Broadband and security

Discussion in 'privacy technology' started by hopetobesafe, Oct 14, 2005.

Thread Status:
Not open for further replies.
  1. hopetobesafe

    hopetobesafe Guest

    I am on dial up but plan to go broadband. Will I need extra security? I have read that there may be a vulnerability while the computer is booting if a security prog is a little late loading. But I understand the wireless router has a firewall.

    Current security: NAV2004/SpywareGuard/SpywareBaster/Spybot S&D/AdAware free version/ZA Free firewall in stealth mode/ProcessGuard free version/MS Anti Spyware/Bazooka Adware Spyware Scanner/WinPatrol free version

    Feel free to add any comment on any aspect i may not be aware of
    Thanks in advance

    PS sorry if this is posted in wrong area
     
  2. Tom772

    Tom772 Guest

    HI hopetobesafe:), If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer to be on the safe side. To be honest your security looks ok, but if you want to add some more apps or harden your system please take alook @ this thread;

    https://www.wilderssecurity.com/showthread.php?t=88785&highlight=hardenit

    Hope this helps

    T
     
  3. hopetobesafe

    hopetobesafe Guest

    Hi Tom772

    Thanks for reply. i am not sure what you write "If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer"

    I will have a wireless router and a USB adapter as the computer is not wifi enabled. Do you mean unplug the USB adapter or should I plug the router out till my security progs have loaded. Thanks for the link to more security

    Regards

    hopetobesafe
     
  4. hopetobesafe

    hopetobesafe Guest

    Hi Tom772

    My last post should read :

    Thanks for reply. I am not sure what you mean* when you write "If your running a router why not just disconnect from the net, then unplug the ethernet cable from your computer"

    I will have a wireless router and a USB adapter as the computer is not wifi enabled. Do you mean unplug the USB adapter or should I plug the router out till my security progs have loaded. Thanks for the link to more security. Sorry for any confusion *left out the words "what you mean when"

    Regards

    hopetobesafe
     
  5. StevieO

    StevieO Guest

    Hi hopetobesafe,

    Whether you're on dial up or broadband there is still a concern over a, vulnerability while the computer is booting if a security prog is a little late loading, as you mention.


    Somebody else was asking about this before, but i don't know where the thread is to post it for you ! But here's the link i saved that the thread referred to as a possible solution, which will achieve exactly what you want

    . . .

    I noticed a thread the other day about peoples genuine concerns about the possiblity of their computer being Unprotected during Boot Time, due to Firewall/System start up delays.

    etc

    So you can relax safe in the knowledge that once built/tested correctly and installed, there will be NO more doubt about possible boot up security breaches due to Firewall/System delays.

    etc

    http://www.dslreports.com/forum/remark,13317667

    . . .


    StevieO
     
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Why not just manually connect out *after* booting has completed?

    -rich
    ________________
    ~~Be ALERT!!! ~~
     
  7. hopetobesafe

    hopetobesafe Guest

    This is what I do not understand. I am told that when on broadband there is an 'always on' connection and that the computer is connected to the net as soon as it is booted. Hence the concern there may be a window of opportunity for malware if a prog is late loading. can someone explain -in simple language! - is it possible to have the PC on but NOT connected to net with broadband

    Many thanks for replies
     
  8. StevieO

    StevieO Guest

    Hi,

    With regard to your question "is it possible to have the PC on but NOT connected to net with broadband " the answer is Yes, but with provisos !

    As Rmus mentioned you can set a so called "Dial Up" connection even on broadband, as i have done. It is slightly confusing being called "Dial Up" but that's what MS have called it.

    If you do this, then before any connection with your ISP takes place, for example launching your browser, you will get the box shown in my Screen Shot i've done for you. If you choose NOT to save the password, then it won't auto connect without entering it, for safety which is much better i think, and what i do.

    http://img386.imageshack.us/img386/4638/dialup14ut.png

    If you use IE then go to IE Tools/Options/Connections/Settings and Select/Change as you require.

    I think it's wise to physically disconnect the PC from the internet via the wall socket if it's not being used, as an extra defense, just in case anyway !


    StevieO
     
  9. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I think that's wise; I had this option checked for many years, and not until recently did I realize what could happen. During a test of a trojan, the computer auto-dialed out. When I unchecked as you show, the prompt box prevented the auto-connect.

    -rich
    ________________
    ~~Be ALERT!!! ~~
     
  10. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Nice schematic spanner.
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I really don't think it's necessary to have anything more than ZA and a NAT (which is built into most broadband modems). ZA should start up plenty early, and with the other security you have installed you shouldn't be getting trojan installs anyway. What I would be more concerned with is securing the wi-fi connection so outsiders can't just leach off your service. There are some programs out there to simplify this, but most of what you'll want to do is sit down with the modem for a while and go through the options, use all available security options that you can. A lot of it's pretty straight forward, but it won't make a lot of sense until you are actually looking at the modem configuration screen.
     
  12. I told you Stevio was spanner. :)

    Hey Stevio where are you keeping your rootkit treasure trove these days?
    Wilder deleted every single one of your posts as a registered member so I can;t find it.
     
  13. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Wo nelly....I was implying that the schematic contained in Stevio's link he posted was nice by Spanner....not that Stevio is Spanner :doubt:

    PM me and we'll discuss it....oh wait we can't ?
     
  14. hopetobesafe

    hopetobesafe Guest

    Thanks guys. Another thing occurred to me . Won't I then have a static IP?How do I block this and referrers?
     
  15. Tom772

    Tom772 Guest

    Hi again, The link steveO has given you is kinda what i was trying to explain, even though you have broadband it dosnt mean you always have to stay connected. With a dial up modem just unplug it from the wall when you are not connected to the net. As for a NAT router it has a built in firewall that blocks incoming connections, but you can still disconnect from the net using the router browser interface when you are not downloading or surfing.

    Happy surfing

    T
     
  16. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Guest post removed given the fact Admin decisions are not open for discussion.
     
  17. hopetobesafe

    hopetobesafe Guest

    What do you mean leach off my service. How far away would the outsiders have to be
    Thanks
     
  18. StevieO

    StevieO Guest

  19. Nice recovery... *wink*


    I already checked the link before i asked, it doesn't work.
    StevieO[/QUOTE]
     
  20. StevieO

    StevieO Guest

    deviladvocate,

    I just tried the links, and DL the file perfectly.

    If you want the direct link that the other one refers too, as i did the above from it's below. But you have to rename the jpg to zip as it's supposed to be an image upload site, then unzip it into a new folder.

    If it still doesn't work then it must be something at your end !

    http://img154.echo.cx/img154/9255/rootkitdetectiontreasuretrove4.jpg


    StevieO
     
  21. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you leave it totally open then anyone will be able to join the network and use your internet service. That's not good if they decide to download something illegal. If you go through the settings and set it up so that only your computers can use the internet, then they won't be able to, and that's what you should be most concerned with. You can also encrypt the traffic so that they can't easily see what information you're passing across the internet. How this is all set up is dependant on the modem, but WEP/WAP and limiting who can join the network is standard. Setting it all up will make a lot more sense once you actually get the modem and are looking a the config screen, but here's a link to get you going: http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05february10.mspx
     
  22. hopetobesafe

    hopetobesafe Guest

    Thanks Notok

    I am on a standalone PC and not a network. No other computers in the house Or do you mean the ISP network.Thanks for your patience
    The link on your post to hardening is very helpful :) - Hope
     
  23. DA 232

    DA 232 Guest

    Thanks Spanner, it worked with IE, I didn't know it was supposed to be a zip file and firefox couldnt display it cos it thought it was jpg file.

    The info there seems a bit dated, since it's lacking some of the later tools, do you mind if I modify it all and post it here?
     
  24. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you're going wireless you'll still want to do all the same things, it'll just be a little easier :)
     
  25. StevieO

    StevieO Guest

    Hi DA 232/deviladvocate etc etc,

    If you want to change my name as well as yours that's fine with me i suppose, except for some people it's going to be a bit confusing, so i think it's best to keep things as they were !

    I've asked and he doesn't mind if you add to and update it, as there are newer versions and Apps etc, like Joanna's System Virginity Verifier 1.0 and the English IceSword etc which would compliment all the other stuff and info etc. What a "few" others may say about it being posted is a different matter.

    A lot of the existing info and Apps etc, i feel anyway, are still relevent and valid though, and would still be useful to people i'm sure.


    StevieO
     
Loading...
Thread Status:
Not open for further replies.