Broadband and security

I am on dial up but plan to go broadband. Will I need extra security? I have read that there may be a vulnerability while the computer is booting if a security prog is a little late loading. But I understand the wireless router has a firewall.

Current security: NAV2004/SpywareGuard/SpywareBaster/Spybot S&D/AdAware free version/ZA Free firewall in stealth mode/ProcessGuard free version/MS Anti Spyware/Bazooka Adware Spyware Scanner/WinPatrol free version

Feel free to add any comment on any aspect i may not be aware of
Thanks in advance

PS sorry if this is posted in wrong area

 

HI hopetobesafe, If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer to be on the safe side. To be honest your security looks ok, but if you want to add some more apps or harden your system please take alook @ this thread;

https://www.wilderssecurity.com/showthread.php?t=88785&highlight=hardenit

Hope this helps

T

 

Hi Tom772

Thanks for reply. i am not sure what you write "If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer"

I will have a wireless router and a USB adapter as the computer is not wifi enabled. Do you mean unplug the USB adapter or should I plug the router out till my security progs have loaded. Thanks for the link to more security

Regards

hopetobesafe

 

Hi Tom772

My last post should read :

Thanks for reply. I am not sure what you mean* when you write "If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer"

I will have a wireless router and a USB adapter as the computer is not wifi enabled. Do you mean unplug the USB adapter or should I plug the router out till my security progs have loaded. Thanks for the link to more security. Sorry for any confusion *left out the words "what you mean when"

Regards

hopetobesafe

 

Hi hopetobesafe,

Whether you're on dial up or broadband there is still a concern over a, vulnerability while the computer is booting if a security prog is a little late loading, as you mention.


Somebody else was asking about this before, but i don't know where the thread is to post it for you ! But here's the link i saved that the thread referred to as a possible solution, which will achieve exactly what you want

. . .

I noticed a thread the other day about peoples genuine concerns about the possiblity of their computer being Unprotected during Boot Time, due to Firewall/System start up delays.

etc

So you can relax safe in the knowledge that once built/tested correctly and installed, there will be NO more doubt about possible boot up security breaches due to Firewall/System delays.

etc

http://www.dslreports.com/forum/remark,13317667

. . .


StevieO

 

Why not just manually connect out *after* booting has completed?

-rich
________________
~~Be ALERT!!! ~~

 

This is what I do not understand. I am told that when on broadband there is an 'always on' connection and that the computer is connected to the net as soon as it is booted. Hence the concern there may be a window of opportunity for malware if a prog is late loading. can someone explain -in simple language! - is it possible to have the PC on but NOT connected to net with broadband

Many thanks for replies

 

Hi,

With regard to your question "is it possible to have the PC on but NOT connected to net with broadband " the answer is Yes, but with provisos !

As Rmus mentioned you can set a so called "Dial Up" connection even on broadband, as i have done. It is slightly confusing being called "Dial Up" but that's what MS have called it.

If you do this, then before any connection with your ISP takes place, for example launching your browser, you will get the box shown in my Screen Shot i've done for you. If you choose NOT to save the password, then it won't auto connect without entering it, for safety which is much better i think, and what i do.

http://img386.imageshack.us/img386/4638/dialup14ut.png

If you use IE then go to IE Tools/Options/Connections/Settings and Select/Change as you require.

I think it's wise to physically disconnect the PC from the internet via the wall socket if it's not being used, as an extra defense, just in case anyway !


StevieO

 

I think that's wise; I had this option checked for many years, and not until recently did I realize what could happen. During a test of a trojan, the computer auto-dialed out. When I unchecked as you show, the prompt box prevented the auto-connect.

-rich
________________
~~Be ALERT!!! ~~

 

Nice schematic spanner.

 

I really don't think it's necessary to have anything more than ZA and a NAT (which is built into most broadband modems). ZA should start up plenty early, and with the other security you have installed you shouldn't be getting trojan installs anyway. What I would be more concerned with is securing the wi-fi connection so outsiders can't just leach off your service. There are some programs out there to simplify this, but most of what you'll want to do is sit down with the modem for a while and go through the options, use all available security options that you can. A lot of it's pretty straight forward, but it won't make a lot of sense until you are actually looking at the modem configuration screen.

 

I told you Stevio was spanner.

Hey Stevio where are you keeping your rootkit treasure trove these days?
Wilder deleted every single one of your posts as a registered member so I can;t find it.

 

Wo nelly....I was implying that the schematic contained in Stevio's link he posted was nice by Spanner....not that Stevio is Spanner

PM me and we'll discuss it....oh wait we can't ?

 

Thanks guys. Another thing occurred to me . Won't I then have a static IP?How do I block this and referrers?

 

Hi again, The link steveO has given you is kinda what i was trying to explain, even though you have broadband it dosnt mean you always have to stay connected. With a dial up modem just unplug it from the wall when you are not connected to the net. As for a NAT router it has a built in firewall that blocks incoming connections, but you can still disconnect from the net using the router browser interface when you are not downloading or surfing.

Happy surfing

T

 

Guest post removed given the fact Admin decisions are not open for discussion.

 

What do you mean leach off my service. How far away would the outsiders have to be
Thanks

 

Hi,

Bubba, i have passed your kind remarks on and it was appreciated.

Deviladvocate, why do think i'm him ? Quite a few of us on wilders know him and are still in regular contact with him, and why not ! As you asked about that info it's here along with some other stuff too

http://www.testing.onlytherightansw...orum&f=9&sid=3fd9fc154f361bc02c9b3c49d988d69a


StevieO

 

Nice recovery... *wink*

I already checked the link before i asked, it doesn't work.
StevieO[/QUOTE]

 

deviladvocate,

I just tried the links, and DL the file perfectly.

If you want the direct link that the other one refers too, as i did the above from it's below. But you have to rename the jpg to zip as it's supposed to be an image upload site, then unzip it into a new folder.

If it still doesn't work then it must be something at your end !

http://img154.echo.cx/img154/9255/rootkitdetectiontreasuretrove4.jpg


StevieO

 

If you leave it totally open then anyone will be able to join the network and use your internet service. That's not good if they decide to download something illegal. If you go through the settings and set it up so that only your computers can use the internet, then they won't be able to, and that's what you should be most concerned with. You can also encrypt the traffic so that they can't easily see what information you're passing across the internet. How this is all set up is dependant on the modem, but WEP/WAP and limiting who can join the network is standard. Setting it all up will make a lot more sense once you actually get the modem and are looking a the config screen, but here's a link to get you going: http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx

 

Thanks Notok

I am on a standalone PC and not a network. No other computers in the house Or do you mean the ISP network.Thanks for your patience
The link on your post to hardening is very helpful - Hope

 

Thanks Spanner, it worked with IE, I didn't know it was supposed to be a zip file and firefox couldnt display it cos it thought it was jpg file.

The info there seems a bit dated, since it's lacking some of the later tools, do you mind if I modify it all and post it here?

 

If you're going wireless you'll still want to do all the same things, it'll just be a little easier

 

Hi DA 232/deviladvocate etc etc,

If you want to change my name as well as yours that's fine with me i suppose, except for some people it's going to be a bit confusing, so i think it's best to keep things as they were !

I've asked and he doesn't mind if you add to and update it, as there are newer versions and Apps etc, like Joanna's System Virginity Verifier 1.0 and the English IceSword etc which would compliment all the other stuff and info etc. What a "few" others may say about it being posted is a different matter.

A lot of the existing info and Apps etc, i feel anyway, are still relevent and valid though, and would still be useful to people i'm sure.


StevieO