Network Security Warning ..... How to Protect Yourself On The Internet

[Sierra_abx]

Hi PCBruiser. Thanks for starting this thread. I rarely visit the networking section, but maybe I should check in more often. Some very useful information here. It's made me think about whether my LAN and computers are secure enough. Keep up the good work.

[pointreyes]

Just because Cisco has acquired Linksys does not mean that Linksys has gotten better. I have always been hesistant with a Linksys for a router and looks like it was a good thing I was.

http://techupdate.zdnet.com/techupda..._and_DDoS.html

[nowareman]

Thanks PCB for the excellent info. I switched my network to IPX/SPX yesterday. I really appreciate your help although I'm sorry to hear you had to find this all out the hard way.

My daughter and son-in-law just had an experience with identity theft to the tune of approximately $5K. Luckily they weren't responsible for any of the charges but, as you know, it takes much time to get the mess these thieves leave behind stratightened out.

Pointreyes, I'm using the Linksys router the article you linked suggests as a replecement for the BEFSR41, the BEFSX41, and I've had no issues with installation, operation or security since I set it up almost a year ago.

[pointreyes]

Quote:

Originally posted by nowareman
Pointreyes, I'm using the Linksys router the article you linked suggests as a replecement for the BEFSR41, the BEFSX41, and I've had no issues with installation, operation or security since I set it up almost a year ago.

Have you tested the router against the ShieldsUp and SOS links that have been provided on this thread? That port scanning is important in confirming some assurance that the router is doing it's job.

[GAM]

Thanks PCBruiser for this thread, security has been a source of paranoia for me now that I am permanently connected to the net with a small home lan-2 PCs and wireless laptop.

I ran all the tests on the ShieldsUp site and passed all tests without a single issue or concern.

I have been using a 'Billion 743GE (4 Port) Wireless ADSL Firewall Router' for about 12 months--note the 743 is 802.11b, but they have a new 802.11g version out now.

I'd like to point out that this router was very cheap (significantly the cheapest at the time with all features and protocols) and incredibly easy to install and configure. You can basically set it and forget it-defaults to high security settings. I would like to recommend these routers particularly for people in Australia where hardware is more expensive and offer less variety--)

Question:
I also run a now expired Norton Internet Security 2003 with NAV (not expired). I have wondered whether it is really necessary to continue running NIS given the hardware Firewall/Router. Can you shed any light on this for me? I would appreciate your wisdom.

Thanks

[PCBruiser]

Glad to shed some light on that. Yes, I always recommend having a software firewall as well, although I do not use the Norton one myself anymore. That issue is a personal preference one though.

Here's why I recommend them. By their very nature, a hardware firewall like we have, should be really good with blocking things that are arriving from outside, and at blocking outgoing ports and protocols. But, also by its' very nature, a hardware firewall cannot tell what program has created individual outgoing packets. It can only see what ports and protocols the outgoing packet uses. If the outgoing packet is using a permitted outgoing port, 80 say for html, it will allow that packet to leave your LAN. If the packet was created by malware that somehow got on your machine, a trojan say, it will get out. But, a software firewall integrated into your system CAN tell which program is attempting to send that packet. And good ones with program access controls, will stop that from happening. Good reason for continuing to use a good software firewall. Also, given my "belt and suspenders" philosophy on protecting myself, the added comfort it gives me is good too.

[GAM]

Thank you for clearing that up.

I guess I figured as much, but was hoping to elliminate another resident program (There are just so many ).

I do have trouble with home networking and Norton's Personal Firewall--If I want to connect another computer I have to disable it (this is due to my ignorance, no doubt), typically I set Security Level to 'Low' which I felt was sufficient, as it often interferes with my PC 'experience' when set to Medium or High. Any reason not to do this? (Sorry if this is really meant for a different thread)

[PCBruiser]

If I recall correctly isn't there an option to establish a "trusted" zone for your home LAN? If so, and I'm pretty sure that option is there, then that should fix your LAN connection issue.

[GAM]

Quote:

Originally posted by PCBruiser
If I recall correctly isn't there an option to establish a "trusted" zone for your home LAN? If so, and I'm pretty sure that option is there, then that should fix your LAN connection issue.

Yes, that's true. And I have set this up ('Trusted Zones') recently. My machines are currently networked. I have not experimented or looked into this for awhile, so sorry to waste your time.

Thanks for all the help and excellent advice and instruction in this thread.

[PCBruiser]

No waste at all, if you are still having a problem, why not take a look at that again, and post some more details about your settings, and maybe we can figure out whatthe problem is. One thing you should check first though is that all your systems on the your LAN have the same trusted zone settings because if not, it might be that incompatible settings on the various systems is causing the problem.

[adamsfbay]

A few pointers for those of you who use IE:

1. Go get SpySites (do a google search). It adds thousands of "bad" sites to your IE restricted zone. A good idea. The regular version is free, just download it, install the app, and find the menu command that says "add all sites to restricted zone."

2. Get SpyBot and add it's Immunization options (I only use Permanent IE immunity, and the miscellaneous protections, as the bad download blocker causes issues for me).

3. Also in SpyBot, under tools: Host Files - add SpyBot Hosts list.

Or, you can switch to Firefox and be happier overall

-Adam

[Fraoch]

Good HOSTS file here too, and it's updated about once a week.

[GAM]

Quote:

Originally posted by PCBruiser
No waste at all, if you are still having a problem, why not take a look at that again, and post some more details about your settings, and maybe we can figure out whatthe problem is. One thing you should check first though is that all your systems on the your LAN have the same trusted zone settings because if not, it might be that incompatible settings on the various systems is causing the problem.

Ok. I have taken another look and, after configuring Trusted Zones on the 2nd PC too (to become FTP/Web/VPN server), as well as configuring the same User Account and Password, I can now boot up both machines, login and access shared directories on either machine (and without entering another password). So happy here.

However, I still can't print from 2nd on 1st's printer.

EDIT: I have got eMule working by correctly setting a Rule to allow these connections on specified ports.
Another issue I had with Firewalls (hard and soft) was getting peer-to-peer networking (eMule) to work. Despite openning a couple of ports (I get scared openning these ports, btw) I still can't connect to these servers.

[PCBruiser]

Printer sharing - go into Start/Settings/Printers. Pick the printer on the 2nd, then rediscover the priner, you probably just need to refind it.

P2P. Because of all the problems with P2P, I simply won't use it. Too much likelyhood of malware, viruses, etc., simply not worth the risks to me for my tastes, so I can't really help you with that one.

[pointreyes]

Quote:

Originally posted by PCBruiser
Printer sharing - go into Start/Settings/Printers. Pick the printer on the 2nd, then rediscover the priner, you probably just need to refind it.

P2P. Because of all the problems with P2P, I simply won't use it. Too much likelyhood of malware, viruses, etc., simply not worth the risks to me for my tastes, so I can't really help you with that one.

I use p2p (bittorrent) because I sometimes like to download my missed tv shows. I have my router setup to not be pingable and I have the proper port opened up through the router for the p2p software to connect. I have done a port scan through shieldsup and sos and those ports do not come up but I'm able to use p2p. See attached pic to see how I have the ports setup on my router-this will provide you with the correct port number you must allow for incoming packets.