Surfing Naked, well would you, have you ?

Discussion in 'other security issues & news' started by StevieO, Mar 8, 2006.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Some people say that you don't need a firewall or router to be able to go online safely, so it would be interesting to hear your thoughts on this. Maybe you have done at some time, or still do !

    Everybody has diffent setups and configurations, even with the idenctical OS and updates/patches. This of course goes deeper when we take into consideration what barrier/s we have put in place to prohibit unauthorised internet connections, both in and out of our PC's.

    Would you, do you, or have you ever been online for any protracted period of time without any firewall or a router ?

    If you didn't/don/t have a FW/RTR then what PC/Browser measures/settings took precedence to help block intrusions/extrusions ?

    Also what Apps were running to further prevent/cushion you from threats ?

    Did you surf to any infected sites etc, or just play safe ?

    What where/are your experiences doing this, did those Apps/Measures work 100%, and also how safe did you feel ?

    If anything happened did your AV/AT etc stop all infections/installs etc ?

    Do you think it would be safer to surf naked now than before or not ?


    StevieO
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    See my test:

    Using the Internet without a Firewall

    See the list in my test.

    I did normal internet work. I also went to two sites I had tested before and the drive-by downloads were blocked. But this had nothing to do with the firewall.

    All probes were blocked as shown in the test.

    Before Win2K I never had a firewall. I still think that under the right circumstances, inbound protection can be achieved w/o firewall (home situation). But they are fun to play with, and the outbound protection is nice when testing trojans because you can monitor each outbound attempt, as I've shown in numerous tests, such as

    Bagle

    But I would not recommend running w/o a firewall to anyone.

    ---
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hello,

    Here are my answers:

    Would you, do you, or have you ever been online for any protracted period of time without any firewall or a router ?

    I have done it.

    If you didn't/don/t have a FW/RTR then what PC/Browser measures/settings took precedence to help block intrusions/extrusions ?

    Of course we talk about Windows? I used several measures on different occasions - ICS, manual execution prevention through Policies (not very recently, made a nice experiment), and another occasion - nothing really.

    Also what Apps were running to further prevent/cushion you from threats ?

    Did you surf to any infected sites etc, or just play safe ?

    Everyday stuff - I don't know which sites are infected, which are not. I just surf, as I need.

    What where/are your experiences doing this, did those Apps/Measures work 100%, and also how safe did you feel ?

    Nothing remarkable or noticeable happened.

    If anything happened did your AV/AT etc stop all infections/installs etc ?

    Nothing happened.

    Do you think it would be safer to surf naked now than before or not ?

    Before compared to when?

    It can be done, but I woul not suggest it. It requires knowing what you do, and be ready for possible consequences - either way.

    However, I suggest using a firewall. It's nice.

    Mrk
     
  4. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    784
    Location:
    UK
    Yes I surfed without anything when a computer novice, that is, no firewall, no AV, no antispyware , no nothing !! I felt extremely safe because ignorance is bliss.
    It ran ok for several months but alas eventually my PC was infected with multiple spywares , [gator was one] and eventually the KLEZ virus, which caused havoc, although that was through e mail. It was at that point I
    did some research and installed the usual AV, A-T and A-Spyware and found this site !.
    When I bought this, my new PC, I now have it fastened down tight. Firewall with final block rules in situ, hips, AV, Anti Trojan x2, Spybot with Teatimer, Adaware, rootkit detection oh and err script trap. Not all in real time.
    Most with thanks to the people here who have offered advice and information.
    Needless to say not much gets passed all this.
    Point being I would never surf naked again.........it can be costly, financially and otherwise.
    Gordon
     
  5. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Surfing Naked in the beach is more acceptable, especially if you have great body to show off, but surfing naked in cyberspace could be an invitations to possible disaster...:D

    It can also depends on what sites a person will visits...if that site is safe I think even a pc has no protection it still is safe but on the other hand if he/she accidentally visited some sites with some virus to offer or anything like then the system will be in great danger. :oops:

    In the past when I am still a newbie, I only uses the free AVG-6 antivirus and nothing else to protect my pc, not even a firewall. Then I scan my pc for stealth I was then surprise that I am stealth and I passed this test only to find out that it's not my IP address and I am behind proxies of my ISP, well at least I am still safe even if I have no firewall during that time. I don't have anti-spyware or anti-trojan during that time and no pop-up blocker coz I was only using IE browser...so I was infected w lots of spywares and pop-ups and I thought that it was just natural when we are surfing the web. Only to find out that I can clean my pc with those nasties that annoys me. o_O

    But now learning lots of things here in wilders, I will never again returned on that state where I am almost naked surfing the web. (I think my antivirus is my brief underwear.) To tell you, when you're ignorant, anything could be possible just like a child it doesn't matter if you're not wearing anything at all. :D
     
    Last edited: Mar 8, 2006
  6. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    The problem with surfing naked is that you don't have to visit bad sites to become infected by malware, a whole lot of it comes looking for you.
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I've done this in my newbie time. I don't remember how long, but in the end nothing worked properly anymore on my computer.
    In those days I surfed and downloaded everything from the internet like a newbie, unaware of any threat.
    Somebody in a chatroom told me that my PC was infected and adviced me to re-install my harddisk from scratch and to use Norton Internet Security.

    That worked for awhile until my computer was full of adware, spyware and God knows what.
    A Free Lotto Owner adviced me to run Spybot S&D and I removed more than 200 threats, but my computer still didn't work properly. So I installed again from scratch.

    Than I installed every scanner, I could get for free and cracked the paid scanners.
    I finally joined SWI and SWI taught me that cracking software was a bad habit.
    So I stopped cracking software and replaced them with legitimate freewares.
    I was also tired of cracking software. I had alot of fun with it, but it bored me in the end.
    SWI tried to turn me into a qualified helper, but all these qualified helpers are addicted to solving HijackThis Logs,like crossword-puzzles. I didn't like to become one of them. I was more interested in security softwares.

    One year later, SWI was off-line for a long period and gave me a list of other Malware Forums, but I didn't want to join them. Another year looking at HijackThis Logs was too much for me.
    Wilders was often mentioned at SWI, but wasn't mentioned on that Malware Forum List. So I joined Wilders. I don't visit SWI anymore.

    I was also a moderator at a Free Lotto Forum, but I gave recently my title to the most active and knowledgeable member of that forum.
    The Free Lotto World was already dying when I joined this forum. It was fun for awhile, but boring in the end.
    In those days I had about 200 Free Lottos on my list and only 20 of them were honest and many of them were infected with malware. LOL
    I don't play on Free Lottos anymore, because the odds and prices are getting worse every year.
     
  8. trickyricky

    trickyricky Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    475
    Location:
    London, UK
    Well, I have done so myself, and I have seen others do it, who have later called me in to sort out the mess... Although I'm on a small LAN here so I can't really jump in without a router, but I have a VMWare Windows XP VM which I set up for trying out software and that has nothing at all, except what I'm currently testing. It isn't even up to date patch wise, it's just XP SP2 from the CD with auto updates turned off. Windows Security Center hates me and is always complaining.

    A few times when I've been feeling reckless, I've gone in search of trouble and have never found any, and nothing has ever found me unaided, probably because I'm behind a NAT router, although there is no firewall.

    I was using IE6 (unpatched) to surf with, going to sites like 180solutions.com, whenu.com and anything else I could think of. All I did was only click on things I was really interested in. Even the Java runtime is the old 1.4.2 variant, simply begging for trojans and worse.

    I did feel extremely vulnerable since I'm used to a system that's locked down really tightly and this was a loose as you can get. But I survived and lived to tell the tale.

    Windows Defender beta 2 went quite mad on occasion (whilst it was installed for testing), as did GesWall and a few other security apps I tried out.

    I guess I need to put some valuable data on that VM, since that way it's guaranteed to get completely shredded within seconds of going online...
     
  9. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    A NAT router is more than enough actually. But as Rmus as chosen, technically even that might not be necessary if fully patched contrary to the horror stories about windows box being hacked in minutes.. But here I bow to the cliche of "Better safe then sorry", I mean if I'm on a LAN, with a router, why not use it? I could make the point and put my comp outside in the DMZ, but why ?

    I would personally go without antivirus then without some inbound protection myself, I'm not sure why... Does anyone feel the same way?

    Ghodgson tells the typical Wilders member story of being clueless, then getting infected (for some unknown reason typically), which is a wakeup call and then he gets serious about security. In the context of this place it normally means loading up with security software though to be fair a lot is also "user education" and improving setups of existing software.

    Arguably though 'getting serious about security' means not only being more secure because now I use a firewall, an antivirus, antitrojan etc..., but also being more savy in avoiding malware and reducing exposure.

    Ghodgson mentions he got hit by Gator and Klez, but I betcha if he knew what he knew now, and ran the exact same setup as before , he would most likely not get nailed by either simply by being more careful in installing stuff and clicking on attachments.

    But the safety net is nice of course. But I prefer not to rely on it if possible. I mean if you rely on your antivirus to protect you from random email attachments sent by worms, your infection rate would still be pretty high compared to one who was suspicious of all expected attachments.

    Similarly if you had tight IE settings, or ran Opera/firefox with strong settings, patched everything, you almost never had to rely on AVs saving your butt due to some malware loading when you visit a site. Oh sure, your AV would warn about some dangerous bloodhound exploit or something, and you feel warm and fuzzy, but in fact it wouldn't have worked anyway.

    My guess is for most people who get serious about security, most of their security say 95% ? comes from being careful and savvy about avoiding the pitfalls that befall novices.

    That explains a bit I think why a lot of people who don't use top quality AVs can still claim they are clean and their AV has never failed them yet. Possibly it is because they don't rely on it as much.
     
  10. doug6949

    doug6949 Registered Member

    Joined:
    Nov 28, 2003
    Posts:
    110
    Surfing naked is fine as long as you - -

    1. use a nat router,

    2. don't use IE or P2P.

    3. have your email app strip all attachments and delete unsolicited email at the server, and

    4. never download or install anything advertised, popular, or recommended by people that use the word "like" more than once in a sentence.
     
  11. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    I have surfed naked before, without a firewall, antivirus or any security whatsoever on a fresh Windows XP installation (no service pack)... NEVER AGAIN!

    within 30 seconds, i checked my task manager, and (no suprise whatsoever) ftp.exe was downloading trojans (sub seven) to the computer without any notifications whatsoever... be afraid... be very afraid... :|
     
  12. doug6949

    doug6949 Registered Member

    Joined:
    Nov 28, 2003
    Posts:
    110
    According to Dshield.org, current expected survival time is 18 minutes if you run naked.
     
  13. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    i survived for 6 years without any protection when i had my windows 98( i hardly browsed online i was usualy playing age of empires,alien vs predator 1&2, medal of honor, etc) then started getting into security when i got my xp with norton installed:p
     
  14. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I surfed naked when I had Windows98, It was my first computer. I was a total noob at computers then, the naked surfing lasted for 2 days till I bought a AV. I still had no firewall mind you, I didn't know what a firewall was. My first firewall was ZoneAlarm free, the firewall was set by default to display a warning dialog box every time somebody scaned you. It display a warning dialog box every 5 seconds, so I was more the a little alarmed. At this point I didn't know I could shut those warning dialog boxs off. Then I learned how to configured it. As time wore on I read about all the all the viruses you can get from .doc files, then from email attachments. Right from the start I made it a practice not to click on that attachment even if it was from (or looked lik it was from) my ISP or bank. Then I learned about drive bys where you don't even have to surf to a bad site, I learned about .Dropper trojans and R.A.T. trojans. Now I have a clearer picture of what is waiting for me out there in cyberspace, be afraid. I am arming myself with knowledge and the proper utilitys.
     
  15. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    same here. eventually i got norton systemworks 2001, but i still had no firewall. that was back in teh day. now in modern times, it would be possible for me to surf naked and not get infected, but i prefer the feeling of security while browsing and p2p.
     
  16. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    If I had a surf board and knew how to surf, sure i would surf naked, other than that, no.
     
  17. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    The lesson then is to patch.
     
  18. <DreamCatcher>

    <DreamCatcher> Registered Member

    Joined:
    Jan 6, 2006
    Posts:
    154
    Hi,

    I used to surf naked without a firewall, until a hacker came a knocking and left some nice things for me to find, never again! Some people might not get effected if they keep their patches upto date, but is it really worth taking the risk. With the amount of freeware on the net no one should ever have to go naked, which in turn would protect them as well as everyone else online!

    @Rmus, What program did you use to create those logs of activity on the test machine?

    Take care,
     
  19. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Those are Kerio's firewall logs of inbound traffic (all was permitted) during the test.

    It was my primary workstation, not a test machine.
     
    Last edited: Mar 16, 2006
  20. dylanfan

    dylanfan Registered Member

    Joined:
    Feb 10, 2006
    Posts:
    187
    The great point about (good) firewalls is that you're protected against inbound attacks, whether your system is patched or not.

    That's an important point, because unpatched systems are very often patched systems whose next flaws aren't discovered yet (as we all have learned from observing M$ systems over the years).

    So in a sense, "fully patched" is , more often than not, a mere temporary illusion.

    Cheers
     
  21. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    All? I presume web servers have firewalls and routers, that doesn't help them any. ;)

    I hope you see what I'm implying...

    Obviously, it applies not to patches but also to security as a whole.

    A patched system with a firewall isn't secure, it's just one whose next flaws as being discovered yet (as we all have learned from observing M$ systems over the year).

    Saying all security is temporary doesn't help anyone's argument I'm afraid.


    So in a sense, "being firewalled" more often than not ,a mere temporary illusion.....
     
Loading...
Thread Status:
Not open for further replies.