Realistic dangers for average Joe?

Discussion in 'other firewalls' started by Audie, Jul 18, 2002.

Thread Status:
Not open for further replies.
  1. Audie

    Audie Registered Member

    Joined:
    Jul 18, 2002
    Posts:
    3
    Hi.

    If the following question seems ridiculously rookie-like, please forgive me... I, of course, am a rookie. I have a dsl connection, and generally leave the computer on all the time. Is there a realistic danger that by not having any security program that my pc could be compromised? It is not part of a home business, there is really nothing too personal on it (bank account numbers and such), and I don't think I really have anything that a hacker-type might be interested in. I play a fair amount of online games, so my IP is probably pretty visible (although I'm never the one hosting a server). Are random attacks for fun (some 10 year old pasty geek " seeing what he can do") common? Do people deliberately look for the "Average Joe" to get info? I think my fear is I'd hate to have my information fiddled with in such a way that I'd lose files (even though I back up onto CD fairly frequently). Any thoughts?
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Audi,

    Apologies for not answering to your question. Since you are our 1000th registered member, we do have a nice bonus waiting for you: a fully registered copy from the top notch anti-trojan TDS3. Please contact me soon (email: webmaster@wilders.org ) in order to deal with the formalities.

    Welcome :D

    regards.

    paul
     
  3. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    Hi Audie! You have great luck! Your protection begins with the best antitrojan in the business! Yes you do need protection on the Net! Get a good solid Antivirus Program, one that comes with regular updates. There are freeware and payforware versions. You need an anti-spy/ad-ware program too. This is the right place to be. Wilders is all about Security.

    So guys, what would you suggest he get, to get up and running protections? ;)
     
  4. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Welcome, Audi! (And, congratulations, BTW!).

    When you ask "Is there a realistic danger that by not having any security program that my pc could be compromised?" , the answer is an uncompromising "Yes!.

    Your PC could already be infected with any number of things, (trojan or back-door-like programs) especially if you're a gamer.

    By "not having any security program", do you mean that you just have an anti-virus program and nothing else? (No firewall and no anti-trojan/worm program?).

    Well, come to think of it, you do now have TDS (you need to get that up and running ASAP, to check for the 'nastier' of the 'nasties' - a lot of which won't even be picked up by your AV program).

    Have you ever had and used AdAware? SpyBotSearch and Destroy? Anything like that?

    More details (especially what OS you use and your primary browser) would be helpful, too. Pete
     
  5. Audie

    Audie Registered Member

    Joined:
    Jul 18, 2002
    Posts:
    3
    !

    I'm not sure what you're talking about, but did I really get something? I hope it's not some kind of forum joke on the noob... If it's for real, that sounds great (In the meantime, I'll contact the forum admin to see if it's true. I hope it is.)

    I am pretty familiar with the need for anti-virus software, and have a fairly current version of Norton (which fairly frequently auto-updates), and I'm running Win ME as my OS, with IE as my browser. I never use Outlook for email (I don't even have it set up) but I do use it for newsgroups. As for the other security programs you've mentioned, I may have heard their names in passing, but have never used them. Not to sound completely obtuse, but I had felt that the people most at risk of problems are "known" entities/servers (Microsoft, Yahoo, banks, online shopping sites, etc.) rather than independant users. I guess I'm still wondering if it is very common for the average user with a semi-fixed IP (mine is not guaranteed, although the provider said it 'should' stay the same) to get zapped.

    I have a feeling that popups from, shall we say, 'grown-up' sites, can and often do run strange little applets that screw with browser settings (adding things to your favorites without your knowledge/approval), and possibly get info from your email programs (like those net crawlers that get email addresses for spam), and quite often opening windows that apparently can't be closed (which I am afraid to click anything in, so I force-quit the application. Sometimes it won't even allow that!) I guess I'm wondering that rather than being just a nuisance, can these things possibly damage my hardware?

    Another issue which I forsee; in what way will security programs affect my gaming. I have heard from quite a few people who can't run voice-comm software because they have an issue with their firewall. Likely it will also affect my interaction with a game host? (higher pings, lag...)
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Audi,

    It's for real alright; check your inbox! ;)

    regards.

    paul
     
  7. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    A good firewall for a newcomer would be Zone Alarm (free edition). As you learn more you may want to switch to ones with user-defined rulesets, but ZA will give you good protection until you're ready to progress. AVG is a reasonable anti-virus and free, as is Alert!Home. As Pete mentioned, Adaware is practically essential. TDS-3 is a beauty and you'll grow into it in no time. SpyBlocker will trap popups, web-based worms, cookies, scripts and advertisements (but it's 30 days free, payware after that) and you'll just have to install ID-Blocker to keep your anonymity. JAP is a freeware anonymous proxy, but most of all get The Proxomitron! That's free too - there's a lot a freeware out there written by good people with excellent intentions. There's a lot of good payware, too - but call here before spending your money since there are sharks out there too!

    Check www.wilders.org for lists and download links, and if there's anything in particular you're interested in, ask and we'll try to provide direct links.

    Oh, and make sure your OS is up-to-date with all the latest patches. Consider MailWasher to protect you from email nasties and spam. ScriptSentry for your browser - and how could I forget AdShield?

    Hey, guys! What did I forget? :)
     
  8. Audie

    Audie Registered Member

    Joined:
    Jul 18, 2002
    Posts:
    3
    My head's spinning from all the info! Wow, I think I need to take baby steps here. When adding all this new security software, is a precondition that your pc is virus-free? I mean, that is what we all want, and I have no specific reason to think my computer is infected (although it has it's funny moments), and supposedly anti-virus protects from this, but of course there will always be the newest cutting edge workaround someone comes up with, which might already be on my computer. Should I go for a clean slate and start from scratch (re-formatting for example.)? I'm in no rush, and I plan to check into all these suggestions of programs first before adding or removing anything, these are just things that are coming to mind.
     
  9. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Audie,

    Sure's coming a lot of info your way! I suggest (no offense ment, dear members!) picking up on Pete's post. Answer his questions - and he'll walk you through it from the start, step by step.

    regards.

    paul
     
  10. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Just in case, you might want to drop by

    http://housecall.antivirus.com/housecall/start_corp.asp

    and do an online virus scan, ought to pick up most anything.

    Zonealarm, as Checkout said, is good for Newbies, but not so good for online gamers. I am an avid online gamer myself, and Zonealarm has to be shut down completely for many of my games to play at all, much less get online. Of course more games work with ZA if you are never the server, but I am most always the server. I have also encountered many games (Ghost Recon, Empire Earth, for example) taht absolutely freeze when told to go "multiplayer" and Zonealarm is running. Sygate Personal Firewall is what I know use, and I have not changed around teh default settings; it is much better at "holding" a program while asking you if that program may access the internet.
     
  11. Pretender

    Pretender Registered Member

    Joined:
    Apr 23, 2002
    Posts:
    670
    Location:
    Virtual Paradise
    Congratulations Audie. You've come to one of the best information resource sites on the web!!!!!!!

    can i get something for that comment paul?!? just kidding
     
  12. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Pretender,

    Sure! Just earned yourself your first "applaud" :D

    regards.

    paul
     
  13. Raygun

    Raygun Registered Member

    Joined:
    Apr 24, 2002
    Posts:
    31
    Location:
    The Beach!
    Audie you lucky dog you! :) congratz!


    I won't add to the plethora of information because these guys are great and will walk you through any tough spots along your way.

    I just wanted to post some percentages on how I have been hit from the net. Being about in the same boat as you with an ISP that pretty much keeps my IP the same but does change like 2-3 times a year. I also play a few on-line games.

    In the last 90 days I have had 295 Suspicious attacks and 2 Critical
    If those two critical were not blocked it's very possible they could have done damage. That's people knocking at the door so to speak. You also should watch for trojans, it's the most common way a true hacker gets in. Best of luck to you!

    Hmm, I came back to add something of interest. I have been hit by random IP's with in a range that is owned and run by some college here in the U.S.
    This is most likely some kid that is learning in school and is out to try his hand, I know not if the intensions are evil. However I will never know as with a firewall I was able to block that entire range of IP's and no one from that college will be bothering me again!
     
  14. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    Welcome Audie, communication software and online games should have no problems with "most" firewalls. Problems do arise when there is a lack of control to set the rules the way you like. Hardware firewalls/routers are far worse for causing problems with online games and voice over net progs.

    My old vid-game clan members used to get really tired of me having issues with roger wilco and gamevoice. YTou probably know people like that!

    ZA although a great first firewall (my first back when I had never heard of any other) but may not be perfect for your circumstances. Most people here know I am a big proponent for rules based firewalls as opposed to the aplication based firewalls like ZA, and this is a good example of when rules based firewalls shine. Unfortunately, these firewalls ARE more difficult to learn, but it will be worth it. My favorite firewall Kerio Personal Firewall found at http://www.kerio.com/us/kpf_home.html really isn't as hard to learn as some people say though, I'm sure you'll do fine. I think the hardest part is deciding which obscure system apps canhit the net and which ones can't. Some firewalls don't ask you, they have those apps's access rights preconfigured (and I hate that)

    Regardless which firewall you choose, it will be better than nothing.

    cheers,
    Allan
     
  15. octogen

    octogen Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    212
    Congratulations and welcome, from one newbie to another.
    As The Pretender wrote, this is one of the best sites for computer security info. I hear that TDS is about as good as it gets when it comes to Anti-Trojan programs. I would love to use it to supplement my BOClean (another excellent product) when I get sufficient funds. BOClean, BTW, is only a memory resident scanner, albeit a very good one.
    Like Allan (Unicron), I am partial to rule-based firewalls. I use Kerio and have had no problems...really stable and light on computer resources. I used to use ZA free, but switched to Kerio because I like the greater flexibility and control that you get from a rule-based firewall. I didn't find Kerio that difficult to setup, and believe me, I am about as newbie as they get when it comes to computer security. I would suggest visiting www.dslreports.com, bring up the Kerio/Tiny forum and click on the FAQ link to get you started. I would also read the forum entries there, since there a lot of knowledgeable people there as well. There is also a users' group you can join at groups.yahoo.com/group/keriofirewall/ Hope this helps.
     
  16. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Audie - there are certain programs which are basically of the 'download/install/turn on and forget' variety which I have always found to be of great value across all platforms, due to their versatility.

    These programs are as follows (and all are freeware) :

    Zeroclick, SockLock and HTAstop (all from http://privsoft.com/ ). And DSOstop2 from them, here: http://www.nsclean.com/dsostop.html

    noscript.exe from here: http://securityresponse.symantec.com/avcenter/venc/data/win.script.hosting.html

    You need a script-control program of some sort, too (I use Scriptrap, from here: http://keir.net/ , but ScriptSentry is excellent, too: http://www.jasons-toolbox.com/scriptsentry.asp ).

    Also from J.Levine, use IRCBotDetector, to see if anyone's already using your computer for their own purposes: http://www.jasons-toolbox.com/IRCBot-Detector.asp

    To keep your homepage from being hi-jacked (until something better comes along) use StartPageGuard from here: http://www.networkingfiles.com/SecurityApps/startpageguard.htm .

    Get the Comdlg32 Registry Path Eraser from here, too: http://www.spywareinfoforum.com/downloads.html

    All these programs are quite easy to set-up, and I wouldn't hit the 'Net without all of them going. They're extremely light on resources and small in size.

    Let us know how it goes! Pete
     
  17. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Pete, you're a walking encyclopedia! :)

    Have a Karma Cookie on me!
     
  18. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Audie,

    Just follow this link with tips and you'll be safe!

    http://www.claymania.com/safe-hex.html


    Technodrome
     
  19. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
  20. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    spy1? Thanks for posting those links. Even I can benefit from them! You are a real trooper! :cool:
    I have a link here that Audie (or anyone) can use to get some good advice about security needs. spy1 is probably familiar with TomCat.

    http://www.tom-cat.com/security.html

    It will help give you some idea of the scope of this subject along with good advice and (mostly) freeware help. They are a good outfit and do watchdogging for spyware etc.
     
  21. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    You're quite welcome. Pete
     
  22. NetWatchman

    NetWatchman Security Expert

    Joined:
    Jul 24, 2002
    Posts:
    31
    The biggest mis-conceptions of "average Joe":

    1) There's nothing important on my system, so I'm not a target.

    They don't want what's ON your system...they want the system itself (CPU, disk space) AND the bandwidth of your CONNECTION.

    So even if you have not important info, people want your PC so that they can turn it into a Warez server (serve up Gigs of pirated games/movies, etc..) to their friends.

    OR...more importantly, they want to own your system so that they can use your power and bandwidth to blast (DDoS) people off the net they don't like.

    2) I'm not running a public server (web, ftp, etc..) so hackers will never find me.

    99% of system compromises occur through the use of automated worms..NOT hackers manually scanning IP addresses. Depending on the worm, there are literally 10's of thousands of worm-infected hosts on the net at any given time...each scanning 100s of IP addresses per SECOND.

    For the most prolific worms (e.g. Code Red/Nimda) I estimate that all 4 Billion possible IP address combinations are attempted to be infected at least once every 4-8 HOURS. So if you plug a vulnerable box into the Net...I don't care if it is on a T1, cable, DSL, dialup, or unshielded twisted barbed wire...it will get hacked VERY quickly.

    Worms that propagate through Microsoft Open File shares (the single biggest vulnerability on the net, IMHO) don't propagate quite as fast, but I predict they will be the next major "worm" issue as the number of system vunlerable to this kind of attack is in the millions.


    The other biggie is XP's Universal Plug-n-play (uPNP)...it had a major vulnerability right out of the box and was enabled by default...they only thing saving us there is I don't think the hacker community has figure dout the details of the exploit so no one has written a worm to use it yet.


    Bottom line, everyone should have Virus, Firewall, Email handling procedures.

    If you want to learn more about security, start paying reviewing your firewall logs and trying to understand what they mean (I try to facilitate that process with my log analysis/aggregation system http://www.mynetwatchman.com )
     
  23. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    A copy of the above should be pinned in the FAQ forum, IMO. Good job.
     
  24. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    In response to WinXP's Universal Plug and Play Raw Socket, you can plug it with Steve Gibson's little freeware app called UnPlug n' Pray available from grc.com. See below:

    http://grc.com/freehistorical.htm
     
Thread Status:
Not open for further replies.