what can happen without a firewall?

Discussion in 'other firewalls' started by mantra, Mar 28, 2008.

Thread Status:
Not open for further replies.
  1. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    Hi
    i'm a novice and i'm asking a question

    what can happen to home pc without a firewall
    i mean without a router(with firewall) or a modem ethernet (without firewall)
    and without harmful, noxious programs in the pc

    in short , a fresh install of xp with the last update connected to the net without firewall

    thanks
     
  2. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    unless you turn off the windows firewall ? not a lot would be my guess. once you start installing noxious programs etc things might get more exciting.

    I would suggest using a hardware firewall router just in case
     
  3. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    I use just the Vista firewall on one of my computers and feel perfectly safe. If you don't install unknown or spoofed programs or visit unknown or spoofed sites or open unknown or spoofed mail you can probably even live without a virus scanner. The Windows firewall does a pretty good job of inbound protection and will at least keep hackers from remotely logging onto your computer and turning it into a Zombie. or capturing your private data. I prefer to use a virus scanner (Avast!) because some of the spoofing is pretty good and there are always new things happening-and maybe sometimes I won't be that vigilant. :)
     
  4. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    So without any windows or third party software firewall, and or hardware firewall. :D

    Perhaps you are lucky to survive an a couple of hours without coming under attack.
     
  5. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    yes this i mean

    without firewall (hardware - xp or vista firewall turned OFF - no thirty firewall)
    freah install of xp , updated !
    without dangerous programs in my pc


    survice an a couple of hours without coming under attack ??
    what they could do ?
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Probably nothing will happen, although you might see a lot of "noise" (NetBIOS traffic, SSDP traffic, etc)
     
  7. wat0114

    wat0114 Guest

    Somewhere I read in this forum that with the services listening on the various ports, as long as they are not exploitable, then nothing should happen. Is this right?
     
  8. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Yes, that is correct. A clean and updated Windows XP or Vista installation, fully patched as noted above, is not likely to have any exploitable services on open ports. So, in all likelihood, nothing bad would happen even without an incoming firewall protection.

    Still, I'd recommend at least using the integrated Windows firewall on such systems.
     
  9. wat0114

    wat0114 Guest

    Thanks LowWaterMark! Absolutely the firewall has and always will remain a staple in my pc security, but it is good to know that fully patched Windows reduces the likelihood of exploiting open ports.
     
  10. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    so why should i install a firewall?
     
  11. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Install? No reason necessarily, if you aren't interested in the extra control such programs provide. But, at least enabling the built-in Windows firewall? Two reasons...

    1. Today's fully patch system is tomorrows exploitable PC. Exploits come out at totally random and unexpected times. Just because there isn't a known exploit today, doesn't mean someone won't find one, say sometime next week, break into a lot of "patched" systems over a several day period and do lots of damage until the next patch comes out.

    2. Assuming that you are just running a standard Windows configuration, and not going to the trouble of disabling excesses services, you will have several services listening for incoming connections. That's normal. Well, without any firewall running to drop unsolicited inbound connections, your services will respond to all the random scans and access attempts that hit your ports. Even though they maybe not be exploitable, why have your PC do all that work, communicating with every bot and scanner that happens to hit your IP address? That's a lot of CPU cycles, as they accept and process all those connections requests. A firewall drops those far more efficiently than that, causing almost not significant CPU load on your box.
     
  12. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Yep, it costs nothing (money, resources, rule making, troubleshooting)
    See the firewall as a proactive measure against unknown exploits.
    A fully patched, clean machine is fine, but a fully patched, clean machine is even better with a host firewall and/or no services listening.
     
  13. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I was once a bit curious about that my self so I installed original XP without any servicepacks or hot fixes.
    First I did it in VMware but when nothing happened there I did it with a fresh install on my main drive.

    I wanted to test the myth(?) about that it will only take 30 seconds for some worm to infect a naked windows XP. Nothing happened. I did let it be exposed to the net for a day or so. I just did some regular surfing on benign sites mostly, I tried a couple porn and warez sites but only few of them are infected anyway. The explanation I got from people more knowledgeable than me was that probably my ISP blocks most of the bad stuff.
    I dont know if all ISP´s are as good as mine but for me the story about 30 seconds was not relevant. I wouldnt recommend anyone to run without a firewall though, the outbound protection is a good layer of security just in case.
     
  14. wat0114

    wat0114 Guest

    Agreed. There is an interesting thread in here somewhere where solcroft issued a challenge for anyone to attempt exploiting his machine with no firewall. No one was successful. Still, I will always use one because of unknown exploits, as you and LWM mention, that could breach the defenses of even the most fully patched services.
     
  15. wat0114

    wat0114 Guest

    Some time ago, 2003 I think, I installed a fresh copy of XP SP1, not knowing about these exploits and having no router at the time, and within 2 minutes after the install the machine got infected by Sasser.
     
  16. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Probably, your ISP blocks traffic on NetBIOS, RPC, UPnP and other sensitive things over the Internet. For example, UDP datagrams with the destination yourIP: port137 are filtered by your ISP.
     
  17. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    It depends very much of the network you have your computer on. On the network I'm connected to, there is an average of 2-3 atack attempts per hour.
     
  18. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Which kind of attacks are these?
     
  19. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Most of them are viruses trying to infect every computer on the LAN, some of them exploit attempts. But this happens for so much time that I don't bother to see what they are anymore. It's my Sygate's job to block them :)
     
  20. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Do you mean network worms (i.e. Sasser, Blaster)?
     
  21. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I have 100Mbit LAN from my ISP, do you mean that it would have been different if I would´ve had ADSL?
     
  22. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    100 Mbit LAN? I'm drooling :eek:
     
  23. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    It's less about the type of Internet connection itself, (i.e. LAN, cable, DSL, etc.) and more about the service the provider gives you. Some block a lot of incoming ports, some, none at all. Some allow some key ports inside their network but not incoming from the Internet at large. Mine is half way in between. It blocks NetBIOS for example from coming in from other ISPs and providers, but, allows it locally inside their customer base by region.
     
  24. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Thanks LowWatermark for the explanation. I guess my ISP blocks the right things (and it doesnt affect me negatively a bit :thumb: ) I wonder why all the ISP´s out there doesnt do the same thing, lots of attacks would not happen if they did. But maybe those worms are not a problem anymore now that MS has fixed the holes.

    Yeah, it is kind of nice to have the power when downloading, but I could live with lower speed if I had to. I like the fact that it is LAN more. I have not had a single problem with the connection the three years I have had LAN. Maybe ADSL has gotten better but all I remember was the constant connection problems when I had it.
     
  25. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    My ISP is up to their ass in zombies, as are many. With a logging router/firewall there were lots of port scans every day, looking for something to exploit. If you weren't using internally stuff that could be exploited externally you were probably fine without it. And if it wasn't something in the Microsoft list of new exploits to be patched. If you think you are invulnerable without a firewall, I at least recommend Acronis True Image regularly in case you need to recover. :) S--- happens eventually.
     
Loading...
Thread Status:
Not open for further replies.