what can happen with no firewall

Discussion in 'NZ Computing' started by Gordon, Nov 7, 2004.

  1. Gordon

    Gordon Guest

    On Sun, 07 Nov 2004 19:42:41 +1300, akiwi wrote:

    >
    >
    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?


    Google's response to what is a firewall.

    Web definitions for Firewall
    A firewall is a set of related programs, located at a network gateway server,
    that protects the resources of a private network from users from other
    networks. Basically, a firewall, working closely with a router program,
    filters all network packets to determine whether to forward them toward
    their destination. A firewall is often installed away from the rest of
    the network so that no incoming request can get directly at private
    network resources. There are a number of firewall screening methods. A
    simple one is to screen requests to make sure they come from acceptable
    (previously identified) domain names and IP addresses. For mobile users,
    firewalls allow remote access in to the private network by the use of
    secure logon procedures and authentication certificates.
    www.stallion.com/html/support/glossary.html - Definition in context

    Home PC Firewall Guide
    Learn how to protect home computers and networks from Internet outlaws by using
    firewall, antivirus, anti-Trojan and anti-spyware software plus hardware ...
    www.firewallguide.com/ - 27k - 5 Nov 2004 - Cached - Similar pages

    Unquote

    http://www.firewallguide.com/
    http://www.us-cert.gov/reading_room/HomeComputerSecurity/

    >
    > If your PC receives an unexpected message from the internet why
    > doesn't it just get discarded harmlessly?


    Because of history. In the past the Internet was a place of trust.
    Everything was open and computers were always ready to say Hi!

    Nasty people make this idea a silly one to-day.

    Also think about it, if all computers on a network, did not respond to
    requests. No action.

    The firewalls job is to monitor what is going out of and into your PC. If
    a packet comes which is not requested the firewall goes PISS OFF mate!
    Drops the packet as the text books say ;-)

    > Apart from folder sharing
    > (which can be password protected) what applications or services could
    > an average PC have running that could be a problem if an unexpected
    > message is received?


    In the case of MSIE, the list is about as long as history.

    Once someone is in to your PC, the war is all but over.

    Get a firewall now, or wait until you really understand why you need one
    now.
     
    Gordon, Nov 7, 2004
    #1
    1. Advertising

  2. Gordon

    akiwi Guest

    From searching on the internet for "what is a firewall" the only
    explanations that turn up are superficial in that they all say a
    firewall stops your PC from being "attacked" but none of them explain
    what attacked really means - so ... what can happen if you have no
    firewall?

    If your PC receives an unexpected message from the internet why
    doesn't it just get discarded harmlessly? Apart from folder sharing
    (which can be password protected) what applications or services could
    an average PC have running that could be a problem if an unexpected
    message is received?
     
    akiwi, Nov 7, 2004
    #2
    1. Advertising

  3. Gordon

    -[Myth]- Guest

    On Sun, 07 Nov 2004 19:42:41 +1300, akiwi wrote:

    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?
    >
    > If your PC receives an unexpected message from the internet why
    > doesn't it just get discarded harmlessly? Apart from folder sharing
    > (which can be password protected) what applications or services could
    > an average PC have running that could be a problem if an unexpected
    > message is received?


    If you weren't running Windows, you would have no problem (unless you had
    insecure servers running).
     
    -[Myth]-, Nov 7, 2004
    #3
  4. Gordon

    akiwi Guest

    On Mon, 8 Nov 2004 08:03:34 -0800, "James West" <>
    wrote:

    >guess you do not Google very often?


    more than you probably

    >
    >http://computer.howstuffworks.com/firewall.htm
    >
    >http://www.firewallguide.com/faq.htm


    Could you please quote something from those websites that answers my
    question
    <quote>
    Apart from folder sharing (which can be password protected) what
    applications or services could an average PC have running that could
    be a problem if an unexpected message is received?
    <end quote>

    >now just leave your house doors and windows open and keys in your car
    >and ask why not to do that


    This is a nonsense statement which tells me a lot about you and
    nothing about firewalls.
     
    akiwi, Nov 7, 2004
    #4
  5. -[Myth]- wrote:
    > On Sun, 07 Nov 2004 19:42:41 +1300, akiwi wrote:
    >
    >
    >>From searching on the internet for "what is a firewall" the only
    >>explanations that turn up are superficial in that they all say a
    >>firewall stops your PC from being "attacked" but none of them explain
    >>what attacked really means - so ... what can happen if you have no
    >>firewall?
    >>
    >>If your PC receives an unexpected message from the internet why
    >>doesn't it just get discarded harmlessly? Apart from folder sharing
    >>(which can be password protected) what applications or services could
    >>an average PC have running that could be a problem if an unexpected
    >>message is received?

    >
    >
    > If you weren't running Windows, you would have no problem (unless you had
    > insecure servers running).


    What a crazy short sighted statement to make...
     
    Nathan Mercer, Nov 7, 2004
    #5
  6. Gordon

    akiwi Guest

    On Sun, 7 Nov 2004 20:04:51 +1300, "-[Myth]-"
    <> wrote:

    >
    >If you weren't running Windows, you would have no problem (unless you had
    >insecure servers running).


    So why is Windows a problem? Can you be specific?
     
    akiwi, Nov 7, 2004
    #6
  7. akiwi wrote:
    >
    > On Sun, 7 Nov 2004 20:04:51 +1300, "-[Myth]-"
    > <> wrote:
    >
    > >If you weren't running Windows, you would have no problem (unless you had
    > >insecure servers running).

    >
    > So why is Windows a problem? Can you be specific?


    Ignore him, he's completely wrong.
     
    Stuart Richards, Nov 7, 2004
    #7
  8. Gordon

    Mackin Guest

    akiwi wrote:

    <snip>
    >
    >>now just leave your house doors and windows open and keys in your car
    >>and ask why not to do that

    >
    > This is a nonsense statement which tells me a lot about you and
    > nothing about firewalls.


    After a comment like that, don't be surprised if you don't get much help.

    The two links that James posted are a very good source of information. If
    there's something that you don't understand, post a specific question and
    be polite, maybe then you'll get a helpful answer. Nobody likes a
    smart-arse.

    Mackin.
     
    Mackin, Nov 7, 2004
    #8
  9. Gordon

    Allistar Guest

    akiwi wrote:

    >
    >
    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?
    >
    > If your PC receives an unexpected message from the internet why
    > doesn't it just get discarded harmlessly? Apart from folder sharing
    > (which can be password protected) what applications or services could
    > an average PC have running that could be a problem if an unexpected
    > message is received?


    There are some applications that can listen on certain ports for particular
    htings. Some of those applications can be sent specially constructed data
    that they were not designed to receive which could open up your machine to
    attack (like running programs on your PC, installing applications without
    your knowledge etc). A firewall prevents traffic entering your PC on those
    ports, thereby preventing the attacker from getting up to mischief.

    Allistar.
     
    Allistar, Nov 7, 2004
    #9
  10. Gordon

    Collector_NZ Guest

    akiwi said the following on 7/11/2004 19:42:
    >
    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?
    >
    > If your PC receives an unexpected message from the internet why
    > doesn't it just get discarded harmlessly? Apart from folder sharing
    > (which can be password protected) what applications or services could
    > an average PC have running that could be a problem if an unexpected
    > message is received?

    In simple terms a firewall allows you to retain control over your PC it
    prevents others from the internet using it to thier advantage eg
    relaying spam mail, launching DDOS attacks on web sites or other
    networks and many other equally nasty tasks.
    Some other reasons for having a firewall dont involve attacks as such
    but the preservation of the privacy of your data and identity.

    You will undoubtably get many idiot answers to your question since
    people on here often have difficulty in percieving what a clearly asked
    question really means.

    So attacks can be simply summed up as deeds by others to
    control/damage/steal your PC

    --
    Geek used to be a 4 letter word now it's a 6 figure number
    ======================================================================
    Local 40.9000°S, 174.9830°E | |
    ======================================================================
    A lie can travel halfway around the world
    while the truth is putting on its shoes.-Mark Twain
    "A government that robs Peter to pay Paul
    can always depend upon the support of Paul."...George Bernard Shaw
     
    Collector_NZ, Nov 7, 2004
    #10
  11. Gordon wrote:
    >
    > On Sun, 07 Nov 2004 19:42:41 +1300, akiwi wrote:
    >
    > > Apart from folder sharing (which can be password protected) what
    > > applications or services could an average PC have running that could be a
    > > problem if an unexpected message is received?

    >
    > In the case of MSIE, the list is about as long as history.
    >
    > Once someone is in to your PC, the war is all but over.
    >
    > Get a firewall now, or wait until you really understand why you need one
    > now.


    Since when has any firewall protected you from exploitable bugs in Internet
    Explorer?
     
    Stuart Richards, Nov 7, 2004
    #11
  12. Gordon

    Steve Guest

    Stuart Richards wrote:
    > Gordon wrote:
    >
    >>On Sun, 07 Nov 2004 19:42:41 +1300, akiwi wrote:
    >>
    >>
    >>>Apart from folder sharing (which can be password protected) what
    >>>applications or services could an average PC have running that could be a
    >>>problem if an unexpected message is received?

    >>
    >>In the case of MSIE, the list is about as long as history.
    >>
    >>Once someone is in to your PC, the war is all but over.
    >>
    >>Get a firewall now, or wait until you really understand why you need one
    >>now.

    >
    >
    > Since when has any firewall protected you from exploitable bugs in Internet
    > Explorer?


    A firewall... is that packet filtering, stateful, or proxy? Or a
    combination of some/all of the above. Proxy firewalls will do what you
    want, I reckon.

    Steve
     
    Steve, Nov 7, 2004
    #12
  13. In article <>,
    says...
    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?


    Peple can install malicious software on your computer. They can then use
    that software to
    -damage your data/software
    -stop your computer from working normally
    -steal your passwords
    -use your computer as a zombi, for instance to relay spam emails
    automatically

    A firewall cannot save you from your own stupidity - for instance
    opening attachments that contain a virus or a trojan, but it can stop
    outside incursions on your harddrive or network. It can also (if you use
    a good firewall) stop any malicious software that you may erroneously
    have installed on your machine, from "calling home" without your
    noticing; in other words it should incapacitate them.

    h.t.h. -Peter

    --
    ***************
    direct replies to peters[underscore]spambot[at]
    ihug[fullstop]co[fullstop]nz
    (yes, really <g>)
    ***************
     
    Peter Huebner, Nov 7, 2004
    #13
  14. Gordon

    Enkidu Guest

    On Sun, 07 Nov 2004 19:42:41 +1300, akiwi <> wrote:
    >
    >From searching on the internet for "what is a firewall" the only
    >explanations that turn up are superficial in that they all say a
    >firewall stops your PC from being "attacked" but none of them explain
    >what attacked really means - so ... what can happen if you have no
    >firewall?
    >
    >If your PC receives an unexpected message from the internet why
    >doesn't it just get discarded harmlessly? Apart from folder sharing
    >(which can be password protected) what applications or services could
    >an average PC have running that could be a problem if an unexpected
    >message is received?
    >

    There are numerous services on your computer which listen on various
    "ports" (think of a port as just a number that a services uses to
    check if a packet is for that service). If your computer is not
    protected by a firewall, a remote computer could connect to one of
    those ports and use known bugs in that service to do anything from
    send you a rude message to completely obliterate your computer.

    Your can't shut those ports down because they are needed for various
    reasons internally. Well, you could shut most of them down if you are
    not permanently connected, I guess.

    A firewall stops incoming requests from the Internet connecting to
    your open ports, while allowing your internal services to connect as
    they choose.

    Say you get a virus in an email, or more correctly a Trojan Horse. The
    Trojan Horse sets itself up as a little server on your computer and
    listens on a particular port. Someone on the Internet scans computers
    on that port and if you do not have a firewall, it is able to connect,
    and bingo, you no longer own your computer.

    With a firewall in place, you may still catch the Trojan Horse, but
    the Trojan Horse's writer won't get to connect.

    However, if the Trojan Horse initiates the connection then your
    firewall just sees an outgoing connection, and if it is not smart,
    allows it. Then the far end can tell the Trojan Horse to trash your
    system or just forward your credit card number.

    That's the quick and dirty explanation.

    Cheers,

    Cliff
     
    Enkidu, Nov 7, 2004
    #14
  15. Gordon

    akiwi Guest

    On Sun, 07 Nov 2004 19:36:17 +1300, Gordon <> wrote:


    >http://www.us-cert.gov/reading_room/HomeComputerSecurity/


    That's a useful article but it's still vague
    <quote>
    How do intruders break into your computer? In some cases, they send
    you email with a virus. Reading that email activates the virus,
    creating an opening that intruders use to enter or access your
    computer. In other cases, they take advantage of a flaw or weakness in
    one of your computer’s programs – a vulnerability – to gain access.
    <end quote>

    Hopefully by now, merely reading email doesn't activate a virus - even
    in Outlook. Once you're infected by a virus a firewall might not help
    much.

    The other possibility they give is a "flaw or weakness" - ok, but
    that would require me to have a program running that is actually
    processing received internet messages - this is what I'm trying to
    find out ... what programs does an average home PC have running
    that are listening for messages?


    >
    >Also think about it, if all computers on a network, did not respond to
    >requests. No action.


    yep, but most people don't run web servers. I guess a lot of people
    run messenger applications - I hadn't thought of them. Even so, it
    would take a poorly written piece of software for this to be a
    problem.


    >
    >The firewalls job is to monitor what is going out of and into your PC. If
    >a packet comes which is not requested the firewall goes PISS OFF mate!
    >Drops the packet as the text books say ;-)
    >
    >> Apart from folder sharing
    >> (which can be password protected) what applications or services could
    >> an average PC have running that could be a problem if an unexpected
    >> message is received?

    >
    >In the case of MSIE, the list is about as long as history.


    You mean Internet Explorer? I've heard of MS's buffer overrun/
    underrun problems but I would have thought that by now, Internet
    Explorer doesn't need the help of a firewall to be safe to use. I
    know there's endless security patches where MS says "this patch
    protects against someone taking control of your PC" - are these all
    for Internet Explorer?? If a web browser ignores everything except
    the web page I actually requested why would it need the help of a
    firewall? If a "malicious" script runs and sends out messages which
    result in a response coming back to my PC, how could these incoming
    messages be a problem when the browser processes them and even if they
    are a problem how's a firewall going to help.

    I realize active X controls are dangerous but anyone who runs a
    malicious active X control most likely isn't going to be saved or even
    helped by a firewall.

    >
    >Once someone is in to your PC, the war is all but over.
    >
    >Get a firewall now, or wait until you really understand why you need one
    >now.


    I do have one. I'm just don't understand what it's actually
    protecting me from. Even in an application that's actively listening
    for messages, it would take some really bad software for unexpected
    messages to be a problem.

    Thanks for the response.
     
    akiwi, Nov 7, 2004
    #15
  16. Gordon

    Mr Scebe Guest

    "akiwi" <> wrote in message
    news:...
    >
    >
    > From searching on the internet for "what is a firewall" the only
    > explanations that turn up are superficial in that they all say a
    > firewall stops your PC from being "attacked" but none of them explain
    > what attacked really means - so ... what can happen if you have no
    > firewall?
    >
    > If your PC receives an unexpected message from the internet why
    > doesn't it just get discarded harmlessly? Apart from folder sharing
    > (which can be password protected) what applications or services could
    > an average PC have running that could be a problem if an unexpected
    > message is received?


    Check out a program called PSExec. Once you figure out how it works, you
    will probably never connect to the Internet again, well not without a well
    constructed firewall, that is.

    --
    Mr Scebe
    Losersh always whine about their 'besht'.
    Winnersh go home and **** the prom queen".
    ~Sean Connery in "The Rock"
     
    Mr Scebe, Nov 7, 2004
    #16
  17. Gordon

    akiwi Guest

    On Sun, 7 Nov 2004 22:10:48 +1300, "Mr Scebe" <>
    wrote:

    >
    >Check out a program called PSExec. Once you figure out how it works, you
    >will probably never connect to the Internet again, well not without a well
    >constructed firewall, that is.


    Well most likely it requires an application to be installed on the
    client PC and a password to get access - just like Telnet, VNC and
    remote desktop. With a reasonable password, it shouldn't be a
    problem.
     
    akiwi, Nov 7, 2004
    #17
  18. Gordon

    akiwi Guest

    On Sun, 07 Nov 2004 21:23:36 +1300, Enkidu <> wrote:

    >>

    >There are numerous services on your computer which listen on various
    >"ports" (think of a port as just a number that a services uses to
    >check if a packet is for that service). If your computer is not
    >protected by a firewall, a remote computer could connect to one of
    >those ports and use known bugs in that service to do anything from
    >send you a rude message to completely obliterate your computer.
    >
    >Your can't shut those ports down because they are needed for various
    >reasons internally. Well, you could shut most of them down if you are
    >not permanently connected, I guess.
    >
    >A firewall stops incoming requests from the Internet connecting to
    >your open ports, while allowing your internal services to connect as
    >they choose.


    That sounds like a design problem. It should be possible for internal
    services to use particular ports without "external" things being able
    to use those ports e.g. with a local encryption key or authorisation
    code of some sort that can't possibly be generated by an external
    source.


    >
    >Say you get a virus in an email, or more correctly a Trojan Horse. The
    >Trojan Horse sets itself up as a little server on your computer and
    >listens on a particular port. Someone on the Internet scans computers
    >on that port and if you do not have a firewall, it is able to connect,
    >and bingo, you no longer own your computer.
    >
    >With a firewall in place, you may still catch the Trojan Horse, but
    >the Trojan Horse's writer won't get to connect.
    >
    >However, if the Trojan Horse initiates the connection then your
    >firewall just sees an outgoing connection, and if it is not smart,
    >allows it. Then the far end can tell the Trojan Horse to trash your
    >system or just forward your credit card number.
    >
    >That's the quick and dirty explanation.


    So a firewall can help after a PC already has a problem.
    ok, Thanks.
     
    akiwi, Nov 7, 2004
    #18
  19. Gordon

    akiwi Guest

    On Sun, 07 Nov 2004 20:40:46 +1300, Allistar <> wrote:

    >
    >There are some applications that can listen on certain ports for particular
    >htings. Some of those applications can be sent specially constructed data
    >that they were not designed to receive which could open up your machine to
    >attack (like running programs on your PC, installing applications without
    >your knowledge etc).


    ok, well I would consider such applications to be really bad software

    >A firewall prevents traffic entering your PC on those
    >ports, thereby preventing the attacker from getting up to mischief.


    but if the firewall prevents traffic on those ports the application
    isn't going to work at all and if the firewall is going to allow
    messages on those ports, how is it going to tell which messages on
    that port are going to be a problem for a particular application i.e.
    how does the firewall help when you have a badly written application?
     
    akiwi, Nov 7, 2004
    #19
  20. Gordon

    akiwi Guest

    On Sun, 7 Nov 2004 21:22:15 +1300, Peter Huebner <>
    wrote:

    >
    >Peple can install malicious software on your computer. They can then use
    >that software to
    >-damage your data/software
    >-stop your computer from working normally
    >-steal your passwords
    >-use your computer as a zombi, for instance to relay spam emails
    > automatically
    >
    >A firewall cannot save you from your own stupidity - for instance
    >opening attachments that contain a virus or a trojan, but it can stop
    >outside incursions on your harddrive or network. It can also (if you use
    >a good firewall) stop any malicious software that you may erroneously
    >have installed on your machine, from "calling home" without your
    >noticing; in other words it should incapacitate them.
    >
    >h.t.h. -Peter


    yep that helps a little, thanks. Can it actually incapicitate them -
    what's to stop a malicious application from sending out the same kind
    of messages that a web browser sends out but with a bunch of my
    passwords encoded in the data or any information it likes? What
    stops it from reconfiguring my firewall to allow everything?
     
    akiwi, Nov 7, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sash
    Replies:
    6
    Views:
    685
    Toolman Tim
    Jan 14, 2005
  2. hp

    How Can This Happen???

    hp, Jun 22, 2004, in forum: Computer Security
    Replies:
    5
    Views:
    487
    Bill Unruh
    Jun 22, 2004
  3. Lawrence D¹Oliveiro

    From the "This Can't Happen With Linux" Files...

    Lawrence D¹Oliveiro, Mar 24, 2005, in forum: NZ Computing
    Replies:
    2
    Views:
    381
    -=[Waylon Smithers]=-
    Mar 24, 2005
  4. Steve Marshall

    This is what can happen when you send spam...

    Steve Marshall, Nov 11, 2005, in forum: NZ Computing
    Replies:
    5
    Views:
    349
  5. Scribner

    Can this happen?

    Scribner, Mar 2, 2009, in forum: Computer Support
    Replies:
    9
    Views:
    515
    Scribner
    Mar 5, 2009
Loading...

Share This Page