several questions related to security

Discussion in 'other security issues & news' started by hagabooq, Jan 12, 2008.

Thread Status:
Not open for further replies.
  1. hagabooq

    hagabooq Registered Member

    Joined:
    Jan 12, 2008
    Posts:
    4
    hi
    i have several questions and i really cant classify them to post them in the right sub forum ... here they are


    1) does setting a password on the BIOS access prevent malware form writing themselves to the BIOS memory

    2) my mobo doesn't have a physical jumper to prevent flashing to the BIOS, but there is an option in Advanced BIOS settings title "No execute memory protection".. its description is " when disabled, it forces NX feature flag to always return 0

    if i disable it , will this prevent ANY writing/altering to the BIOS by MALWARES or even flashing the bios for upgrade


    3)is it possible to restrict the launch of a certain program on the computer to a hardware device.. i think its called a dongle..... how to do so ? how secure is it , ie can the dongle encryption method be cracked?

    4) i have just found out i have a modem+router device that has no hardware firewall.... i wasn't the one who made the setup so.. anyway, my current router is a repotec RP-IP1800 (i am not sure if it has a hardware firewall or not but i read on a forum that i can add SPI firewall by a certain firmware update)

    i would like to know how secure it to use that router, is it safe to use it for internet access when i will be doing online banking and other sensitive uses
    if so how to configure it for maximum security

    i checked and it has NATP enabled... is this enough or not?

    5) i use a network setup where several computers share the same internet connection but we don't allow file sharing or any type of sharing but internet

    connection.. my question is how secure my pc is in that setup since i don't have control over the other pc and i strongly doubt that there are secure enough as their users dont take online security seriously..

    6) how can a router+adsl modem be a source of malware infection, can it be infected it self , how it is used by malwares to harm users --- i have just
    realized that routers+modem are security related, i always thought they are just dumb devices that allow net access and thats it


    thanks
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    It's buffer overflow protection (DEP)
     
  3. hagabooq

    hagabooq Registered Member

    Joined:
    Jan 12, 2008
    Posts:
    4
    thanks for the reply

    would anybody kindly put his 2 cents here :D
     
  4. Jomsviking

    Jomsviking Registered Member

    Joined:
    Apr 16, 2007
    Posts:
    55
    Hi hagabooq

    I am not sure I understand your questions, but here go my 2 cents:

    I have no experience with your router brand, but I would check the manufacturer's home page, update to the most recent firmware and read the documentation. When specific questions arise, post them here.
    You can do sensitive operations on the internet without having a router, provided your operating system is properly secured and a software firewall is up and working.


    If no type of sharing is in place and your own system is secured with an active firewall (check the allowed exceptions/rules and make sure they correspond to safe applications), you should not have much problems. If your setup is wireless, parts of your traffic can be sniffed though.

    Routers provide networking possibilities. If someone can access the router as administrator (set up a decent password for the router administrator, and only allow local administrator login), they can do a lot of things, like opening specific ports, for example.
    If you have some malware that can communicate with a UPnP-enabled router, it can automatically open ports and download crap onto your computer.
    Also, if your setup is wireless, be sure to use strong passwords with at least WPA encryption.
     
Loading...
Thread Status:
Not open for further replies.