Thread: Zone Alarm Firewall

actually if im not mistaken Sub7 can just "bypass" so to speak but its not what it does in truth the firewall(s) entirly without disabling them.

>>the firewall is not compeletly dead the icon is till there and it appears to be working fine but it can no longer block incomming packets or outgoing

This is why you run updated virus software and run scans every midnight. Not you SOAK, but some of you guys are really silly. The purpose of security in every sense is to be a 'harder' target. Harder than who? Harder than your neighbor perhaps. Everything in computers is possible.... you build a better mousetrap, you get a better thief.

You know what... skript kiddies are what *I* am worried about. They do the damage. The professional hacker doesn't give a crap about me. The loot isn't big enough.

Bar none... here is the key. Get a firewall, get updated virus software, and if you are really paranoid... protect your IP with an anonymizer proggy like A4 Proxy. That simple folks. Will this block the master hacker... probably not... but the odds are in your favor that they aren't out to get you anyway.

~Betazep

p.s. Ever try to run a program when you are missing a required .dll file? The point... don't believe everything you hear. Some of it is just smoke and mirrors anyway.

>>the only reason you should use a firewall is if your doing "illegal stuff" on your comp or running a file sharing network....

I had to comment on this too... I bet that a year or so back Yahoo and other big companies wished even half of the people that unknowingly attacked them had firewalls capable of blocking program traffic.



~Betazep

I've had Zone Alarm for a couple days. I'm blocking 400-500 attemps per day. I don't have any virii or anything, I can tell from using netstat.

One thing that a firealarm does for me is it gets me interested in learning about my Operating System. Maybe it won't stop hackers who directly target you but it will enable you to identify them and later report them. I can also lock the internet when I leave my computer on over night. I'm still learning about it but I like it.

Although I'm not doing too many illegal things on my computer, I do have some private documents, stuff that I want to copyright. Another reason for a firewall. All of the major virii are anonymous. If I get that then I can't do much. I'm going to pick up norton antivirus 2002. I don't want people somehow getting on my system and snooping around including my IP.

Stop saying IP when you mean ISP! IP is a protocal and an address, not a service provider. that's an ISP! Sorry, but it was annoying me, dean.
you're not getting 400-500 atempts, you're just hitting a lot of background noise. If you're on anything better than 56k you'll get a lot of that, but it's easy to distinguish an attack from some random packet. Attacks will be something like the same IP address scanning through 10 of your ports, such as 31337, 1234, etc. All of those port 80 HTTP requests are probably Code Blue/Nimda coupled with any remnants of Code Red. I'm getting tons of those, too. If you see things trying to get a connection to anything with NetBIOS in the name then you're either running file sharing programs, or someone's trying to get into your computer. Thos're the ones I get annoyed over.

The most fun ones are people trying to connect to UDP 31337 and 1234. They're usually those stupid skript kiddies trying to find a computer with Sub7 or Back Orafice on it. Get as much info on them as possible with whois queries, etc. and report them to their ISP's abuse e-mail, and possibly the internet backbone for their ISP.

If they delete the DLL, ZA will b*tch about it I'm sure...

>The professional hacker doesn't give a crap about me. The loot isn't big enough. <

Not true. If a hacker gets into your machine, he can use your ip
as a jump off to other sites where he will wreak his havoc. This
is commonly known as "bouncing," and provides one means
for the guilty one to cover his tracks.

rick barclay

>Attacks will be something like the same IP address scanning through 10 of your ports, such as 31337, 1234, etc.<

10!!! just 10!!!! i had two guys in the same day scan 1000+ ports the rat bastards where from a damn company too so there's nothing i could do about it, and they were scanning for 3 days+

>>If they delete the DLL, ZA will b*tch about it I'm sure...

I agree completely...

Especially on restart when the file isn't found.

you know, i could spread so much paranoia with only the truth...

BTW: if a "needed" DLL's missing you WILL get a warning and program failure.

>>Not true. If a hacker gets into your machine, he can use your ip
as a jump off to other sites where he will wreak his havoc. This
is commonly known as "bouncing," and provides one means
for the guilty one to cover his tracks.

Yes true and you are stating common knowlege. Do you only read the sections of posts that interest you?

My machine is a harder target than all of my neighbors. If you scanned past my ip, you wouldn't even see a reply from my computer (as if I didn't exist as all)... but people next to me have sendmail running, ftp, telnet, port 139 actively accepting connetctions, etc etc etc.

Why would a hacker bang their head on my firewall for an hour or two when they can be in one of my neighbor's computers in two minutes or less. Then they can 'bounce' away to their hearts content.

So I will rephrase... the loot isn't big enough for the task needed to break in when there are much easier targets that deliver the same outcome.

Is that better for you...

wow... this message has been edited because I can't read... sorry