> wrote:

>Just tested my computer (at https://grc.com/x/ne.dll?rh1dkyd2) which is on a
>LAN with the gateway machine running XP's firewall:
>
>GRC Port Authority Report created on UTC: 2003-08-18 at 00:23:26
>
>Results from scan of ports: 0, 21, 23, 25, 79, 80, 110, 113,
> 119, 135, 139, 143, 389, 443, 445,
> 1002, 1024-1030, 1720, 5000
>
> 0 Ports Open
> 0 Ports Closed
> 25 Ports Stealth
>---------------------
> 25 Ports Tested
>
>ALL PORTS tested were found to be: STEALTH.
>
>TruStealth: PASSED - ALL tested ports were STEALTH,
> - NO unsolicited packets were received,
> - NO Ping reply (ICMP Echo) was received.
>
>I'm very pleased, chalk one up for Microsoft.


Ditto.

Chalk one up for Zone Alarm

(But do we really trust GRC?)

Steve B.
 
Reply With Quote
 
T.N.O
Guest
Posts: n/a
 
      08-19-2003
"~misfit~" wrote
> I do. Steve Gibson is the man IMO.


I haven't really liked him since he got a heap of stuff wrong a year or two
back, have taken what he says with a big grain of salt at least.


 
Reply With Quote
 
Enkidu
Guest
Posts: n/a
 
      08-22-2003
On Fri, 22 Aug 2003 02:15:25 +1200, "Steve Phillips"
<(E-Mail Removed)> wrote:

>
>"~misfit~" <misfit@'SPAMTRAP'orcon.net.nz> wrote in message
>news:S720b.120124$(E-Mail Removed).. .
>> > (But do we really trust GRC?)

>>
>> I do. Steve Gibson is the man IMO.

>
>you poor lost soul.
>
>Steve Gibson is an idle for the clue challenged.


"Idle"? There's no doubt that he is an energetic self-promoter,
surely!!

"Idol" I think you mean!

Cheers,

Cliff
--

Signed and sealed with Great Seal of the Executive
Council of the Internet, by The Master of The Net.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Protecting your ID! public_info@cox.net Computer Support 4 10-01-2005 06:13 PM
Instructions for protecting your Windows computer Joe Bloggs NZ Computing 10 05-02-2004 10:58 PM
Re: Protecting your computer from worms/viruses Robert Mathews NZ Computing 5 08-21-2003 03:44 AM
Re: Protecting your computer from worms/viruses Vogan NZ Computing 11 08-21-2003 03:16 AM
Protecting your home computer Joe Bloggs NZ Computing 1 08-20-2003 04:12 AM



Advertisments