Re: Re: question to dmler's concerning online hackers into pc's

From: Mike (spammikeREMOVE@home.com)
Date: Mon Feb 04 2002 - 10:42:30 EST


Bernd,

Good to know that you are 100% stealth.

There is really no such thing as a hardware firewall, they are all software.
Some firewalls just have dedicated hardware for the job. To be honest, the
home DSL routers are not very good firewalls, but they do the job in many
cases. You are best off using a software firewall on your PC as well (which
I believe you do). One of the best firewalls around is software, and you
can set one up for quite cheap. All you need to do is get an old PC (does
not need a lot of power), install NetBSD then use the built-in packet
filtering firewall to filter your traffic. It's not too hard to set up, and
will offer a LOT more protection than the DSL router.

Typically, if a hacker wants to get in and they know what they are doing you
need a very good security system to stop them. What is most important is to
be in stealth mode. Most "hacks" are script kiddies that do a scan of an IP
range to see what computers are available and vulnerable. If your computer
does not respond then they will never even know it's there.

Mike

""Bernd D. Ratsch"" <bernd@texas.net> wrote in message
news:000001c1ac6f$efc44810$090aa8c0@homenet.com...
>
> Just ran the "ShieldsUP" utility....
>
> "If all of the tested ports were shown to have stealth status, then for
> all intents and purposes your computer doesn't exist to scanners on the
> Internet!
>
> It means that either your computer is turned off or disconnected from
> the Net (which seems unlikely since you must be using it right now!) or
> an effective stealth firewall is blocking all unauthorized external
> contact with your computer. This means that it is completely opaque to
> random scans and direct assault. Even if this machine had previously
> been scanned and logged by a would-be intruder, a methodical return to
> this IP address will lead any attacker to believe that your machine is
> turned off, disconnected, or no longer exists. You couldn't ask for
> anything better.
>
> There's one additional benefit: scanners are actually hurt by probing
> this machine! You may have noticed how slowly the probing proceeded.
> This was caused by your firewall! It was required, since your firewall
> is discarding the connection-attempt messages sent to your ports. A
> non-firewalled PC responds immediately that a connection is either
> refused or accepted, telling a scanner that it's found a live one ...
> and allowing it to get on with its scanning. But your firewall is acting
> like a black hole for TCP/IP packets! This means that it's necessary for
> a scanner to sit around and wait for the maximum round-trip time
> possible - across the entire Net, into your machine, and back again -
> before it can safely conclude that there's no computer at the other end.
> That's very cool. "
>
> And to think, I left my software firewall off just to check. ;)
>
> Hardware firewalls are the only true protection (and as Shane
> stated...NOT on a Windows OS based machine.)
>



This archive was generated by hypermail 2b29 : Fri Jun 20 2003 - 12:03:57 EDT