Re: Dialup Security: Is this a known problem?
From: sponge (yosponge_at_yahoo.com)
Date: 12/28/03
- Next message: korbendallis: "Re: After my PC has been idle, free Zone Alarm seems to time-out and I have to restart the PC to connect to the Internet - Help"
- Previous message: zaa: "befsx41 latest firmware 1.45.3 don't do it"
- In reply to: NeoSadist: "Re: Dialup Security: Is this a known problem?"
- Next in thread: Toshi1873: "Re: Symantec NAV (was Dialup Security: Is this a known problem?)"
- Reply: Toshi1873: "Re: Symantec NAV (was Dialup Security: Is this a known problem?)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Dec 2003 22:04:15 -0800
On Sat, 27 Dec 2003 20:15:46 -0700, NeoSadist <neosad1st@charter.net>
wrote:
>sponge wrote:
>
>> On 27 Dec 2003 20:20:49 GMT, jbwtsn03@aol.com (Jbwtsn03) wrote:
>>
>>
>> Bad news. NIS is crap.
>
>1) I think that all windows and/or personal firewalls pale in
comparison to
>IPTables, so I think you should re-think your response.
Non sequitur: Even if that were true, unless you know of a port for
IPTables to Windows, as much as I'd like to see that, it's irrelevant.
And I don't think the noob (original poster) is quite up to setting up
a Linux proxy with snort_inline.
>2) Even if this is so, then why do all the security magazines keep
rating
>Norton high and McAfee low? Come on, I doubt they'd have reason to
lie.
That means little. I remember a review -- I think last year or this --
comparing various AV. I think it may have been PCMag but don't hold me
to that. McAfee's and Kaspersky had better hit rates, McAfee was
faster than NAV, and both NAI and Kaspersky's had a more cocplete
database. All else was about equal: price, ease of updating, etc. NAV
was a definite third-in-line, going by the numbers. But the editor
gave NAV "Editor's Choice". So, tke magainze reviews with a grain of
salt.
>Even PC Magazine rated NIS and ZA at the top, with NIS taking the
award.
>3) Symantec has been in the security industry much longer also.
Don't kid
>yourself.
NIS has steadily gone downhill. The firewall is rather weak. I'd
definitely give ZA a nod over it, especially for a all-in-one security
package (although, obviously, ZAP doesn't have AV). The only thing NIS
has in it's favor is it's completeness: It addresses firewall,
ad-blocking, AV, and, as of this year, anti-adware/spyware features.
However, NIS doesn't do any of these especially well, except maybe for
AV (and I can tell you some stories of NAV missing things it shouldn't
have), so NIS can lull users into a false sense of security. One
particularly weak feature is the anti-adware/spyware features, which
are pathetic compared with Ad-Aware, SpyBot, etc. Which are free, by
the way.
>> McAfee's is better in many respects but you
>> might be better served by using discreet tools: A firewall (use
>> McAfee's, ZoneAlarm, or Kerio 2.1.5.
>
>(Uh, and even then, a firewall is only as good as its admin.)
"Discrete
>tools"? Uh, what's discrete about a firewall and antivirus?
Definition of discreet:
"Dis*creet"\, a. [Compar. Discreeter; superl. Discreetest.] [F.
discret, L. discretus separated (whence the meaning reserved,
prudent)"...2. Differing; distinct.
Pardon my hardware background, but we often use the term discreet to
refer to separate, usually specific components used to do a job, such
as discreet circuitry. With respect to the current topic, this again
refers to separate, usually specific componets used to do a job. In
this case, a firewall to do the port and IP filtering, HOSTS or
DNSKong to do the domain and the bulk of the ad-blocking, a filtering
proxy to filter out undesirable scripts, images, applets, etc., AV to
scan for virii and trojans, anti-spyware to scan for spyware and
adware.
The problem with NIS-type packages is that many are rather inflexible
and leave a lot to be desired. I've used NIS 2003) and found to be
rather balky and easy to kill too, by removing one or two common
files. Norton's AV database also misses a lot.
>> Use a HOSTS file
>> (http://mvps.org/winhelp2002/hosts.txt, and unZIP it into your
>> \Windows folder for Windows 95, 98, Me, or to your
>> \Windows\System32\Driver\etc folder for Windows NT, 2000, and XP).
>
>I do not recommend screwing around with that file, since it wasn't
really
>meant for that.
DNSKong is better, but I don't want to overwhelm the OP. And even
though it wasn't "meant for that", it is very effective at blocking
unwanted domains. The OP is obviously a noob (based on his autmatic
assumption that he is being hacked because his modem connects at
different speeds). HOSTS is easy for a noob. Maybe after he gained a
little experience would be the time to introduce him into proxies,
encryption, tripwire-type integrity checking, etc.
>> The
>> third thing to do is use ANY browser and email program other than
>> Internet Explorer and Outlook.
>
>Uh, no, don't bail out on them just because you don't know how to use
them.
>However, I will admit that there are better web clients and/or email
>clients out there. I use Konqueror and Kmail.
No, you shouldn't bail out on a program for that reason. I do know how
to use them. You need to bail out on them because they are full of
holes and security flaws, some of which are considered "features". It
is not worth the time and trouble to harden IE and OE, and all
hardening doesn't address many if not most of the myriad of
less-well-known-but-serious flaws, not to mention new ones discovered
weekly and sometimes daily. Heck, Microsoft hasn't even fixed the
%00/%01 bug yet. And it's not like you can patch that flaw with some
registry entries or by disabling Active Scripting.
>> If you want more details visit my site
>> in my sig, below, which covers all this. A fourth to do is download
>> and run Ad-Aware and SpyBot (both, make sure to run their built-in
>> Update features after downloading, and scan your system. Make sure
>> you've allowed them to remove any flagged parasites.)
>
>Sad that one must do so to keep the windows OS safe. However, once
someone
>learns where to look for such things, both in the registry and on the
hard
>drive, those programs aren't necessary.
Poking around for several thousand possible entries in the registry
doesn't make much sense when others have already done the work to find
the malware, does it? If one wants to spend several weeks properly
securing their system, I suppose that's a doable approach, but not
very realistic.
>>
>>
>> Nothing. Thst's common with AOL. You local AOL node is probably
>> throttling connections to a certain speed so divide bandwidth
equally
>> among customers. Consider, also, that at this time of year, you
have a
>> lot of people shopping online, a lot of kids home from college who
>> have to use mom or dad's AOL instead of their campus network
>> connection, etc.
>
>That, and AOL just sucks, both my opinion and that of most user-based
>surveys. Also, AOL claims to be "unhackable", but last time I heard
they
>train their parrots to say this, then put them on the phone support
lines.
Agreed.
>>
>>
>> Ok, so stick with that. AOL software is, well, pretty crappy.
>
>That, and some firewalls don't know how to work with AOL, since it's
not
>over a standard adapter (i.e. not using the dialup adapter, but the
custom
>aol adapter, which further makes AOL suck).
>
>> Frankly,
>> I think you'd be vastly better off with another ISP (besides
>> Earthlink).
>
>I agree.
>
>> Just make sure if you do use another ISP, not to install
>> any software they provide.
>
>Why not, if it's free? Also, why not, if they support it? I don't
know if
>earthlink supports the software they provide, but I still suggest
>installing it (i.e. if it's firewall or antivirus, not the stupid
"connect
>me" software).
A lot of ISP software contains spyware, adware, and other foistware.
Earthlink's pop-up blocker is one such example, but broadband ISPs are
even worse. I just got done dealing with a user who had Bellsouth put
Broadjump on his system; aside from the privacy invasion and data
leakage, stuff like this can also eat bandwidth.
>> If you go with a dial-up ISP, you can use
>> your operating systems "New Connection Wizard" to set everything
up,
>> and you then start your browser or email program and do what you
want.
>> If you get cable or DSL, you normally do not have to do anything to
>> connect - just make sure your firewall always runs at startup.
>>
>>>I'm sure that there's a program on my drive that allows him to see
>> the desktop
>>>and do whatever he wants, and nothing I've used so far can find
>> anything wrong!
>
>Previous poster: are you smoking crack? I know that trojans can
allow this,
>but until you know for sure, don't get all dramatic about stuff.
Don't sweat it. He's a noob. He'll learn, someday.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Next message: korbendallis: "Re: After my PC has been idle, free Zone Alarm seems to time-out and I have to restart the PC to connect to the Internet - Help"
- Previous message: zaa: "befsx41 latest firmware 1.45.3 don't do it"
- In reply to: NeoSadist: "Re: Dialup Security: Is this a known problem?"
- Next in thread: Toshi1873: "Re: Symantec NAV (was Dialup Security: Is this a known problem?)"
- Reply: Toshi1873: "Re: Symantec NAV (was Dialup Security: Is this a known problem?)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
