|
|
| Post Number: 1
|
Observer 
I once watched, but I have left.
Group: Members
Posts: 912
Joined: May 2000
|
 |
Posted on: Oct. 11 2001,23:03 |
|
   |
So I was chatting with someone and they mentioned that they run a firewall to keep the kiddies out of their box. It got me thinking, why run a personal firewall if:
- You aren't serving anything (HTTP, FTP, SSH, File & Print Shares, etc.)
- NetBIOS is disabled (or just doesn't reveal any useful info)
- You don't run trojans/spyware.
- You are the only one who uses your computer.
If those criteria are met, isn't a personal firewall just a waste of resources? Other than a ping flood, what could a person gain by portscanning your computer? Now I realize with NT/2K there are some ports that would have to be blocked, but I wondered what all your experience has led you to believe. ------------------
When 1337 hax0rs start impaling each other with swords and typing code with a hook on one hand, then they can modify the term "pirate."
|
 |
|
|
| Post Number: 2
|
MattimeoZ80
Purveyor of Untimely Wisdom
Group: Members
Posts: 397
Joined: Nov. 2000
|
|
Posted on: Oct. 11 2001,23:14 |
|
 |
i run zonealarm "just in case" (tm). i don't know, even if they can't hack, i still wouldn't want to be on a list of computers that can be pinged. zonealarm hasn't interfered with anything so far; you can set what programs can receive incoming connections and whatnot, and best of all its free.
|
|
|
|
| Post Number: 3
|
CatKnight
Jedi Republican
Group: Members
Posts: 3807
Joined: Dec. 2000
|
|
Posted on: Oct. 11 2001,23:31 |
|
|
zonealaram is useful for preventing some programs from having internet access (like windvd...why the fuck does windvd need to connect to the internet?). Unfortunately it is really useless otherwise because programs can still do stuff you don't want them to do. For example, in order to surf the web you have to give access to win32 services. other programs can use it to get out, bypassing zone alarm. it can't distunguish from legitimate uses and harmful stuff within a program.
|
|
|
|
| Post Number: 4
|
askheaves
Ack!!!
Group: Members
Posts: 1955
Joined: Sep. 2000
|
|
Posted on: Oct. 12 2001,00:07 |
|
|
I have ISA set up on my server computer, with all ports wide open, no patches installed, and directly connected to the internet. I think it's time I learn something about networking.
|
|
|
|
| Post Number: 5
|
Beldurin
Mayor of Detnet
Group: Members
Posts: 1242
Joined: Aug. 2001
|
|
Posted on: Oct. 12 2001,14:04 |
|
|
quote:
Originally posted by askheaves:
I have ISA set up on my server computer, with all ports wide open, no patches installed, and directly connected to the internet. I think it's time I learn something about networking.
lol...naw, you sound a lot like the network admin at my last job. Personally, I run my house behind a linux router which acts as a pseudo firewall. I just disabled ftp and telnet on it, installed ssh, set the hosts.deny to all and the hosts.allow to a set list if IP's that I could possibly be connecting from (work, my friend's house, etc.). This works well enough for me. ------------------
quote:
Originally posted by Dark-Angel99:
How come {name removed} doesn't like you? I find you really funny :D
Never argue with an idiot...he may be doing the same thing
|
|
|
|
| Post Number: 6
|
incubus
mack daddy
Group: Admins
Posts: 1316
Joined: May 2000
|
|
Posted on: Oct. 12 2001,21:45 |
|
|
Do you run ipchains too?
|
|
|
|
| Post Number: 7
|
|
|
| Post Number: 8
|
|
|
| Post Number: 9
|
|
|
| Post Number: 10
|
|
|
|
|
|
