Re: Protecting your computer from worms/viruses

Discussion in 'NZ Computing' started by ~misfit~, Aug 17, 2003.

  1. ~misfit~

    ~misfit~ Guest

    "Joe Bloggs" <> wrote in message
    news:wRw%a.3597$...
    > Below is a summary of how to protect your computer better from this and
    > other viruses/worms. This information is from the
    > http://www.microsoft.com/security/ web site.
    >
    > For more specific information on the blaster worm see
    > http://www.microsoft.com/security/incident/blast.asp - it includes steps

    on
    > how to remove the virus.
    >
    >
    > __________________________________________________________________________
    >
    > Here is what to do to get protected and stay protected.
    >
    >
    >
    > 1. First, turn on the Internet Connection Firewall in Windows XP.

    Having
    > the firewall activated will protect your computer from this security issue
    > as well as many many others. Even if your computer has already been
    > infected, activating firewall software will help limit the effects of the
    > worm on your computer.


    <snip>

    I'm using a machine running XP as a gateway for my LAN and that machine is
    the only one with XP's firewall enabled. Is that enough? Or do I need a
    firewall on all my machines? Should I also put something like Zonealarm or
    Kerio on it?

    TIA.
    --
    ~misfit~



    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003
    ~misfit~, Aug 17, 2003
    #1
    1. Advertising

  2. Hi there,

    ~misfit~ wrote:
    >
    > I'm using a machine running XP as a gateway for my LAN and that machine is
    > the only one with XP's firewall enabled. Is that enough? Or do I need a
    > firewall on all my machines? Should I also put something like Zonealarm or
    > Kerio on it?


    As long as your firewall is fully configurable. You should be able to
    specify whether port probes are accepted, rejected, or dropped, and
    which ones also...dropping is the best policy since any hacker probing
    random IP addresses will not get a response back. Thats called
    'stealthing'. Make sure logging is on, since a persistent hacker may
    find a weakness somewhere...at least if you see what IP address they
    attack from and what time, you can report the activity to their ISP
    and the ISP will be able to take action of some sort against the hacker
    (close their account, legal action etc...)

    Kind regards,

    Chris Wilkinson, Christchurch.
    Chris Wilkinson, Aug 17, 2003
    #2
    1. Advertising

  3. ~misfit~

    ~misfit~ Guest

    "Chris Wilkinson" <> wrote in message
    news:...
    > Hi there,
    >
    > ~misfit~ wrote:
    > >
    > > I'm using a machine running XP as a gateway for my LAN and that machine

    is
    > > the only one with XP's firewall enabled. Is that enough? Or do I need a
    > > firewall on all my machines? Should I also put something like Zonealarm

    or
    > > Kerio on it?

    >
    > As long as your firewall is fully configurable. You should be able to
    > specify whether port probes are accepted, rejected, or dropped, and
    > which ones also...dropping is the best policy since any hacker probing
    > random IP addresses will not get a response back. Thats called
    > 'stealthing'. Make sure logging is on, since a persistent hacker may
    > find a weakness somewhere...at least if you see what IP address they
    > attack from and what time, you can report the activity to their ISP
    > and the ISP will be able to take action of some sort against the hacker
    > (close their account, legal action etc...)
    >
    > Kind regards,
    >
    > Chris Wilkinson, Christchurch.



    Thanks Chris. I can't find any way to configure XP's built-in firewall
    (please correct me if I'm wrong Nathan) so I may run another one on it as
    well. The old 'belt and braces' policy.

    Cheers,
    --
    ~misfit~



    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003
    ~misfit~, Aug 17, 2003
    #3
  4. ~misfit~

    Joe Bloggs Guest

    From the Start menu, select the Help & Support section.
    In the Search box, enter "Internet Connection Firewall overview" and execute
    the search.

    Have a read of the "Internet Connection Firewall overview" topic.
    Specifically instructions to manually configure the firewall can be found
    off the "Add a service definition" link (under the "How Internet Connection
    Firewall (ICF) works" sub section). You can open up ports and turn on
    logging...

    Regarding the question about the firewall on the gateway - I believe the
    answer is yes, only the firewall on the XP machine directly connected to the
    internet requires the firewall to be enabled.
    You might want to read further at: (which has a lot of information on home
    networking including security).
    http://www.microsoft.com/windowsxp/homenetworking/
    http://www.microsoft.com/windowsxp/expertzone/columns/davies/july30.asp


    "~misfit~" <misfit@'SPAMTRAP'orcon.net.nz> wrote in message
    news:uIJ%a.119096$...
    > Thanks Chris. I can't find any way to configure XP's built-in firewall
    > (please correct me if I'm wrong Nathan) so I may run another one on it as
    > well. The old 'belt and braces' policy.
    >
    > Cheers,
    > --
    > ~misfit~
    Joe Bloggs, Aug 17, 2003
    #4
  5. ~misfit~

    ~misfit~ Guest

    Just tested my computer (at https://grc.com/x/ne.dll?rh1dkyd2) which is on a
    LAN with the gateway machine running XP's firewall:

    GRC Port Authority Report created on UTC: 2003-08-18 at 00:23:26

    Results from scan of ports: 0, 21, 23, 25, 79, 80, 110, 113,
    119, 135, 139, 143, 389, 443, 445,
    1002, 1024-1030, 1720, 5000

    0 Ports Open
    0 Ports Closed
    25 Ports Stealth
    ---------------------
    25 Ports Tested

    ALL PORTS tested were found to be: STEALTH.

    TruStealth: PASSED - ALL tested ports were STEALTH,
    - NO unsolicited packets were received,
    - NO Ping reply (ICMP Echo) was received.

    I'm very pleased, chalk one up for Microsoft.
    --
    ~misfit~




    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003
    ~misfit~, Aug 18, 2003
    #5
  6. ~misfit~

    Steve B Guest

    On Mon, 18 Aug 2003 12:50:41 +1200, "~misfit~"
    <misfit@'SPAMTRAP'orcon.net.nz> wrote:

    >Just tested my computer (at https://grc.com/x/ne.dll?rh1dkyd2) which is on a
    >LAN with the gateway machine running XP's firewall:
    >
    >GRC Port Authority Report created on UTC: 2003-08-18 at 00:23:26
    >
    >Results from scan of ports: 0, 21, 23, 25, 79, 80, 110, 113,
    > 119, 135, 139, 143, 389, 443, 445,
    > 1002, 1024-1030, 1720, 5000
    >
    > 0 Ports Open
    > 0 Ports Closed
    > 25 Ports Stealth
    >---------------------
    > 25 Ports Tested
    >
    >ALL PORTS tested were found to be: STEALTH.
    >
    >TruStealth: PASSED - ALL tested ports were STEALTH,
    > - NO unsolicited packets were received,
    > - NO Ping reply (ICMP Echo) was received.
    >
    >I'm very pleased, chalk one up for Microsoft.


    Ditto.

    Chalk one up for Zone Alarm :)

    (But do we really trust GRC?)

    Steve B.
    Steve B, Aug 18, 2003
    #6
  7. ~misfit~

    T.N.O Guest

    "~misfit~" wrote
    > I do. Steve Gibson is the man IMO.


    I haven't really liked him since he got a heap of stuff wrong a year or two
    back, have taken what he says with a big grain of salt at least.
    T.N.O, Aug 19, 2003
    #7
  8. ~misfit~

    Enkidu Guest

    On Fri, 22 Aug 2003 02:15:25 +1200, "Steve Phillips"
    <> wrote:

    >
    >"~misfit~" <misfit@'SPAMTRAP'orcon.net.nz> wrote in message
    >news:S720b.120124$...
    >> > (But do we really trust GRC?)

    >>
    >> I do. Steve Gibson is the man IMO.

    >
    >you poor lost soul.
    >
    >Steve Gibson is an idle for the clue challenged.


    "Idle"? There's no doubt that he is an energetic self-promoter,
    surely!!

    "Idol" I think you mean!

    Cheers,

    Cliff
    --

    Signed and sealed with Great Seal of the Executive
    Council of the Internet, by The Master of The Net.
    Enkidu, Aug 22, 2003
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dog

    worms trojans viruses

    Dog, Jan 29, 2005, in forum: Computer Information
    Replies:
    6
    Views:
    370
    What's in a Name?
    Jun 9, 2005
  2. Dog

    Worms,Trogans,Viruses and other problems

    Dog, Jun 14, 2005, in forum: Computer Information
    Replies:
    6
    Views:
    365
    Duane Arnold
    Jun 16, 2005
  3. Robert Mathews

    Re: Protecting your computer from worms/viruses

    Robert Mathews, Aug 16, 2003, in forum: NZ Computing
    Replies:
    5
    Views:
    370
    Nathan Mercer
    Aug 21, 2003
  4. Vogan
    Replies:
    11
    Views:
    478
    Nicholas Sherlock
    Aug 21, 2003
  5. Raymond

    Dealing with viruses and Worms

    Raymond, Oct 14, 2003, in forum: A+ Certification
    Replies:
    7
    Views:
    410
    Tom MacIntyre
    Oct 17, 2003
Loading...

Share This Page