Security discussion regarding hubs, firewalls, anti-virus and VistaSecurity

[Guest eganders]

Security discussion

 

These are a very basic set of questions. Possibly there is an article

on the web that someone can point me to that fully addresses each of

these:

 

What security protection should I expect from:

 

a wireless hub/router

 

a software firewall

 

a software anti-virus, anti-trojan program

 

the security built into Vista

 

 

The reason I ask this is that I have a Linksys wireless hub with a WEP

code activated and I also had Zonealarm with Windows XP. I had my

files shared. I thought that the wireless hub should provide hardware

based security from anyone being able to "look" at my files and

anything behind the hub. I found that Zonealarm was giving me a lot

of warnings of malware and other outside people finding me and trying

to access my computer and that Zonealarm was stopping this. I don't

understand the Linksys hub's capabilities well enough to not ask "why

was the hub not keeping these outside intruders out?".

 

I now have Vista and the security it provides is suffocating. I have

a hard time accessing my own files on other computers on my network

and you need an ADVANCED IT degree to work around it. I would think

that you could provide a secure "knock'em dead" firewall with a

Linksys hub that would allow you to be "naked" behind the firewall so

you did not have to deal with security at all once you were safe

behind the Linksys firewall. I think this shows why I need to learn

all I can so I don't leave my UAC off (which it is right now). I

want security, but I want to run my business also.

 

 

microsoft.public.windows.vista.security

[Guest FromTheRafters]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

Wikipedia comes to mind.

http://www.wikipedia.org/

 

Some responses inline

 

"eganders" <eganders@yahoo.com> wrote in message

news:1ccbb3b6-01f3-40a2-83e2-ab2f7440b568@i76g2000hsf.googlegroups.com...<span style="color:blue">

> Security discussion

>

> These are a very basic set of questions. Possibly there is an article

> on the web that someone can point me to that fully addresses each of

> these:</span>

 

There are, and I'm sure some experts here will provide some

for you. I find wikipedia a good resource for this kind of thing.

<span style="color:blue">

> What security protection should I expect from:

>

> a wireless hub/router</span>

 

At the very least it can be set to drop any incomming attempt

to set up a communications channel. If you run a server of some

sort, and you want to allow such an incomming connection you

"forward" that port. This does not affect two way communication

that was initiated by you i.e. 'outgoing' requests to the ISP's web

server or mail server and the incomming subsequent returns.

 

Also, these devices can run additional filtering software - and more.

 

These devices sit between you and the outside world and do not

depend on the integrity of your computer system. They are firewalls

because they compartmentalize the network similar to the way

actual firefighting firewalls do for a building.

<span style="color:blue">

> a software firewall</span>

 

This is an attempt to get the functionality of the routers firewall

plus the additional filtering, plus other features onto the system

it hopes to protect. They depend on the integrity of the system

unlike the device above.

 

With mobile computing, it is a very good idea to have a software

firewall because you don't always have control over the router

or wireless access point when you travel - or for some reason

you another's Wi-Fi network such as a cafe 'hot spot'.

<span style="color:blue">

> a software anti-virus, anti-trojan program</span>

 

These are two different things - although often lumped together.

Basically, you need both. In a way, the second detects malicious

(or otherwise bad) programs - and the first detects malicious (or

otherwise bad) programming code within an otherwise good

program. You could say that a virus is a replicating trojan - it

makes trojans out of pre-existing programs as it replicates into

them.

 

....from here it gets even murkier, so - you need both and you

might just as well have them combined into one in the form of

an 'on-access' or 'real time' or 'active' scanner. It wouldn't hurt

to have other detector programs that you run when you want

to 'on demand', but only one 'on access' scanner.

<span style="color:blue">

> the security built into Vista</span>

 

This is too general to go into, as there are lots of good security

features built-in to Vista. My advice, don't circumvent any of

them. Better is to learn how to operate within the parameters

Vista have provided (which is what you are doing).

<span style="color:blue">

> The reason I ask this is that I have a Linksys wireless hub with a WEP

> code activated and I also had Zonealarm with Windows XP. I had my

> files shared. I thought that the wireless hub should provide hardware

> based security from anyone being able to "look" at my files and anything

> behind the hub.</span>

 

Well, now you know that that assumption was wrong. style_emoticons/)

<span style="color:blue">

> I found that Zonealarm was giving me a lot

> of warnings of malware and other outside people finding me and trying

> to access my computer and that Zonealarm was stopping this.</span>

 

Like a dog barking at passing cars is "protecting" you from

possible intruders. style_emoticons/) Waking me up from a sound sleep

still rewards him with a pat on the head, so he keeps doing

it.

 

You can configure your software firewall to not do this I think.

(the dog is another matter) style_emoticons/)

<span style="color:blue">

> I don't

> understand the Linksys hub's capabilities well enough to not ask "why

> was the hub not keeping these outside intruders out?".</span>

 

Port forwarding? Subsequent (not init) packets? Local Area Network

(LAN) traffic from within your wireless network? This is why software

firewall applications are not completely worthless.

<span style="color:blue">

> I now have Vista and the security it provides is suffocating. I have

> a hard time accessing my own files on other computers on my network

> and you need an ADVANCED IT degree to work around it.</span>

 

Previous MS OSes installed to provide a rich out-of-the-box

experience with servers running and just about every protocol

bound to every other protocol so that the user wouldn't have

to do anything 'advanced' to get anything done. It was a disaster

securitywise, although it probably did reduce the number of

support calls from users actually trying to do something.

 

Now it is more secure and it requires more of the user to work

within it - or to circumnavigate it. So it provides better default

security, and more customer complaints.

<span style="color:blue">

> I would think

> that you could provide a secure "knock'em dead" firewall with a

> Linksys hub that would allow you to be "naked" behind the firewall so

> you did not have to deal with security at all once you were safe

> behind the Linksys firewall.</span>

 

The problem arises with the malware you invite in. That is the

subsequent packets and other unfiltered items.

<span style="color:blue">

> I think this shows why I need to learn

> all I can so I don't leave my UAC off (which it is right now). I

> want security, but I want to run my business also.</span>

 

Read some Microsoft TechNet articles on UAC and LUA.

You seem to be very capable of learning how all this works.

[Guest Kayman]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

On Wed, 20 Aug 2008 12:38:57 -0700 (PDT), eganders wrote:

<span style="color:blue">

> Security discussion

>

> These are a very basic set of questions. Possibly there is an article

> on the web that someone can point me to that fully addresses each of

> these:

>

> What security protection should I expect from:

>

> a wireless hub/router

>

> a software firewall

>

> a software anti-virus, anti-trojan program

>

> the security built into Vista

>

> The reason I ask this is that I have a Linksys wireless hub with a WEP

> code activated and I also had Zonealarm with Windows XP. I had my

> files shared. I thought that the wireless hub should provide hardware

> based security from anyone being able to "look" at my files and

> anything behind the hub. I found that Zonealarm was giving me a lot

> of warnings of malware and other outside people finding me and trying

> to access my computer and that Zonealarm was stopping this. I don't

> understand the Linksys hub's capabilities well enough to not ask "why

> was the hub not keeping these outside intruders out?".

>

> I now have Vista and the security it provides is suffocating. I have

> a hard time accessing my own files on other computers on my network

> and you need an ADVANCED IT degree to work around it. I would think

> that you could provide a secure "knock'em dead" firewall with a

> Linksys hub that would allow you to be "naked" behind the firewall so

> you did not have to deal with security at all once you were safe

> behind the Linksys firewall. I think this shows why I need to learn

> all I can so I don't leave my UAC off (which it is right now). I

> want security, but I want to run my business also.</span>

 

Security is a process not a product .

(Bruce Schneier)

 

For Vista the most dependable defenses are:

1. Do not work in elevated level; Day-to-day work should be performed

while the User Account Control (UAC) is enabled.

2. Familiarize yourself with "Services Hardening in Windows Vista".

3. Don't expose services to public networks.

4. Keep your operating (OS) system (and all software on it)

updated/patched.

5. Reconsider the usage of IE.

5a.Secure (Harden) Internet Explorer.

6. Review your installed 3rd party software applications/utilities;

Remove clutter, including 3rd party software personal firewall

application (PFW) - the one which claims:

"It can stop/control malicious outbound traffic".

7. Activate the build-in firewall and tack together its advanced

configuration settings.

7a.If on high-speed internet connection use a router as well.

For the average homeuser it is suggested blocking both TCP and UDP

ports 135 ~ 139 and 445 on the router and implement countermeasures

against DNSChanger. (Is the Firmware of your router up-to-date?).

And (just in case) Wired Equivalent Privacy (WEP) has been superseded by

Wi-Fi Protected Access (WPA).

8. Routinely practice Safe-Hex.

 

Also ensure you do:

a. Regularly back-up data/files.

b. Familiarize yourself with crash recovery tools and with

re-installing your operating system (OS).

c. Utilize a real-time anti-virus application and vital system

monitoring utilities/applications.

d. Keep abreast of the latest developments.

 

And finally:

Most computer magazines and/or (computer) specialized websites are biased

i.e. heavily weighted towards the (advertisement) dollar almighty!

Therefore:

a. Be cautious selecting software applications touted in publications

relying on advertisement revenue.

b. Do take their test-results of various software with a

considerable amount of salt!

c. Which also applies to their investigative in-depth test reports

related to any software applications.

d. Investigate claims made by software manufacturer prior downloading

their software; Subscribing to noncommercial-type publications,

specialized newsgroups and/or fora (to some extend) are a great way

to find out the 'nitty-gritties' and to consider various options.

 

The least preferred defenses are:

Myriads of popular anti-whatever applications and staying ignorant.

[Guest Steve Riley [MSFT]]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

> 7a.If on high-speed internet connection use a router as well.<span style="color:blue">

> For the average homeuser it is suggested blocking both TCP and UDP

> ports 135 ~ 139 and 445 on the router</span>

 

It really isn't necessary to create specific "block" rules. Nearly every

router does this automatically; they only permit traffic that's in reply to

some previous outbound request.

 

 

--

Steve Riley

steve.riley@microsoft.com

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

 

 

 

"Kayman" <kaymanDeleteThis@operamail.com> wrote in message

news:e15mmpxAJHA.756@TK2MSFTNGP02.phx.gbl...<span style="color:blue">

> On Wed, 20 Aug 2008 12:38:57 -0700 (PDT), eganders wrote:

><span style="color:green">

>> Security discussion

>>

>> These are a very basic set of questions. Possibly there is an article

>> on the web that someone can point me to that fully addresses each of

>> these:

>>

>> What security protection should I expect from:

>>

>> a wireless hub/router

>>

>> a software firewall

>>

>> a software anti-virus, anti-trojan program

>>

>> the security built into Vista

>>

>> The reason I ask this is that I have a Linksys wireless hub with a WEP

>> code activated and I also had Zonealarm with Windows XP. I had my

>> files shared. I thought that the wireless hub should provide hardware

>> based security from anyone being able to "look" at my files and

>> anything behind the hub. I found that Zonealarm was giving me a lot

>> of warnings of malware and other outside people finding me and trying

>> to access my computer and that Zonealarm was stopping this. I don't

>> understand the Linksys hub's capabilities well enough to not ask "why

>> was the hub not keeping these outside intruders out?".

>>

>> I now have Vista and the security it provides is suffocating. I have

>> a hard time accessing my own files on other computers on my network

>> and you need an ADVANCED IT degree to work around it. I would think

>> that you could provide a secure "knock'em dead" firewall with a

>> Linksys hub that would allow you to be "naked" behind the firewall so

>> you did not have to deal with security at all once you were safe

>> behind the Linksys firewall. I think this shows why I need to learn

>> all I can so I don't leave my UAC off (which it is right now). I

>> want security, but I want to run my business also.</span>

>

> Security is a process not a product .

> (Bruce Schneier)

>

> For Vista the most dependable defenses are:

> 1. Do not work in elevated level; Day-to-day work should be performed

> while the User Account Control (UAC) is enabled.

> 2. Familiarize yourself with "Services Hardening in Windows Vista".

> 3. Don't expose services to public networks.

> 4. Keep your operating (OS) system (and all software on it)

> updated/patched.

> 5. Reconsider the usage of IE.

> 5a.Secure (Harden) Internet Explorer.

> 6. Review your installed 3rd party software applications/utilities;

> Remove clutter, including 3rd party software personal firewall

> application (PFW) - the one which claims:

> "It can stop/control malicious outbound traffic".

> 7. Activate the build-in firewall and tack together its advanced

> configuration settings.

> 7a.If on high-speed internet connection use a router as well.

> For the average homeuser it is suggested blocking both TCP and UDP

> ports 135 ~ 139 and 445 on the router and implement countermeasures

> against DNSChanger. (Is the Firmware of your router up-to-date?).

> And (just in case) Wired Equivalent Privacy (WEP) has been superseded by

> Wi-Fi Protected Access (WPA).

> 8. Routinely practice Safe-Hex.

>

> Also ensure you do:

> a. Regularly back-up data/files.

> b. Familiarize yourself with crash recovery tools and with

> re-installing your operating system (OS).

> c. Utilize a real-time anti-virus application and vital system

> monitoring utilities/applications.

> d. Keep abreast of the latest developments.

>

> And finally:

> Most computer magazines and/or (computer) specialized websites are

> biased

> i.e. heavily weighted towards the (advertisement) dollar almighty!

> Therefore:

> a. Be cautious selecting software applications touted in publications

> relying on advertisement revenue.

> b. Do take their test-results of various software with a

> considerable amount of salt!

> c. Which also applies to their investigative in-depth test reports

> related to any software applications.

> d. Investigate claims made by software manufacturer prior downloading

> their software; Subscribing to noncommercial-type publications,

> specialized newsgroups and/or fora (to some extend) are a great way

> to find out the 'nitty-gritties' and to consider various options.

>

> The least preferred defenses are:

> Myriads of popular anti-whatever applications and staying ignorant. </span>

[Guest Mr. Arnold]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

"eganders" <eganders@yahoo.com> wrote in message

news:1ccbb3b6-01f3-40a2-83e2-ab2f7440b568@i76g2000hsf.googlegroups.com...<span style="color:blue">

></span>

 

For the wireless you can do sometings to better protect your situation.

 

http://compnetworking.about.com/od/wireles...ifisecurity.htm

 

For the XP or Vista O/S, you need to further harden the O/S(s) to attack,

like use Authenticated user group on file shares, disable the Guest account

and remove Everyone off of files and folders, along with other things you

can do, etc, etc.

 

http://labmice.techtarget.com/articles/win...tychecklist.htm

http://iase.disa.mil/stigs/checklist/

 

If you want to protect a business, then you need to come away from the

Linksys NAT router and step up to a low-end FW appliance, like a Watchguard,

Cisco, Snapgear, Sonicwall etc, etc those kind of solutions and not use a

NAT router for home usage. FW appliances cost a little more and are

affordable. You can even get a refurbished used one from reputable dealer

that has a warrantee from a reputable dealer, which you can call the

maufature to get names of dealers. A low end FW appliance is a plug it up

and go device that needs very little configuration on your part, like the

Linksys NAT router.

 

Here is some infromation to help you in your FW selection process.

 

http://www.homenethelp.com/web/explain/about-NAT.asp

http://www.vicomsoft.com/knowledge/reference/firewalls1.html

http://www.more.net/technical/netserv/tcpip/firewalls/

 

You can use something like Wallwatcher so that you see inbound and outbound

traffic, even for wireless on the devices.

 

http://sonic.net/wallwatcher/

[Guest Kayman]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

On Wed, 20 Aug 2008 18:14:23 -0700, Steve Riley [MSFT] wrote:

<span style="color:blue"><span style="color:green">

>> 7a.If on high-speed internet connection use a router as well.

>> For the average homeuser it is suggested blocking both TCP and UDP

>> ports 135 ~ 139 and 445 on the router</span>

>

> It really isn't necessary to create specific "block" rules. Nearly every

> router does this automatically; they only permit traffic that's in reply to

> some previous outbound request.</span>

 

Thanks for commenting on #7a.

Admittedly, I am not familiar with all types/makes of (small busines/home

user) routers available.

Are you saying to drop this comment completely or, since it is possible

that some users may employ routers which will not automatically block the

said ports, is paraphrasing the comment sufficient for the purpose?

[Guest Root Kit]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

On Thu, 21 Aug 2008 16:26:58 +0700, Kayman

<kaymanDeleteThis@operamail.com> wrote:

<span style="color:blue">

>On Wed, 20 Aug 2008 18:14:23 -0700, Steve Riley [MSFT] wrote:

><span style="color:green"><span style="color:darkred">

>>> 7a.If on high-speed internet connection use a router as well.

>>> For the average homeuser it is suggested blocking both TCP and UDP

>>> ports 135 ~ 139 and 445 on the router</span>

>>

>> It really isn't necessary to create specific "block" rules. Nearly every

>> router does this automatically; they only permit traffic that's in reply to

>> some previous outbound request.</span>

>

>Thanks for commenting on #7a.

>Admittedly, I am not familiar with all types/makes of (small busines/home

>user) routers available.

>Are you saying to drop this comment completely or, since it is possible

>that some users may employ routers which will not automatically block the

>said ports, is paraphrasing the comment sufficient for the purpose? </span>

 

I'm guessing now, but you probably meant blocking outbound packets

for mentioned ports. Some advocate doing this in order to also

"protect the internet from you", so to speak.

[Guest mike-cow]

My take is as follows; Protect myself from crawling threats on the

internet by a dedicated firewall, protect myself from software threats

with antivirus/malware protection. If those two factors are properly

setup, all other securitymeasures are redundant and wastes resources.

Perhaps I suffer from a 1% higher risk of infection over a period of a

few years, but it doesn't seem so this far. I have disabled all the

securityfeatures of windows, because I don't see a need for them. I

wouldn't do this to a systemcritical computer or if I had sensitive

information on the computer though, but this is a computer for games and

internet... If it goes down, I reinstall it (hasn't happened yet...).

 

Linux firewalls are free and safe enough to use for business if setup

with the right knowledge.

 

Most new routers come with SPI (stateful packet inspection) which only

accepts incoming traffic from servers you sent outgoing traffic to, and

that's usually enough for protection at home.

 

 

--

mike-cow

[Guest Steve Riley [MSFT]]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

I haven't seen a router with default-allow in years -- stuff you buy now is

configured default-deny (in the inbound direction), so everything's blocked

except:

 

inbound reply traffic

inbound traffic that matches a rule you wrote

 

 

--

Steve Riley

steve.riley@microsoft.com

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

 

 

 

"Kayman" <kaymanDeleteThis@operamail.com> wrote in message

news:#L42OA3AJHA.4064@TK2MSFTNGP02.phx.gbl...<span style="color:blue">

> On Wed, 20 Aug 2008 18:14:23 -0700, Steve Riley [MSFT] wrote:

><span style="color:green"><span style="color:darkred">

>>> 7a.If on high-speed internet connection use a router as well.

>>> For the average homeuser it is suggested blocking both TCP and UDP

>>> ports 135 ~ 139 and 445 on the router</span>

>>

>> It really isn't necessary to create specific "block" rules. Nearly every

>> router does this automatically; they only permit traffic that's in reply

>> to

>> some previous outbound request.</span>

>

> Thanks for commenting on #7a.

> Admittedly, I am not familiar with all types/makes of (small busines/home

> user) routers available.

> Are you saying to drop this comment completely or, since it is possible

> that some users may employ routers which will not automatically block the

> said ports, is paraphrasing the comment sufficient for the purpose? </span>

[Guest gerald3092]

Re: Security discussion regarding hubs, firewalls, anti-virus andVista Security

 

On Aug 20, 3:38 pm, eganders <egand...@yahoo.com> wrote:<span style="color:blue">

> Security discussion

>

> These are a very basic set of questions.  Possibly there is an article

> on the web that someone can point me to that fully addresses each of

> these:

>

> What security protection should I expect from:

>

> a wireless hub/router

>

> a software firewall

>

> a software anti-virus, anti-trojan program

>

> the security built into Vista

>

> The reason I ask this is that I have a Linksys wireless hub with a WEP

> code activated and I also had Zonealarm with Windows XP.  I had my

> files shared.  I thought that the wireless hub should provide hardware

> based security from anyone being able to "look" at my files and

> anything behind the hub.  I found that Zonealarm was giving me a lot

> of warnings of malware and other outside people finding me and trying

> to access my computer and that Zonealarm was stopping this.  I don't

> understand the Linksys hub's capabilities well enough to not ask "why

> was the hub not keeping these outside intruders out?".

>

> I now have Vista and the security it provides is suffocating.  I have

> a hard time accessing my own files on other computers on my network

> and you need an ADVANCED IT degree to work around it.  I would think

> that you could provide a secure "knock'em dead" firewall with a

> Linksys hub that would allow you to be "naked" behind the firewall so

> you did not have to deal with security at all once you were safe

> behind the Linksys firewall.  I think this shows why I need to learn

> all I can so I don't leave my UAC off (which it is right now).   I

> want security, but I want to run my business also.

>

>  microsoft.public.windows.vista.security</span>

 

I would be happy to help you and do note the majority of your

questions are in the general safe computing topically - not Vista

Security pe se..... I recommend for general "fix me up security wise"

to visit me (webmaster) www.BlueCollarPC.Net and links to our groups

for security or here: http://bluecollarpc.net/smf/index.php and here

http://www.bluecollarpc.net/joingroup.html and here

http://groups.google.com/group/BlueCollarPC and my general Vista Group

here http://tech.groups.yahoo.com/group/Vista-Group/ .....

 

I think you will get a much warmer reception and more important a blow

by blow help if needed painstakingly. News groups generally do not

participate as such is the 'coldness' perhaps. Like here - a specific

concise question with a specific concise answer is the norm. Generally

and to briefly answer your enormous concerns is that off the bat you

may have inadvertantly opened your coputer to dangers even security

software will not help much against, according to setings.

 

Number one, WEP (64/128bit encryption) has been hacked a good while

ago and is the same as logging on with 'No Security' settings. You

want to Upgrade to WPA (256bit encryption) across the board - Router,

PCs, Periperals (Windows Mobile PC etc). This was released in 2003

through Windows Updates to get the idea - yes you are in "cave man

days" with Security. SEE http://www.bluecollarpc.net/allwireless1.html

and here http://www.bluecollarpc.net/myvistapc.html ......

 

You definately want to keep your Vista empowered PCs operating in

Vista Internet Explorer Protected Mode (IE Settings) and also

definately keep using Vista UAC User Accont Control operating and here

is why here http://www.networkworld.com/news/2008/0523...rc=rss-security

...and here http://technet.microsoft.com/en-us/magazin...e/cc138019.aspx

.....and read this

http://bluecollarpc.wordpress.com/2008/06/...ftware-utility/

...and this http://bluecollarpc.wordpress.com/2008/06/...-notifications/

...and sum up here with informed choices

http://www.prevx.com/blog/83/Is-Limited-Us...-%20really.html

 

Apparently you imply you have some very, very dangerous P2P (Peer to

Peer) application scenario going on. This gives complete access to

your PCs by your own hand as the application imposes "Allow to Share

with this Computer" and means both ways - is the security suicide

because you are allowing complete access to all your Files to the

other computer which if a cyber criminal (most likely) now has

everything on your PC on theirs and see P2P Dangers (Peer to Peer file

swapping) here http://bluecollarpc.net/smf/index.php/topic,159.0.html

 

You want proactive quality shareware 24/7 running and a fully patched

PC (Windows Updates - Vista SP1, Service Pack 1 installed) and

generally only paid shareware subscription security software (personal

firewall, antivirus, antispyware) has Real Time Protection - see

heuristics. Now, tell the rest that say this is not neccessary to go

jump in a lake because the vast majority of all users worldwide have

chosen this as their informed choices Security Solution - making the

industry a multi-billion dollar one. They may argur Reformet/Reintall

Windows and see why this is a "unsrupulous pc reapirman scam" ay the

Better Business Bureau and across search engines and here

http://bluecollarpc.wordpress.com/2008/05/...oval-softwares/

 

 

....Okay a major day of security homework is in your face and you r

choice is to get busy I would say and "catch up" - maning in a

friendly and safe and INFORMMED way for your own sake. For the rest

that argue softwares and usage tell them yes the Public knows - in

following your idiotic solutions of feel good in-security we as

Netizens have lost over 45 Billion Dollars in direct eTheft including

ruining our lives via etheft IDThefts. Have a nice day....

 

gerald philly pa usa

webmaster www.BlueColarPC.Net

[Guest gerald3092]

Re: Security discussion regarding hubs, firewalls, anti-virus andVista Security

 

On Aug 21, 6:08 pm, gerald3092 <gerald3...@gmail.com> wrote:<span style="color:blue">

> On Aug 20, 3:38 pm, eganders <egand...@yahoo.com> wrote:

>

>

>

>

><span style="color:green">

> > Security discussion</span>

><span style="color:green">

> > These are a very basic set of questions.  Possibly there is an article

> > on the web that someone can point me to that fully addresses each of

> > these:</span>

><span style="color:green">

> > What security protection should I expect from:</span>

><span style="color:green">

> > a wireless hub/router</span>

><span style="color:green">

> > a software firewall</span>

><span style="color:green">

> > a software anti-virus, anti-trojan program</span>

><span style="color:green">

> > the security built into Vista</span>

><span style="color:green">

> > The reason I ask this is that I have a Linksys wireless hub with a WEP

> > code activated and I also had Zonealarm with Windows XP.  I had my

> > files shared.  I thought that the wireless hub should provide hardware

> > based security from anyone being able to "look" at my files and

> > anything behind the hub.  I found that Zonealarm was giving me a lot

> > of warnings of malware and other outside people finding me and trying

> > to access my computer and that Zonealarm was stopping this.  I don't

> > understand the Linksys hub's capabilities well enough to not ask "why

> > was the hub not keeping these outside intruders out?".</span>

><span style="color:green">

> > I now have Vista and the security it provides is suffocating.  I have

> > a hard time accessing my own files on other computers on my network

> > and you need an ADVANCED IT degree to work around it.  I would think

> > that you could provide a secure "knock'em dead" firewall with a

> > Linksys hub that would allow you to be "naked" behind the firewall so

> > you did not have to deal with security at all once you were safe

> > behind the Linksys firewall.  I think this shows why I need to learn

> > all I can so I don't leave my UAC off (which it is right now).   I

> > want security, but I want to run my business also.</span>

><span style="color:green">

> >  microsoft.public.windows.vista.security</span>

>

> I would be happy to help you and do note the majority of your

> questions are in the general safe computing topically - not Vista

> Security pe se..... I recommend for general "fix me up security wise"

> to visit me (webmaster)www.BlueCollarPC.Netand links to our groups

> for security or here:http://bluecollarpc.net/smf/index.phpand herehttp://www.bluecollarpc.net/joingroup.htmland herehttp://groups.google.com/group/BlueCollarPCand my general Vista Group

> herehttp://tech.groups.yahoo.com/group/Vista-Group/.....

>

> I think you will get a much warmer reception and more important a blow

> by blow help if needed painstakingly. News groups generally do not

> participate as such is the 'coldness' perhaps. Like here - a specific

> concise question with a specific concise answer is the norm. Generally

> and to briefly answer your enormous concerns is that off the bat you

> may have inadvertantly opened your coputer to dangers even security

> software will not help much against, according to setings.

>

> Number one, WEP (64/128bit encryption) has been hacked a good while

> ago and is the same as logging on with 'No Security' settings. You

> want to Upgrade to WPA (256bit encryption) across the board - Router,

> PCs, Periperals (Windows Mobile PC etc). This was released in 2003

> through Windows Updates to get the idea - yes you are in "cave man

> days" with Security. SEEhttp://www.bluecollarpc.net/allwireless1.html

> and herehttp://www.bluecollarpc.net/myvistapc.html......

>

> You definately want to keep your Vista empowered PCs operating in

> Vista Internet Explorer Protected Mode (IE Settings) and also

> definately keep using Vista UAC User Accont Control operating and here

> is why herehttp://www.networkworld.com/news/2008/052308-vistas-uac-spots-rootkit...

> ...and herehttp://technet.microsoft.com/en-us/magazine/cc138019.aspx%3Chttp://te...

> .....and read thishttp://bluecollarpc.wordpress.com/2008/06/15/warning-why-you-should-n...

> ...and thishttp://bluecollarpc.wordpress.com/2008/06/18/more-vista-hacks-not-rec...

> ...and sum up here with informed choiceshttp://www.prevx.com/blog/83/Is-Limited-User-Account-enough-Not-%20re...

>

> Apparently you imply you have some very, very dangerous P2P (Peer to

> Peer) application scenario going on. This gives complete access to

> your PCs by your own hand as the application imposes "Allow to Share

> with this Computer" and means both ways - is the security suicide

> because you are allowing complete access to all your Files to the

> other computer which if a cyber criminal (most likely) now has

> everything on your PC on theirs and see P2P Dangers (Peer to Peer file

> swapping)  herehttp://bluecollarpc.net/smf/index.php/topic,159.0.html

>

> You want proactive quality shareware 24/7 running and a fully patched

> PC (Windows Updates - Vista SP1, Service Pack 1 installed) and

> generally only paid shareware subscription security software (personal

> firewall, antivirus, antispyware) has Real Time Protection - see

> heuristics. Now, tell the rest that say this is not neccessary to go

> jump in a lake because the vast majority of all users worldwide have

> chosen this as their informed choices Security Solution - making the

> industry a multi-billion dollar one. They may argur Reformet/Reintall

> Windows and see why this is a "unsrupulous pc reapirman scam" ay the

> Better Business Bureau and across search engines and herehttp://bluecollarpc.wordpress.com/2008/05/18/threat-removals-reformat...

>

> ....Okay a major day of security homework is in your face and you r

> choice is to get busy I would say and "catch up" - maning in a

> friendly and safe and INFORMMED way for your own sake. For the rest

> that argue softwares and usage tell them yes the Public knows - in

> following your idiotic solutions of feel good in-security we as

> Netizens have lost over 45 Billion Dollars in direct eTheft including

> ruining our lives via etheft IDThefts. Have a nice day....

>

> gerald philly pa usa

> webmasterwww.BlueColarPC.Net- Hide quoted text -

>

> - Show quoted text -</span>

 

As far as Routers, you want the hardware firewalls in them and your

dsl/broadband modem acticvtated and in WPA Personal as minimum log on

security. You also need a quality personal firewall such sa Comodo

installed on all PCs and see Microsoft.com to end these arguments as

far as others saying you don't need personal software firewalls

installed if running hardware (router) firewall. A fool and their

money is soon parted comes to mind. In the new WPA encryption

security a "password" key is added - kind of excatly the same thing as

chosing a password which is then entered into the security settings of

the Routers and is the Security Key. Again even using something like a

WEP Key Generator -- This little tool allows you to create/generate

WEP keys of 128/64 bits length -- again is hacked though that would

make things a tad harder. I have used these on my older Windows Mobile

Computer though now not any longer with the crimeware enviroment today

as NEVER before. Go back on the Router and disallow all other

Computers except yours on the Network by an easy DOS Command Prompt

scenario of inclusion of your PCs IP Number and disclusion of all

others and find that out -How To - easily here at LinkSys Tutorials

http://www.linksys.com/servlet/Satellite?c...d=7681803086B75

 

Get on it bro' .... it gets as easy as pie !

 

gerald philly pa usa

[Guest Kayman]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

On Thu, 21 Aug 2008 16:47:23 +0200, Root Kit wrote:

<span style="color:blue">

> On Thu, 21 Aug 2008 16:26:58 +0700, Kayman

> <kaymanDeleteThis@operamail.com> wrote:

> <span style="color:green">

>>On Wed, 20 Aug 2008 18:14:23 -0700, Steve Riley [MSFT] wrote:

>><span style="color:darkred">

>>>> 7a.If on high-speed internet connection use a router as well.

>>>> For the average homeuser it is suggested blocking both TCP and UDP

>>>> ports 135 ~ 139 and 445 on the router

>>>

>>> It really isn't necessary to create specific "block" rules. Nearly every

>>> router does this automatically; they only permit traffic that's in reply to

>>> some previous outbound request.</span>

>>

>>Thanks for commenting on #7a.

>>Admittedly, I am not familiar with all types/makes of (small busines/home

>>user) routers available.

>>Are you saying to drop this comment completely or, since it is possible

>>that some users may employ routers which will not automatically block the

>>said ports, is paraphrasing the comment sufficient for the purpose? </span>

>

> I'm guessing now, but you probably meant blocking outbound packets

> for mentioned ports. Some advocate doing this in order to also

> "protect the internet from you", so to speak.</span>

 

Yes, I must've gotten my wires twisted when reading Jesper's article in

relation to Vista firewall-outbound filtering.

....you could use another new function in the Windows Vista

firewall¡Xoutbound filtering. An administrator could decide, for instance,

to block all outbound SMB connections (those terminating at ports TCP 135,

139, 445, and UDP 137, 138, 445) in the public profile."

[unquote]

Some users may find configuring the build-in firewall too challenging.

[Guest FromTheRafters]

Re: Security discussion regarding hubs, firewalls, anti-virus and Vista Security

 

"Root Kit" <b__nice@hotmail.com> wrote in message

news:gruqa4tn8guffafcdj9egf1dg4cnimuhvi@4ax.com...<span style="color:blue">

> On Thu, 21 Aug 2008 16:26:58 +0700, Kayman

> <kaymanDeleteThis@operamail.com> wrote:

><span style="color:green">

>>On Wed, 20 Aug 2008 18:14:23 -0700, Steve Riley [MSFT] wrote:

>><span style="color:darkred">

>>>> 7a.If on high-speed internet connection use a router as well.

>>>> For the average homeuser it is suggested blocking both TCP and UDP

>>>> ports 135 ~ 139 and 445 on the router

>>>

>>> It really isn't necessary to create specific "block" rules. Nearly every

>>> router does this automatically; they only permit traffic that's in reply

>>> to

>>> some previous outbound request.</span>

>>

>>Thanks for commenting on #7a.

>>Admittedly, I am not familiar with all types/makes of (small busines/home

>>user) routers available.

>>Are you saying to drop this comment completely or, since it is possible

>>that some users may employ routers which will not automatically block the

>>said ports, is paraphrasing the comment sufficient for the purpose?</span>

>

> I'm guessing now, but you probably meant blocking outbound packets

> for mentioned ports. Some advocate doing this in order to also

> "protect the internet from you", so to speak.</span>

 

I suppose he could phrase it blocking (or not port forwarding) these

ports with these protocols. All incoming init packets are dropped

unless you specifically configure it to allow them in (Stateful Packet

Inspection) but subsequent packets won't stop here. I think the

issue was with software listening on these ports, and the easiest way

to mitigate was to block rather than to remove the offending server

daemon and/or unbind protocols that you don't need binded.

 

Again, it was the default configuration of earlier Windows OSes

at fault. I don't think it is an issue with Vista (at least it shouldn't

be).

[Guest FromTheRafters]

A dedicated firewall is a good thing, but what is a "crawling threat"?

Would you define that as "that which a firewall protects against"?

 

Antivirus/malware protection is a good thing also, but is never

100% effective and should be used only as a back-up for your

otherwise safe computing practices. It's like a bullet proof vest

- you still don't want to be peppered with bullets.

 

Firewalls won't save you from what you invite in, and antiwhatever

won't detect everything (especially the very new). So - it really

shouldn't be called "protection", just part of the security process.

 

It took effort to increase security in previous MS OSes, now it

takes effort for an "ease-of-use" slightly reduced security. Better

this way because those unable or unwilling to go beyond using

the computer as a household appliance will present a more secure

surface to the outside world. If you like using the computer as a

computer (rather than an appliance) and are a capable computer

user then by all means tweak to your hearts content. Vista can be

made as un-secure as most any other MS OS. They didn't lock

users in to the new paradigm - they just made it the default.

 

"mike-cow" <guest@unknown-email.com> wrote in message

news:79d10fbdd313d07b1e4bd4e21ec5e8aa@nntp-gateway.com...<span style="color:blue">

>

> My take is as follows; Protect myself from crawling threats on the

> internet by a dedicated firewall, protect myself from software threats

> with antivirus/malware protection. If those two factors are properly

> setup, all other securitymeasures are redundant and wastes resources.

> Perhaps I suffer from a 1% higher risk of infection over a period of a

> few years, but it doesn't seem so this far. I have disabled all the

> securityfeatures of windows, because I don't see a need for them. I

> wouldn't do this to a systemcritical computer or if I had sensitive

> information on the computer though, but this is a computer for games and

> internet... If it goes down, I reinstall it (hasn't happened yet...).

>

> Linux firewalls are free and safe enough to use for business if setup

> with the right knowledge.

>

> Most new routers come with SPI (stateful packet inspection) which only

> accepts incoming traffic from servers you sent outgoing traffic to, and

> that's usually enough for protection at home.

>

>

> --

> mike-cow </span>