Hello Everyone :-)
"Reality is observer dependant"
\
\ \\/////
| |
(.) (.)
========oOO==(_)==OOo==========================
Hey guys - anyone know a good OS database?
Joyce is prototyping something in Access
I want to use Open Office (it seems to have some nice database reporting)
Ideally I want a free on line wiki type database (with password protection)
written in java perhaps - we may have to write our own in Curl
but sadly this would exclude the Linux users
and Mac users and those not willing to use the Curl plug in (heretics)
I looked at some of the free databases and found they were either just readers
too complex
not versatile enough . . .
Please save this poor cructacean from having to use MS Access
and now . . . some more geek stuff . . .
You are running anti virus software and a firewall - right?
:-)
Well below is all the info on firewalls
=============
On with the show...
In my last post we talked about how to protect your computer from
attacks and exploits by practicing simple patch management. [If you
missed that post you can find it online at http://tinyurl.com/64evp ]
This week we're going to tackle a topic everyone has heard of but few
truly understand: Firewalls.
--------------------------------
Home Computer Security: Part Two
Firewalls
--------------------------------
How do crackers--people who compromise the security of your computer
without your permission--find your computer in the first place? Well,
every semi-competent cracker has software that
- Scans thousands of Internet connections looking for Windows
file and printer shares.
- Scans for known vulnerabilities, holes, and unsecured services
in Windows, Mac OS, Linux, Apache, VM-CMS, etc.
- Exploits those known vulnerabilities
- Cracks Windows [and other operating systems'] passwords.
- And so on.
Most home computer attacks/intrusions are either coordinated or
opportunistic. In a coordinated attack your computer is specifically
targeted, and in an opportunistic attack a cracker finds your computer
during a random scan of thousands of other computers
Unless someone is specifically after you--a former employee, a jilted
lover, Snuggle the fabric softener bear--you don't have to worry about
coordinated attacks. They're few and far between. Besides, like a
visit from your in-laws, you can't really stop a coordinated attack.
You can only delay it.
Opportunistic attacks are an entirely different matter. They happen
all the time. In fact, your computer is probably being probed for
vulnerabilities as we speak.
One of the better ways to protect your computer from opportunistic
attacks--besides being vigilant with your patch management--is to
"hide" your computer from the Internet. If crackers can't see your
computer, they [hopefully] won't attack you.
How do you hide your computer? Use a firewall.
-------------------
What is a firewall?
-------------------
A firewall is either hardware or software that stands between your
computer [or home network] and its Internet connection and provides
"access control." Access control is just a fancy way of saying that
your firewall determines what can and cannot pass through.
A computer firewall is very much like the firewall in your car. Your
car's firewall keeps the bad stuff from your engine [like heat and
exhaust] out of your passenger cabin. But it isn't impervious. It
has holes in it to let the good stuff [like the steering column and
the brakes] through.
A good computer firewall, like your car's firewall, keeps the bad
stuff out and lets the good stuff through. How? Well most consumer
firewalls--the hardware firewalls [well, actually they're routers] you
can buy at Wal-Mart or Target or the software firewalls you can
download off of the Internet--offer a combination of
1. Computer stealth: they hide your computer from the crackers'
scans; and
2. Intrusion blocking: they make it harder [but not impossible]
for crackers to break in.
------------------------------
The peril of visible addresses
------------------------------
When you connect your home computer to the Internet, the Internet
connects to your computer. Every computer connected to the Internet
has its own, unique Internet address [like 137.151.128.96 or
130.160.4.4]. Your ISP automatically assigns the Internet address to
your computer from a pool of addresses the ISP maintains. When you
disconnect [or at some regular interval with cable modem and DSL
connections], that address goes back into the ISP's pool of addresses
and is given to someone else.
Unfortunately, if a cracker knows your Internet address, he can probe
your computer for vulnerabilities.
-----------
NAT and SPI
-----------
Hardware firewalls use something called "Network Address Translation"
or "NAT" to hide your computer's Internet address from the crackers.
You physically connect your home computer[s] to a hardware firewall
and connect the firewall to the Internet. The firewall, not your home
computer, connects to the Internet and is assigned a publicly-visible
Internet address by your ISP. Your firewall then automatically
assigns your computer a *private* Internet address, an address that
only your firewall knows. In fact, the private address is not visible
to anyone on the Internet nor is it even [directly] accessible from
the Internet.
In the process of hiding your computer's address from the Internet,
your firewall becomes your computer's intermediary on the Internet.
All traffic must go through it. And since the crackers can't see
either your computer or your computer's address, it is harder for the
crackers to scan your computer for vulnerabilities. So, hopefully,
the crackers move on to someone else's computer.
In addition to using NAT to hide your computer, a firewall also uses
"stateful packet inspection" or "SPI" to block intruders. Put simply,
SPI only lets through the stuff you ask for, the connections that you
and you alone originate. All other connections--like connections from
crackers trying to break into your computer--are automatically blocked
at the firewall.
So, a consumer firewall protects your computer from attack by offering
a combination of computer stealth using network address translation
and intrusion blocking using stateful packet inspection.
Can you see now why a firewall is such an important part of your
computer's defense against crackers? I mean, is there anything a
firewall CAN'T do?!
------------------------
What a firewall can't do
------------------------
Well, actually, a consumer firewall can't
- Fix operating system or software vulnerabilities. A firewall
may block SOME exploits coming in from the Internet, but the
vulnerabilities will still be there. That's why patch
management is so important.
- Protect your computer from viruses. A firewall may block SOME
Internet worms, but it won't block viruses attached to emails,
hidden in files you download from the Internet or Kazaa, etc.
Virus protection is a job for your antivirus program, not a
firewall.
- Protect your computer from spyware
- Block pop-up ads
- Block spam
- Completely keep crackers out
- Protect you from doing stupid stuff to your computer
But, if you are looking for simple computer stealth and basic
intrusion blocking--and trust me, you ARE--you need a firewall.
--------------------------------
Don't I already have a firewall?
--------------------------------
How can you tell if you have a firewall and/or if it is working
properly? Simple! Go to
https://grc.com/x/ne.dll?bh0bkyd2
and run "Shields Up." This is a free, online tool from security guru
Steve Gibson that probes your computer for common vulnerabilities used
by crackers. To learn how to use Shields Up, check out the free,
online streaming video at
http://www.allianceits.com/diy/shieldsup/index.php
The guy who recorded this video [me] is a complete and total idiot,
but the video is still better than poke in the eye. [And, yes, that
really is my voice.]
If Shields Up can see your computer, so can the crackers. You either
don't have a firewall or it isn't configured properly.
----------
Which one?
----------
Should you get a hardware firewall or a software firewall?
Yes.
If you have a cable modem, satellite, or DSL connection, you need BOTH
a hardware firewall AND a software firewall If you have a dial-up
connection, you only need a software firewall. [In fact, hardware
firewalls for dial-up connections are kind of hard to find, at least
out here on the left coast.]
---------
Why both?
---------
Hardware firewalls have an Achilles' heel: they [for the most part]
assume that ALL the Internet traffic originating from your computer is
safe. But, if you "accidentally" double-click on a virus-infected
file,
- Your computer will be infected with that virus. [Remember,
hardware firewalls can't protect you from either viruses or
doing stupid stuff.]
- That virus is more than likely going to try to use your
computer and your Internet connection to infect other computers.
So your computer is now a virus-spewing zombie ["Brains! Must eat
brains!"]. BUT, remember, your hardware firewall still trusts your
computer. Your computer is flooding the Internet with thousands of
viruses, worms, or spams, and your hardware firewall doesn't notice,
care, or even bother to tell you.
Grumble.
---------------------------
How software firewalls work
---------------------------
A software firewall [actually, a "personal software firewall"]
- Constantly runs in the background.
- Blocks bad stuff from the Internet from getting to your
computer [the stuff that somehow magically makes it past your
hardware firewall]
- Warns you when a program on your computer tries to access the
Internet. You then decide whether or not that program should
be allowed to access the Internet.
So in our zombie example, the software firewall--NOT the hardware
firewall--would catch the flood of viruses before they even left your
computer. You'd get a warning that some program on your computer,
probably one you've never heard of, is trying to access the Internet.
--------------------
Hardware v. Software
--------------------
In the simplest [grossly oversimplified] terms, hardware firewalls
protect your computer from the Internet. Software firewalls
- Are a second layer of defense behind your hardware firewall
- Protect both your computer from the Internet AND the Internet
from your computer.
- Warn you when something fishy is happening on your computer.
So can you see why I recommend running both a hardware AND a software
firewall?
------------------
Hardware firewalls
------------------
Now for the really bad news: Hardware firewalls--stand-alone boxes
that do nothing but block intruders--are both complicated and
expensive. Cisco's cheapest firewall [the PIX 501] is approximately
US$400!
But two important features of hardware firewalls--NAT and a very
simplified form of SPI--are built into most hardware routers which are
a LOT cheaper. My favorite router, the Linksys' EtherFast Cable/DSL
Router with 4-Port Switch [BEFSR41], is approximately US$50.
My suggestion? If you have a cable modem or DSL line, run to your
nearest technology store or big box retailer and buy a cable/DSL
router from Linksys [my favorite], D-Link, Netgear, Belkin, or SMC for
about US$50.
You are not limited to this list, though. Do a Google search for
"home router" and you'll find literally hundreds of different hardware
routers that you can purchase online.
Remember: If you have a cable or DSL connection, you really should
get both a hardware firewall/router and a software firewall [which
we'll talk about in a bit] to hide your computer from the Internet.
If you have a dial-up modem connection, though, stick with just a
software firewall.
----------------
u:admin p:admin?
----------------
If you take my advice and buy a hardware firewall/router, I have a
HUGE favor to ask of you: Please read the instructions that come with
your router and CHANGE YOUR ROUTER'S DEFAULT ADMIN USERID AND PASSWORD!
Hackers know the default administrator's userid and password for every
router [and firewall and server and operating system and...] ever made.
Check out http://www.phenoelit.de/dpl/dpl.html if you don't believe me.
------------------
Software firewalls
------------------
Now that I spent US$50 of your hard-earned money on a router, let me
save you some money. In my humble opinion [and mine alone], the four
best software firewalls are absolutely free.
1. ZoneAlarm:
http://www.zonelabs.com/
2. Sygate Personal Firewall:
http://smb.sygate.com/products/spf_standard.htm
3. Windows XP Service Pack 2 Internet Connection Firewall:
built into Windows XP SP2 but NOT into previous versions of XP
4. Mac OS X Firewall:
built into Mac OS X
You are not limited to this list, though. Do a Google search for
"software firewall" and you'll find literally tens of thousands of
software firewalls that you can download and/or purchase.
One thing to keep in mind about ZoneAlarm [my favorite] and many of
the other software firewalls out there is that you have to train it.
By default, ZoneAlarm blocks EVERYTHING on your computer from
accessing the Internet. This causes much anguish to many newbies ["I
just installed ZoneAlarm and now I can't access ANYTHING!"] Remember,
you have to manually tell ZoneAlarm which programs you want to let
through and which ones to block. Fortunately, this couldn't be
simpler. Just check out the free, PDF-formatted user guides at
http://tinyurl.com/27wcz
for instructions on how to install and configure ZoneAlarm.
-----------
XP Firewall
-----------
Windows XP comes with its own firewall, so we XP users can breathe
easy, right? WRONG! If you have Windows XP home or professional,
your built-in software firewall is both horrible and [most likely]
disabled.
Microsoft plans to fix XP's firewall in the Windows XP Service Pack 2
[SP2] which you'll be able to get through Windows Update later this
summer. Until SP2 is released, though, avoid XP's original, built-in
firewall like the plague.
-------------
OS-X Firewall
-------------
To turn on OS-X's built-in firewall
1. Go to Apple menu > System Preferences.
2. In Internet & Network, click on the Sharing folder icon.
3. Click on the Firewall tab.
4. Uncheck all of the checkboxes on screen.
5. Then click on the Start button.
----------
In summary
----------
If you have a cable modem, DSL, or satellite connection, you need both
a hardware firewall [in the form of a router] and a software firewall.
If you have a dial-up connection, you only need a software firewall.
------------------------ Yahoo! Groups Sponsor --------------------~-->
Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
Now with Pop-Up Blocker. Get it for free!
http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/_bWolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/HolyGeek/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
