Re: Prevent determined intrusion attacks ?

From: Sidhe (siduhe_at_netscape.net)
Date: 11/19/03 

Date: 18 Nov 2003 16:59:54 -0800

Thanks Carl, much appreciated.

Sounds like that would be within my grasp / price range. Appreciate
from a quick search that there's lots of info in the groups as to how
to set up a router, but is there any simple step-by-step guide you
would recommend ?

Regards

sid

Carl Holtje <cwh0803@cs.rit.edu> wrote in message news:<3fba1ab0$1@buckaroo.cs.rit.edu>...
> The *first* thing I would do is put myself behind a hardware firewall..
> the Linksys (blatant product endorsement here) routers are the best I've
> used...
>
> You need something that blocks connection attempts, not just
> connections... the hardware device will take care of this for you, and
> then you *almost* don't even need to run anything on your computer...
>
> Additionally, it will be the firewall that gets your ADSL IP address;
> your computer will have an IP address like 192.168.1.2 or something...
> this further prevents connections as they will not be able to connect to
> 192.168......, only your ADSL IP...
>
> If you ensure all ports are closed (ie, not forwarding any connections
> from the router), you're pretty safe...
>
> FYI, the linksys boxes are router/switch/firewall all in one, so you can
> later add systems or whatnot... Look around; these devices are pretty
> common so they're not terribly pricey any more...
>
> As for your 5 minute delay; that's about right.. more than likely,
> you're part of a net-wide scan and not being targeted directly...
> they're just looking for someplace to get in...
>
> Hope it helps..
>
> Carl
>
> Sidhe wrote:
> > Hi, bit of a newbie question, but I've had a good search on the groups
> > and can't find anything directly on point.
> >
> > I run a personal computer, Windows XP, use Windows Update
> > (reluctantly) with Norton Internet Security 2003 installed and
> > updated. I have a broadband ADSL connection. As you will know, NIS
> > detects and records instrusion attempts and provides a record of the
> > IP address which probed your system.
> >
> > In the last four or five days I been getting very frequent attacks
> > from one source. It's a dynamic IP, based in Israel (although the
> > address could be "borrowed") and keeps changing (to get around the
> > fact that NIS blocks any particular IP address which triggers an
> > alert). I believe it's actually targetting me, rather than being a
> > random sweep, because I get my first alert within 30 seconds of
> > logging on, and then consistent alerts every 5 minutes or so - similar
> > but not identical IP address.
> >
> > NIS tells me it's blocking the attempts, but, of course, no system is
> > perfect. I also noticed when I logged onto my e:mail this morning,
> > that Outlook appeared to send an e:mail when I hadn't drafted one, and
> > when I checked Sent Items there was nothing there. I'm guessing this
> > means I may have already been hacked. There's nothing special on my
> > computer, just the usual amount of personal information which I would
> > prefer to keep to myself !
> >
> > Does anyone have any ideas what a reasonably computer literate (but no
> > specialist) person can do to deal with this kind of determined attack
> > ? I've resorted to unplugging my modem, but wondered if there is a
> > better way.
>
> --
>
> "There are 10 types of people in the world: Those who understand binary
> and those that don't."
>
> $>whoami: Carl Holtje
> $>mail holtje: cwh0803@cs.rit.edu
> $>cu: http://www.cs.rit.edu/~cwh0803
> $>whois holtje:
>
> System Administrator Group
> Computer Science Department
> Rochester Institute of Technology
>
> $>

Relevant Pages

  • Re: windows xp home edition taking ages to boot up
    ... Glen I don't know what the Live Communication Server 2005 is let alone how to ... that I can't use the router off a usb lead anyway. ... that in network connections you have 1 local area connection is that right. ... Are all the latest Windows ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Networking/Security Question...
    ... The router itself will be a Cisco 1721. ... >setup is very simple... ... XP sp2 having the firewall on by default. ... > # but deny established connections that don't have a dynamic rule. ...
    (freebsd-net)
  • Re: Cant connect to 2003 server from XP after bridging NICS
    ... Before I bridged the Nics I could open a share on the ... Since you have a router, you should not need ICS (routers that provide ... generally do Network Address Translation as well). ... Open Network Connections. ...
    (microsoft.public.windows.server.general)
  • Re: Wireless sheddies to the bridge please
    ... nor the modem are mine, ... nicely, or something, such that the connections appear ... Manually scaling back the MTU on my ... I does sound a tad complicated, but I can look for it in router. ...
    (uk.rec.sheds)
  • Solved! Re: USB Router? - Re: Ping pmj
    ... attached to a USB port. ... USB Connections can sometimes be a bit ... What sort of Router is it? ... Sounds like it may be a BT Voyager - which *is* an ADSL Modem ...
    (uk.people.silversurfers)