Re: new to firewalls




"Tom W." <not@xxxxxxxx> wrote in message news:urdch319p41isa5oip0bmcn0hpq10g18fj@xxxxxxxxxx
On Wed, 17 Oct 2007 18:53:24 +0200, goarilla <"kevin DOT paulus AT
skynet DOT be"> wrote:

Tom W. wrote:
On Tue, 16 Oct 2007 23:50:31 -0400, "Mr. Arnold" <MR.
Arnold@xxxxxxxxxx> wrote:

snipped for space.



Rebooting the computer seems to have cleared it up.
Thanks for the response.

I suspect that's not the case. Unsolicited inbound traffic which was what
the packet filter was blocking is just everyday noise or traffic on the
Internet. The booting of the computer is not going to clear it up, unless
Comodo was doing false reporting, which can happen with any PFW/personal
packet filter. But most likely, the unsolicited was stopped from whatever on
the other end, because it couldn't get through, and it moved on.

I just turned on the computer this morning adn got this:


Date/Time :2007-10-17 09:39:48Severity :MediumReporter :Network
MonitorDescription: Outbound Policy Violation (Access Denied, Protocol
= IGMP)Protocol:IGMP OutgoingSource: 192.168.1.64 Destination:
224.0.0.22 Reason: Network Control Rule ID = 5

windows media player goes out on 192.168.1.64. I don't know what
it is.

tom

iirc 224.x.x.x is a multicast adress
it seems to me wmp is trying to become part of the multicast group
which could be normal behaviour iirc wmp could try this to accept
multicast packets
for information like MSN today, wmp loads things from the internet like
advertisement, new
bbc clips, ...

i myself wouldn't allow this, but i myself will never use WMP.

Ok...Thanks. I didn't have problems until I let active x and
scripting through on internet explorer. Almost every page
wants to use active x and i gave in and let the browser use it.
When I did I started to get loaded with adware and viruses.


I read your other post about picking up some Trojans. The machine has been compromised. You should consider what is in the link.

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

It's up to you to practice safe hex, like not using IE, if it's a problem for you. Only use IE when a site calls for the use of IE and not using OE or Outlook find alternatives to these solutions that are less susceptible to attack, in your case.

http://www.claymania.com/safe-hex.html

FireFox for the browser and Thunderbird for the email client are (free). FF has the touch and feel of IE but doesn't use ActiveX controls and is a little tighter in its vulnerabilities.

But you should know this. None of this stuff and I mean *NONE* of this stuff is bullet proof. I don't care what O/S, like MS, Linux, Apple, whatever or what applications are running on the platforms as all of it is venerable to attack.

On the MS platform such as XP or other NT classed MS O/S(s), you have to go look from time to time for yourself with other tools. You cannot think that any one solution is providing stop all protection and notification. They cannot do it.

http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html


You should harden or tighten the O/S to attack as much as possible, like if Client for MS Networks and MS File & Print Sharing are enabled on the Network Interface Card or dial-up connection and it's a computer that is connected to the modem, which is a direct connection to the Internet, then those services or features should be removed. The computer has no business or should have no possibility of being in any networking situation while connected to the Internet in this manner - none.

http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

The buck starts with you, the buck stops with you, and what you are or are not doing to protect your situation, with the knowledge you have to do it.

I say it's based upon who is sitting be wheel and is doing the driving.



.



Relevant Pages

  • Re: WMP wont connext to the internet
    ... Does it help/work if you use a physical/wired connection... ... See http://zachd.com/pss/pss.html for some helpful WMP info. ... And, as i wrote, the media center is also having ... another program which needs internet acess to get this running? ...
    (microsoft.public.windowsmedia.player)
  • Re: C00D1197
    ... If you have a high speed internet connection like Cable ... If you can use wmp to stream NASA TV then it is working. ... MSIE (Internet Explorer) and checking your connections are right. ... I tried to change my network settings in options but when I press ...
    (microsoft.public.windowsmedia.player)
  • Re: AD HOC ? Internet OR file and printer sharing but not both?
    ... >> should provide both file sharing and internet service to the laptop. ... >connection via a linksys LNE 100TX fast erthernet adapter through our local ... >file and printer sharing for microsoft networks ...
    (microsoft.public.windowsxp.network_web)
  • Re: Group tries to hold MS responsible for crapware apps and oses
    ... My understanding is that refers to connection sharing on your end, ... >connect to the Internet by MS XP settings and firewall block. ... LACNIC, and AFRINIC are not as convenient to use, but microsoft has more ... networks just to get these 735 thousand addresses in North America alone. ...
    (alt.computer.security)
  • Re: find album info - aol internet connection
    ... a look in Tools - Options in WMP and checked the "connect to the internet ... WMP now picks up info OK. ... Online from the help menu it works, so it's just Find Album Info that doesn't ... The old version of Media Player worked OK with the AOL connection. ...
    (microsoft.public.windowsmedia.player)