As far as I have understood from your statements you are thinking about a modem connection or something similar that requires you to logon to a service provider (wherever it is) from that particular computer. So in such a situation you have to first dial up and then logon. But in my opinion the things mentioned in this thread are for a network where you already have an internet (or intranet) connection available. In such a situation you don't (in general) provide logon information. As soon as your computer is up you are in the internet (or intranet).
-- Sedat Dogru Sarbjit Singh Gill wrote: >I am kind of confused. > >You connect to the internet after your OS has booted up. So when every >security item is in place, only then you logon to internet right. So why are >we saying that, I quote > >" the time between opening >up > > >>>the pc and the anti-virus and firewall to boot up takes about 2 minutes >>> >>> >in > > >>>total... Is there a small security risk within those two minutes as the >>> >>> >pc > > >>>is virtually open to the internet? >>> >>> > >Hence, let everything load and all security is in place, only then you would >connect to internet. Sounds like you logon to internet as the OS is loading >halfway. > >Cheers >Gill > >-----Original Message----- >From: Cheryl Goh [mailto:[EMAIL PROTECTED]] >Sent: Friday, July 12, 2002 3:06 PM >To: Jeremy Anderson >Cc: [EMAIL PROTECTED] >Subject: Re: security question > > >I totally agree with Jeremy. If file and print sharing is turned off and >there are no other services such as an FTP or IIS Server running on the box >(this would be 3rd party app in the case of win98) then the chances of >hacking the box is extremely low. > >It is only when the user chats on IRC or surfs the web that vulnerabilities >are introduced. By then your personal firewall would have loaded anyway. > >I'm not sure on this but an issue would also be at what point the network >services are loaded. Chances are the the firewall is loaded within a few >seconds of the network services thus reducing the window size. Any thoughts? > > > > >----- Original Message ----- >From: "Jeremy Anderson" <[EMAIL PROTECTED]> >To: "Enquiries" <[EMAIL PROTECTED]> >Cc: <[EMAIL PROTECTED]> >Sent: Friday, July 12, 2002 9:04 AM >Subject: Re: security question > > > > >>On Thu, 11 Jul 2002, Enquiries wrote: >> >> >> >>>Dear All >>> >>>I have been wondering for quite some time since I got broadband a few >>> >>> >weeks > > >>>ago whether the followign is a security risk: the time between opening >>> >>> >up > > >>>the pc and the anti-virus and firewall to boot up takes about 2 minutes >>> >>> >in > > >>>total... Is there a small security risk within those two minutes as the >>> >>> >pc > > >>>is virtually open to the internet? I have noticed that as soon as my >>>firewall is finally finished booting up it does give out "denied >>> >>> >access"? Or > > >>>is there something there that actually protects the pc until the >>> >>> >firewall > > >>>and anti-virus load? If not what can one do to protect one's pc? >>> >>>windows 98SE - mcafee anti-virus - zonealarm firewall >>> >>> >>A disclaimer: I'm sorry if this message sounds a little patronizing. >>Having worked in computers for 15 years now, including 8 years as a >>professional sysadmin, my experience has been that clever uberhackers who >>can pry a PC wide open in the 30 second window between the network being >>started and the firewall coming up completely are EXTREMELY rare. Users >>who do things which are harmful to their own systems, either due to >>carelessness or neglect, are as common as dandelions in the springtime. >> >>I may get flamed for this, but I think in _most_ cases, personal firewalls >>are redundant. >> >>My rationale is as follows: >> >>1) A stock out-of-the box Windows 98 machine has one vulnerability to the >> outside world. That is the SMB file-sharing mechanism. If you didn't >> share any of your directories to the Internet (you didn't set up any >> of your directories to be shared, did you?), there's not much of a >> hole here. There are some other potential problems, but most of those >> can be resolved by keeping your system patches up to date (have you >> >> >visited > > >> http://windowsupdate.microsoft.com/ lately?). >> >>2) Many ISPs who provide broadband set up some level of firewalling at >> their routers, both to save themselves from users who do >> clue-challenged activities (see #1) as well as users who set up their >> home machines as porn download sites, etc. >> >>Now, this having been said, personal firewalls aren't completely useless. >>If you are downloading random games, etc. off the 'net, a personal >>firewall, in conjunction with a good piece of antivirus software, will do >>a lot to protect you from your own carelessless. >> >>Another thing to look at is what exactly your firewall is denying. For >>instance, if you are seeing deny messages to port 80, it means that >>something is looking for a web server which is not on your box. Usually >>these are worms and robots, not human beings. I logged 250 accesses like >>this to my box a few days back. Port 53 accesses are people looking for >>BIND (also not on your box), 21 are searches for an FTP server you don't >>have, and so on. >> >>In summary, there are lots of things to worry about, but this short window >>between boot time and the firewall coming up is probably very low on that >>list. >> >>Happy trails! >> >>Jeremy >> >> >> >> >> > >. > > >
