what can happen without a firewall?

Hi
i'm a novice and i'm asking a question

what can happen to home pc without a firewall
i mean without a router(with firewall) or a modem ethernet (without firewall)
and without harmful, noxious programs in the pc

in short , a fresh install of xp with the last update connected to the net without firewall

thanks

 

unless you turn off the windows firewall ? not a lot would be my guess. once you start installing noxious programs etc things might get more exciting.

I would suggest using a hardware firewall router just in case

 

I use just the Vista firewall on one of my computers and feel perfectly safe. If you don't install unknown or spoofed programs or visit unknown or spoofed sites or open unknown or spoofed mail you can probably even live without a virus scanner. The Windows firewall does a pretty good job of inbound protection and will at least keep hackers from remotely logging onto your computer and turning it into a Zombie. or capturing your private data. I prefer to use a virus scanner (Avast!) because some of the spoofing is pretty good and there are always new things happening-and maybe sometimes I won't be that vigilant.

 

So without any windows or third party software firewall, and or hardware firewall.

Perhaps you are lucky to survive an a couple of hours without coming under attack.

 

yes this i mean

without firewall (hardware - xp or vista firewall turned OFF - no thirty firewall)
freah install of xp , updated !
without dangerous programs in my pc


survice an a couple of hours without coming under attack ??
what they could do ?

 

Probably nothing will happen, although you might see a lot of "noise" (NetBIOS traffic, SSDP traffic, etc)

 

Somewhere I read in this forum that with the services listening on the various ports, as long as they are not exploitable, then nothing should happen. Is this right?

 

Thanks LowWaterMark! Absolutely the firewall has and always will remain a staple in my pc security, but it is good to know that fully patched Windows reduces the likelihood of exploiting open ports.

 

so why should i install a firewall?

 

Yep, it costs nothing (money, resources, rule making, troubleshooting)

See the firewall as a proactive measure against unknown exploits.
A fully patched, clean machine is fine, but a fully patched, clean machine is even better with a host firewall and/or no services listening.

 

I was once a bit curious about that my self so I installed original XP without any servicepacks or hot fixes.
First I did it in VMware but when nothing happened there I did it with a fresh install on my main drive.

I wanted to test the myth(?) about that it will only take 30 seconds for some worm to infect a naked windows XP. Nothing happened. I did let it be exposed to the net for a day or so. I just did some regular surfing on benign sites mostly, I tried a couple porn and warez sites but only few of them are infected anyway. The explanation I got from people more knowledgeable than me was that probably my ISP blocks most of the bad stuff.
I dont know if all ISP´s are as good as mine but for me the story about 30 seconds was not relevant. I wouldnt recommend anyone to run without a firewall though, the outbound protection is a good layer of security just in case.

 

Agreed. There is an interesting thread in here somewhere where solcroft issued a challenge for anyone to attempt exploiting his machine with no firewall. No one was successful. Still, I will always use one because of unknown exploits, as you and LWM mention, that could breach the defenses of even the most fully patched services.

 

Some time ago, 2003 I think, I installed a fresh copy of XP SP1, not knowing about these exploits and having no router at the time, and within 2 minutes after the install the machine got infected by Sasser.

 

Probably, your ISP blocks traffic on NetBIOS, RPC, UPnP and other sensitive things over the Internet. For example, UDP datagrams with the destination yourIP: port137 are filtered by your ISP.

 

It depends very much of the network you have your computer on. On the network I'm connected to, there is an average of 2-3 atack attempts per hour.

 

Which kind of attacks are these?

 

Most of them are viruses trying to infect every computer on the LAN, some of them exploit attempts. But this happens for so much time that I don't bother to see what they are anymore. It's my Sygate's job to block them

 

Do you mean network worms (i.e. Sasser, Blaster)?

 

I have 100Mbit LAN from my ISP, do you mean that it would have been different if I would´ve had ADSL?

 

100 Mbit LAN? I'm drooling

 

Thanks LowWatermark for the explanation. I guess my ISP blocks the right things (and it doesnt affect me negatively a bit ) I wonder why all the ISP´s out there doesnt do the same thing, lots of attacks would not happen if they did. But maybe those worms are not a problem anymore now that MS has fixed the holes.

Yeah, it is kind of nice to have the power when downloading, but I could live with lower speed if I had to. I like the fact that it is LAN more. I have not had a single problem with the connection the three years I have had LAN. Maybe ADSL has gotten better but all I remember was the constant connection problems when I had it.

 

My ISP is up to their ass in zombies, as are many. With a logging router/firewall there were lots of port scans every day, looking for something to exploit. If you weren't using internally stuff that could be exploited externally you were probably fine without it. And if it wasn't something in the Microsoft list of new exploits to be patched. If you think you are invulnerable without a firewall, I at least recommend Acronis True Image regularly in case you need to recover. S--- happens eventually.