this is silly

[roadrunner_0]

so, for the first time i have broadband working in my new house, and also for the first time my PC is the end point in the chain rather than connecting through a router, so no firewall except for the one actually installed on my machine

i havent yet been online 10 mins and my pc has already intercepted nearly 200 attempts to access it

for ****s sake thats ridiculous

[Blastoderm]

It's a bummer.

[pig]

the internet is becoming more of a burden these days, i wish those wankers who code the shit to destroy our computers would **** themselves.

I now await my computer to be attacked.

[roadrunner_0]

it really pissed me off last night, and whats worse, my fiancee has been online all day, and my firewall log only records the last 100 lines, most of which have been attempted attacks? i mean seriously? wtf?

[Phil^]

and just think, without a firewall all of those would be hitting your computer

[The_Fish]

I blame Microsoft.

[Ninja_spammer]

317202 access attempts blocked since installation of zone alarm about a month ago.

102206 intrustion blocked
5590 of them rated as high security risks.

I'd say 70% of all that seems to have came from my ISP.

[Mek]

in the last hour ive tracked over 200 attempts on my pc... thank god McAfee is saving my comp

had sum hackers from the following places:

Honolulu
Phillidalphia
Los Angeles
Tokyo
Caracas
Paris
London
Edinborough
Warszawa

crapp fcking hackers!!

[pig]

no lithuanians??????? o.0

[I am Idler]

somewhere around the world there is ONE dedicated individual who tries to access YOUR computer to watch your porn.

I'd feel pretty damn proud

[pig]

i think i bought a dvd off that guy

[Knight Theamion]

They are all automated attempts and tbh I still think that they are rather harmless, unless someone can point me to some article that computers without firewalls etc get abused to the max.

[demiGOD]

Quote:

Originally Posted by Mek

in the last hour ive tracked over 200 attempts on my pc... thank god McAfee is saving my comp

i also have the McAfee firewall console and i get thousands of inbound activities per day, 80% of which are hacker attempts - theyre so many of them i dont even bother reporting, unless theyre from the same addresses and attempted multiple times

thank god for McAfee indeed

[djbass]

That's the wonderful thing about numbers, there are so many people out there armed (whether they know it or not) with virii & hacker tools that it's almost imposible not to be hit by something, infact many things within a short period. I have observed at least two out of the box from the factory machines that did not yet have service pack 1 for XP get hit by blaster in an impressive 5-10 seconds of being on the web.

[xtrasyn]

Yeah it´s amazing. There must be something in SP1 the illuminati want us to have installed.

(I love a good conspiracy theory every now and then)

[meglamaniac]

First of all there are some things you should be aware of:

* Most portscans on the same subnet as your external IP are from your ISP checking up on you. NTL do this especially - they want to make sure you're not running webservers or FTPs, both of which they expressly prohibit.

* Other junk from the same subnet is probably coming from infected machines using your ISP - stuff like blaster etc scanning for other machines to infect. Unless you're as daft as they are and don't keep windows up to date, this is just harmless noise.

* Having your pc as the router is not a good thing from a security perpective - especially on broadband. Personally I have a dedicated linux machine in my garage that acts as a router and firewall, as well as providing a few other services (DHCP, Intrusion Detection, web proxy, limited dynamic port allocation to allow FTP etc to work, port forwarding, SOCKS proxy...). A hardware router is also a perfectly good solution, and I would have gone for that myself had I not wanted the flexibility to add my own custom extras.


So far today the firewall has logged 387 hits, and IDS has logged 32 events, most of which look like:

Code:

Date: 01/31 11:19:00
Name: ICMP redirect host 
Priority: 2
Type: Potentially Bad Traffic 
IP info: 207.134.53.118:n/a -> xxx.xxx.xxx.xxx:n/a 
References: none found
SID: 472

Priority 2 means "maybe worth looking at".
Everything in the log is either priority 2 or 3 (3 being "almost certainly not worth worrying about"). I can't remember the last time I saw a priority 1.

The point I'm making is that while it may look bad, most of it is harmless IF you have service pack 2 installed and are up to date on all other security fixes - or are using another OS.
As I have bittorrent running that's probably generating most of the hits, with people trying to connect directly and being denied.

[djbass]

I've always wondered how much more efficient the web would be without all this 'background noise'. If millions upon millions of packets weren't being broadcast to every address every second think how less loaded servers would be and how fewer packets would get broadcast over excessive quantities of hops between routers. Alas that'll never be though :/

[roadrunner_0]

i don't use XP either, i use 2k pro intead, and everything is kept bang up to date on that and my mcafee

[Structural Integrity]

I don't have a firewall because I don't WANT to know what's hitting my computer. It'd only make me paranoid and stuff.
Instead I have a policy of only installing trusted software.

[Assassin]

Its the usal shite tbh mate.. my comp gets attacked a lot also. And i do actually agree with Pig they shud all be hunted down and shot.

[Leshy]

Quote:

Originally Posted by Structural Integrity

I don't have a firewall because I don't WANT to know what's hitting my computer.

I do run a firewall, but I never bother to check the logs for a similar reason. Not to mention that a large percentage of hits will actually be completely harmless stuff.

[Assassin]

Well that wud depend if your using an online banking service for instance. Then you wud be stuffed if you didnt have a firewall.

[meglamaniac]

Err, say whatnow?

Firewalls do nothing to protect your internet transactions, banking or otherwise. Banking and creditcard purchases etc are protected by data encryption over SSL, which provides security at the transmission level - encryption from the data leaving your computer right through to the server at the other end.

Firewalls are to filter out attacks on your network interface, the most common of which is portscanning. This can be done manually (a guy with nmap looking to see what ports are open so he can guess what insecure services you might be running that he can exploit) or automatically (the various worms such as code red, which scan specific ports to check for a known insecure service then perform an attack on it).
The best way to use a firewall is a "block all except" configuration, whereby anything you don't specifically allow is denied.

Some personal internet security software will scan packets to check for certain strings you have defined and so may prevent your credit card number being leaked without your knowledge if you've been daft enough to install a trojan or spyware, but a combination of common sense and antivirus/antispyware software should prevent that from ever happening anyway.

[MrL_JaKiri]

Quote:

Originally Posted by meglamaniac

Firewalls do nothing to protect your internet transactions, banking or otherwise. Banking and creditcard purchases etc are protected by data encryption over SSL, which provides security at the transmission level - encryption from the data leaving your computer right through to the server at the other end.

He's probably talking about Keyloggers, which seem more the S&D area of effect.