Re: new to firewalls
- From: "Mr. Arnold" <MR. Arnold@xxxxxxxxxx>
- Date: Wed, 17 Oct 2007 20:41:39 -0400
"Tom W." <not@xxxxxxxx> wrote in message news:urdch319p41isa5oip0bmcn0hpq10g18fj@xxxxxxxxxx
On Wed, 17 Oct 2007 18:53:24 +0200, goarilla <"kevin DOT paulus AT
skynet DOT be"> wrote:
Tom W. wrote:On Tue, 16 Oct 2007 23:50:31 -0400, "Mr. Arnold" <MR.iirc 224.x.x.x is a multicast adress
snipped for space.I suspect that's not the case. Unsolicited inbound traffic which was whatRebooting the computer seems to have cleared it up.
Thanks for the response.
the packet filter was blocking is just everyday noise or traffic on the
Internet. The booting of the computer is not going to clear it up, unless
Comodo was doing false reporting, which can happen with any PFW/personal
packet filter. But most likely, the unsolicited was stopped from whatever on
the other end, because it couldn't get through, and it moved on.
I just turned on the computer this morning adn got this:
Date/Time :2007-10-17 09:39:48Severity :MediumReporter :Network
MonitorDescription: Outbound Policy Violation (Access Denied, Protocol
= IGMP)Protocol:IGMP OutgoingSource: 192.168.1.64 Destination:
188.8.131.52 Reason: Network Control Rule ID = 5
windows media player goes out on 192.168.1.64. I don't know what
it seems to me wmp is trying to become part of the multicast group
which could be normal behaviour iirc wmp could try this to accept
for information like MSN today, wmp loads things from the internet like
bbc clips, ...
i myself wouldn't allow this, but i myself will never use WMP.
Ok...Thanks. I didn't have problems until I let active x and
scripting through on internet explorer. Almost every page
wants to use active x and i gave in and let the browser use it.
When I did I started to get loaded with adware and viruses.
I read your other post about picking up some Trojans. The machine has been compromised. You should consider what is in the link.
It's up to you to practice safe hex, like not using IE, if it's a problem for you. Only use IE when a site calls for the use of IE and not using OE or Outlook find alternatives to these solutions that are less susceptible to attack, in your case.
FireFox for the browser and Thunderbird for the email client are (free). FF has the touch and feel of IE but doesn't use ActiveX controls and is a little tighter in its vulnerabilities.
But you should know this. None of this stuff and I mean *NONE* of this stuff is bullet proof. I don't care what O/S, like MS, Linux, Apple, whatever or what applications are running on the platforms as all of it is venerable to attack.
On the MS platform such as XP or other NT classed MS O/S(s), you have to go look from time to time for yourself with other tools. You cannot think that any one solution is providing stop all protection and notification. They cannot do it.
You should harden or tighten the O/S to attack as much as possible, like if Client for MS Networks and MS File & Print Sharing are enabled on the Network Interface Card or dial-up connection and it's a computer that is connected to the modem, which is a direct connection to the Internet, then those services or features should be removed. The computer has no business or should have no possibility of being in any networking situation while connected to the Internet in this manner - none.
The buck starts with you, the buck stops with you, and what you are or are not doing to protect your situation, with the knowledge you have to do it.
I say it's based upon who is sitting be wheel and is doing the driving.
- Prev by Date: Re: Leaving computers on after work?
- Next by Date: Small Office Firewall Options
- Previous by thread: Re: new to firewalls
- Next by thread: Re: new to firewalls