|
29 Jan 2005, 23:59
|
#1
|
cynic
Join Date: May 2000
Location: Bishop Auckland Co. Durham
Posts: 8,809
|
this is silly
so, for the first time i have broadband working in my new house, and also for the first time my PC is the end point in the chain rather than connecting through a router, so no firewall except for the one actually installed on my machine
i havent yet been online 10 mins and my pc has already intercepted nearly 200 attempts to access it
for ****s sake thats ridiculous
__________________
lazy
|
|
|
30 Jan 2005, 00:07
|
#2
|
________
Join Date: May 2002
Location: Somwhere I belong
Posts: 4,474
|
Re: this is silly
It's a bummer.
__________________
Quote:
Originally Posted by blink 182
Breathing deeply, walking backwards,
finding strength to call and ask her
Roller coaster favorite ride,
let me kiss you one last time.
|
|
|
|
30 Jan 2005, 00:08
|
#3
|
1up on you
Join Date: Mar 2002
Location: Birmingham, UK
Posts: 4,007
|
Re: this is silly
the internet is becoming more of a burden these days, i wish those wankers who code the shit to destroy our computers would **** themselves.
I now await my computer to be attacked.
__________________
pig
[ 1u p]
|
|
|
30 Jan 2005, 18:13
|
#4
|
cynic
Join Date: May 2000
Location: Bishop Auckland Co. Durham
Posts: 8,809
|
Re: this is silly
it really pissed me off last night, and whats worse, my fiancee has been online all day, and my firewall log only records the last 100 lines, most of which have been attempted attacks? i mean seriously? wtf?
__________________
lazy
|
|
|
30 Jan 2005, 18:37
|
#5
|
Insomniac
Join Date: May 2003
Posts: 3,583
|
Re: this is silly
and just think, without a firewall all of those would be hitting your computer
|
|
|
30 Jan 2005, 19:16
|
#6
|
ND
Join Date: Aug 2001
Location: Amazingstoke
Posts: 2,235
|
Re: this is silly
I blame Microsoft.
__________________
[ND]
|
|
|
30 Jan 2005, 19:24
|
#7
|
Freedom Fanatic
Join Date: Oct 2003
Location: Doing evil deeds in the name of freedom
Posts: 680
|
Re: this is silly
317202 access attempts blocked since installation of zone alarm about a month ago.
102206 intrustion blocked
5590 of them rated as high security risks.
I'd say 70% of all that seems to have came from my ISP.
__________________
The universe we observe has precisely the properties we should expect if there is, at bottom, no design, no purpose, no evil and no good, nothing but blind pitiless indifference.
|
|
|
31 Jan 2005, 02:16
|
#8
|
InSomniac
Join Date: Aug 2004
Location: Durham, England
Posts: 1,473
|
Re: this is silly
in the last hour ive tracked over 200 attempts on my pc... thank god McAfee is saving my comp
had sum hackers from the following places:
Honolulu
Phillidalphia
Los Angeles
Tokyo
Caracas
Paris
London
Edinborough
Warszawa
crapp fcking hackers!!
__________________
Runner up in the InSomnia 'Drunkest HC' competition - Currently on the wagon
Elysium | HR | eXilition | OuZo | ND | InSomnia | DLR
db battlegroup founder and spiritual leader
Sexytime HC of Belgians (#s3xytime)
Not so retired anymore....
|
|
|
31 Jan 2005, 04:50
|
#9
|
1up on you
Join Date: Mar 2002
Location: Birmingham, UK
Posts: 4,007
|
Re: this is silly
no lithuanians??????? o.0
__________________
pig
[ 1u p]
|
|
|
31 Jan 2005, 05:31
|
#10
|
This is bat country
Join Date: Nov 2003
Location: Norway
Posts: 1,693
|
Re: this is silly
somewhere around the world there is ONE dedicated individual who tries to access YOUR computer to watch your porn.
I'd feel pretty damn proud
__________________
Burárum!
|
|
|
31 Jan 2005, 05:36
|
#11
|
1up on you
Join Date: Mar 2002
Location: Birmingham, UK
Posts: 4,007
|
Re: this is silly
i think i bought a dvd off that guy
__________________
pig
[ 1u p]
|
|
|
31 Jan 2005, 05:39
|
#12
|
Miles Teg
Join Date: Nov 2001
Location: Dom City
Posts: 5,192
|
Re: this is silly
They are all automated attempts and tbh I still think that they are rather harmless, unless someone can point me to some article that computers without firewalls etc get abused to the max.
__________________
Audentes Fortuna Iuvat
|
|
|
31 Jan 2005, 05:45
|
#13
|
the Sacred Pervert
Join Date: Nov 2004
Location: San Diego, CA
Posts: 1,492
|
Re: this is silly
Quote:
Originally Posted by Mek
in the last hour ive tracked over 200 attempts on my pc... thank god McAfee is saving my comp
|
i also have the McAfee firewall console and i get thousands of inbound activities per day, 80% of which are hacker attempts - theyre so many of them i dont even bother reporting, unless theyre from the same addresses and attempted multiple times
thank god for McAfee indeed
__________________
"....some might say, we will find a brighter day...."
-Oasis
Veneratio | Insomnia | F-Crew | Subh
|
|
|
31 Jan 2005, 12:13
|
#14
|
mmm.. pills
Join Date: Apr 2000
Location: Australia
Posts: 2,152
|
Re: this is silly
That's the wonderful thing about numbers, there are so many people out there armed (whether they know it or not) with virii & hacker tools that it's almost imposible not to be hit by something, infact many things within a short period. I have observed at least two out of the box from the factory machines that did not yet have service pack 1 for XP get hit by blaster in an impressive 5-10 seconds of being on the web.
__________________
CSS : the result of letting artists design something only an engineer should touch.
|
|
|
31 Jan 2005, 12:23
|
#15
|
Lonely analytic
Join Date: Jan 2001
Posts: 2,390
|
Re: this is silly
Yeah it´s amazing. There must be something in SP1 the illuminati want us to have installed.
(I love a good conspiracy theory every now and then)
__________________
For real
|
|
|
31 Jan 2005, 12:35
|
#16
|
Born Sinful
Join Date: Nov 2000
Location: Loughborough, UK
Posts: 4,059
|
Re: this is silly
First of all there are some things you should be aware of:
* Most portscans on the same subnet as your external IP are from your ISP checking up on you. NTL do this especially - they want to make sure you're not running webservers or FTPs, both of which they expressly prohibit.
* Other junk from the same subnet is probably coming from infected machines using your ISP - stuff like blaster etc scanning for other machines to infect. Unless you're as daft as they are and don't keep windows up to date, this is just harmless noise.
* Having your pc as the router is not a good thing from a security perpective - especially on broadband. Personally I have a dedicated linux machine in my garage that acts as a router and firewall, as well as providing a few other services (DHCP, Intrusion Detection, web proxy, limited dynamic port allocation to allow FTP etc to work, port forwarding, SOCKS proxy...). A hardware router is also a perfectly good solution, and I would have gone for that myself had I not wanted the flexibility to add my own custom extras.
So far today the firewall has logged 387 hits, and IDS has logged 32 events, most of which look like:
Code:
Date: 01/31 11:19:00
Name: ICMP redirect host
Priority: 2
Type: Potentially Bad Traffic
IP info: 207.134.53.118:n/a -> xxx.xxx.xxx.xxx:n/a
References: none found
SID: 472
Priority 2 means "maybe worth looking at".
Everything in the log is either priority 2 or 3 (3 being "almost certainly not worth worrying about"). I can't remember the last time I saw a priority 1.
The point I'm making is that while it may look bad, most of it is harmless IF you have service pack 2 installed and are up to date on all other security fixes - or are using another OS.
As I have bittorrent running that's probably generating most of the hits, with people trying to connect directly and being denied.
__________________
Worth dying for. Worth killing for. Worth going to hell for. Amen.
|
|
|
31 Jan 2005, 12:46
|
#17
|
mmm.. pills
Join Date: Apr 2000
Location: Australia
Posts: 2,152
|
Re: this is silly
I've always wondered how much more efficient the web would be without all this 'background noise'. If millions upon millions of packets weren't being broadcast to every address every second think how less loaded servers would be and how fewer packets would get broadcast over excessive quantities of hops between routers. Alas that'll never be though :/
__________________
CSS : the result of letting artists design something only an engineer should touch.
|
|
|
31 Jan 2005, 12:56
|
#18
|
cynic
Join Date: May 2000
Location: Bishop Auckland Co. Durham
Posts: 8,809
|
Re: this is silly
i don't use XP either, i use 2k pro intead, and everything is kept bang up to date on that and my mcafee
__________________
lazy
|
|
|
31 Jan 2005, 13:37
|
#19
|
Rawr rawr
Join Date: Dec 2000
Location: Upside down
Posts: 5,300
|
Re: this is silly
I don't have a firewall because I don't WANT to know what's hitting my computer. It'd only make me paranoid and stuff.
Instead I have a policy of only installing trusted software.
__________________
"Yay"
|
|
|
31 Jan 2005, 13:59
|
#20
|
PA Ancient
Join Date: Oct 2003
Location: Ventnor, Isle Of Wight
Posts: 1,060
|
Re: this is silly
Its the usal shite tbh mate.. my comp gets attacked a lot also. And i do actually agree with Pig they shud all be hunted down and shot.
__________________
Played: Round 1-13. PA Team: Round 13-17. The Return: Round 18-19. PA Team: Round 20. Return.. Again: Round 21-37 Retired: Round 38 Returned: Round 39-45 Retired: Round 45 Returned: Round: 56
Ever been attacked by a p3nguin? You get left a bit black and white!
p3nguin Founder
|
|
|
31 Jan 2005, 14:19
|
#21
|
Mr. Blobby
Join Date: Nov 2000
Location: Belgium
Posts: 8,271
|
Re: this is silly
Quote:
Originally Posted by Structural Integrity
I don't have a firewall because I don't WANT to know what's hitting my computer.
|
I do run a firewall, but I never bother to check the logs for a similar reason. Not to mention that a large percentage of hits will actually be completely harmless stuff.
|
|
|
31 Jan 2005, 14:22
|
#22
|
PA Ancient
Join Date: Oct 2003
Location: Ventnor, Isle Of Wight
Posts: 1,060
|
Re: this is silly
Well that wud depend if your using an online banking service for instance. Then you wud be stuffed if you didnt have a firewall.
__________________
Played: Round 1-13. PA Team: Round 13-17. The Return: Round 18-19. PA Team: Round 20. Return.. Again: Round 21-37 Retired: Round 38 Returned: Round 39-45 Retired: Round 45 Returned: Round: 56
Ever been attacked by a p3nguin? You get left a bit black and white!
p3nguin Founder
|
|
|
1 Feb 2005, 10:23
|
#23
|
Born Sinful
Join Date: Nov 2000
Location: Loughborough, UK
Posts: 4,059
|
Re: this is silly
Err, say whatnow?
Firewalls do nothing to protect your internet transactions, banking or otherwise. Banking and creditcard purchases etc are protected by data encryption over SSL, which provides security at the transmission level - encryption from the data leaving your computer right through to the server at the other end.
Firewalls are to filter out attacks on your network interface, the most common of which is portscanning. This can be done manually (a guy with nmap looking to see what ports are open so he can guess what insecure services you might be running that he can exploit) or automatically (the various worms such as code red, which scan specific ports to check for a known insecure service then perform an attack on it).
The best way to use a firewall is a "block all except" configuration, whereby anything you don't specifically allow is denied.
Some personal internet security software will scan packets to check for certain strings you have defined and so may prevent your credit card number being leaked without your knowledge if you've been daft enough to install a trojan or spyware, but a combination of common sense and antivirus/antispyware software should prevent that from ever happening anyway.
__________________
Worth dying for. Worth killing for. Worth going to hell for. Amen.
|
|
|
1 Feb 2005, 12:09
|
#24
|
The Twilight of the Gods
Join Date: Jan 2001
Posts: 23,481
|
Re: this is silly
Quote:
Originally Posted by meglamaniac
Firewalls do nothing to protect your internet transactions, banking or otherwise. Banking and creditcard purchases etc are protected by data encryption over SSL, which provides security at the transmission level - encryption from the data leaving your computer right through to the server at the other end.
|
He's probably talking about Keyloggers, which seem more the S&D area of effect.
|
|
|
|
All times are GMT +1. The time now is 17:12.
| |