dslreports logo

    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»


how-to block ads

6. Security

Short answer: probably not. Longer answer.. probably not because you are one of millions of computers and there are not enough hackers to go around. Anyway, any spare ones are not interested in your digital family photo album or excel expense worksheets... but they could get to your files if you don't care to learn about security.

You should check the The Security FAQ of this site for more information on security, and how to secure your home computer.

NAT offers good security, because by its nature it does not allow incoming connections, it is for sharing an IP address amongst several computers for outgoing purposes only.

Apart from NAT, basic security is to have a router with firewall features, that only allows in what you decide to allow in. Your DSL connection options usually include the choice of a router. Although not strictly speaking a full firewall, a router is the first line of defense against intruders. With the modern router, setup correctly and refusing to route any requests by outside IP addresses for inside resources, things are a little tough for the hacker. However, you may want to open things up a little more, for example to allow yourself to telnet into your own computer from other places, run an FTP service, or your own web server. In this case, you need to look carefully at (a) the security setup for anything that is "public", (b) encrypting any files you really care about, and (c) avoiding transmission of any passwords in plaintext form.

If you are doing anything serious with your DSL connected equipment, it is also a good idea to look at getting or writing some kind of small monitoring system that will play cop inside your own network.. like a ignition cutout on a car, these can be simple, yet very unobtrusive.

Feedback received on this FAQ entry:
  • The last statistics I read were that you can expect a probe about every 15 minutes on average. http://isc.sans.org/survivaltime.html Your computer could be infected with a virus, or could start sending spam. That's why you need a firewall and/or a router.

    2009-04-02 12:14:36

edited by KeysCapt See Profile
last modified: 2007-12-08 16:00:09

The first thing is to delete the default usernames and passwords.

Next you can and should change your root username to something other than "root". It's also a good idea not to always log in under and use the root identity.

If you work in an office you should always engage a screen lock or go to the log-in screen so your co-workers can't edit your files while you're away.

If you're at home you might choose not to give root passwords to your children.

You should also look at your logs frequently to make sure hackers aren't attacking your system and forgetting to clear their entries in the log.

You could install a hardware firewall or just a router so you won't have a public IP address.

Finally you could install a NAT box.

For more information on this and other *nix matters, see the All Things Unix forum.

by gameboyrom See Profile edited by fatness See Profile
last modified: 2004-10-14 06:53:00

Unlike cable modems, your DSL is totally private, up to your ISP. It is possible that your ISP can monitor your use of the web, but no more likely than if you use a dialup modem. Note: this does not mean you cannot be hacked by someone else on the internet, it just means that you have a separate line from you to your ISP, so no local neighbors can listen to your data.

Feedback received on this FAQ entry:
  • hi, there is any possibility that someone can hack to my system if they have access to thee phone line? cytnetinc@gmail.com

    2009-05-06 17:46:30

www.dslreports.com/security, is a large section that deals with security issues and products for Cable/DSL connected visitors.

"Good fences make good neighbors." With your new broadband (DSL or cable) connection, your computer is potentially visible to others on the internet every moment it has power applied to it.

The general concensus is that cable users are more vulnerable than DSL subscribers. But no one without a firewall is without risk.

A good firewall makes your computer invisible, or at least less visible, to others on the internet. There are other users that will try to probe your machine looking for ways to see what is on your computer's hard drive. Some may only be curious, but others may be trying to be very malicious - even to the point of erasing files on your system. They could potentially gain access to your passwords and other private information you may have stored in files on the computer.

You may ask 'which is the best firewall'. There are special setups that actually involve hardware and these hardware firewalls are considered the best choice. The down side of the hardware solution is cost. Many users therefore choose to install a software firewall. These have the advantages of low cost and easy setup. Which solution is best for you is a question you have to answer for yourself.

The most common windows firewall right now is ZoneAlarm, although there are many others. Check Security pages for more details.

by 2kmaro See Profile

You must determine what the alerts are trying to tell you and make your decision based on that. The answers are different for alerts on outbound traffic than for alerts on inbound communications. Each alert is almost a unique situation by itself. When you have specific questions about specific alerts quite often you will find an answer on the Security forum here at DSLReports. When in doubt, deny the connection, if possible, until you can find out just what it is all about. Better safe than sorry!

by 2kmaro See Profile

You can use Probe Shield in the Tools section to determine if you are protected or if you have any holes in your security system.

Properly set up, most personal software firewalls provide a good level of protection. Unfortunately, in December, 2000 the Gibson Research Center released a test program called LeakTest that showed vulnerabilities in most major software firewall programs. Norton Personal Firewall was one of those. The only major software firewall to not fail the LeakTest testing was ZoneAlarm. It should be noted that Symantec immediately began making changes to their Norton line of firewalls to patch the holes found by LeakTest. As of this writing, those changes had not been implemented or released. (When this situation changes, if someone will Instant Message a moderator, this comment will be edited to remove this notice).

by 2kmaro See Profile

ZoneAlarm is a very worthwhile software firewall program. It is most definitely not spyware. ZoneAlarm has won high praise from both the several million people and companies that use it and from several industry publications. In December, 2000 the Gibson Research Center released a simple test program called LeakTest that showed vulnerabilities in several other major software firewall products, but which ZoneAlarm was not vulnerable to. ZoneAlarm is simple to install, use, maintain and for personal or non-profit organization use it is free.

Feedback received on this FAQ entry:
  • I have used the Zonealarm Firewall for a long time now. I do think it works great with anti-virus, and I think that it makes my computer more secure.

    2011-01-07 23:32:53 (DyllanTodd82 See Profile)

  • I have used the Zonealarm Firewall for a long time now. I do think it works great with anti-virus, and I think that it makes my computer more secure.

    2011-01-07 23:29:54 (DyllanTodd82 See Profile)

by 2kmaro See Profile

The word Trojan comes from the classic Trojan Horse in Homer's Iliad. In this story the Greek left behind a large wooden horse outside the city of Troy and sailed off. The citizens brought the wooden horse into town. The horse contained Greek warriors, who then jumped out, killed a bunch of people, and opened the city gates, letting in the rest of the Greek army who had been hiding.

A Trojan generally is not by definition a virus and unlike common belief they do not spread to other programs and other computers like a virus either. However they are one of the leading causes of computer breakings. They can also contain a virus within them.

Trojans are generally programs that pose as a legitimate program on your computer and add a subversive functionality to it. That's when it's said a program is Trojaned. For example a Trojaned login program can be written so it accepts certain passwords for any user's account to give the intruder access to your computer. A commonly used program called Toolkits is actually a suite of several Trojans that can be put on a Unix machine by an intruder. It contains a password sniffer, a backdoor program to let the hacker back in to the machine at any time, replacement binaries for common programs and finally a log cleaner to cover its trace.

Trojans can contain a virus, a password grabber or they can be a RAT (Remote Access Trojan) that is designed to allow remote control over your system. Some Trojans contain built in scanners that automatically scan the Network from your computer, looking for another copies of themselves. The most commonly used Trojan is The Sub 7 Trojan. What makes it common and dangerous is the fact that unlike other Trojans that are written once and forgotten, Sub seven's author provides constant improvements and new versions for his Trojan. This Trojan can be really destructive or just annoying.

Remote access Trojans such as Sub 7 consist of two parts. One part that resides on the victim's computer and the Control module that resides on the Intruder's machine. Using the control interface the intruder can take control of your computer, flip your background picture, Speak out of your speakers, reboot your computer or do serious damage to your machine and do pretty much whatever he or she chooses.

by Wildcatboy See Profile edited by DrTCP See Profile

In most cases people are infected by Trojans as a result of opening an email attachment, transferring files over the ICQ and similar services, or by opening binary messages on Newsgroups . They can also be transferred using ActiveX or Java programming but this is not a common method. By having a current Anti Virus program that detects Trojans and a good firewall such as Zone Alarm that prevents outgoing calls you can be relatively safe both from being infected and from being accessed by the Intruder if you are already infected.

by Wildcatboy See Profile edited by DrTCP See Profile

Hard question to answer. There are several kinds of Trojans and each do a different thing. Always look for strange behaviours by your computer. It's a good idea to be pro active and every once in a while look at all the programs that are running in the background and look for strange or unfamiliar program names. It is also helpful to always look for listening ports on your machine. You can do this by typing Netstat -an in a command prompt (DOS) session. Look for ports that are marked " listening " and compare those port numbers with several Suspected Trojan port lists available on the Internet or seek help from other DSLR members in identifying the purpose of those ports.

by Wildcatboy See Profile edited by DrTCP See Profile

There are several kinds of Trojans and each may have a different effect on your machine. Trojans are mostly recognized by most up do date virus scanners, however once the Trojan is executed, it will make several changes to your registry and configuration which are not easily detected by virus scanners and can't be cleaned automatically. By identifying the class of the Trojan you are infected with and visiting the web site of your favourite Virus Scanner, you can find step by step instruction as how to clean your registry entries and other configuration changes made to your machine. however some Trojans can't be cleaned with anything less than a clean format. So remember being pro active and running a good virus scanner and firewall would always be an easier task than cleaning a virus or Trojan.

by Wildcatboy See Profile edited by DrTCP See Profile

One, get yourself an AntiVirus package.

If you don't have the money to get yourself one, you can go to http://housecall.antivirus.com/ and use their free online virus scanner.

If it doesn't find one and you still think that you have one on your system, download The Cleaner and scan your system with it.

by trparky See Profile edited by DrTCP See Profile

Where possible, no ports should be left open.
Open ports on an as-needed basis, perhaps for games, IRC, ICQ, streaming video, web server etc. If you have no idea why you should open a port, and have no problem to solved, then no ports need opening.

Feedback received on this FAQ entry:
  • Ideally on IPv4 at least UDP port range 33434-33464 should be open, and on IPv6 UDP port range 33434-33494 to allow traceroute to function. By default the unix traceroute will use UDP instead of ICMP, and starts at port 33434, incrementing each packet by one port, therefore this range allows 30 hops over IPv4 and 60 hops on IPv6.

    2013-05-20 09:10:34

by diaphanous See Profile

Maybe, some ISPs don't even have privacy agreements. These broadband ISPs (mostly cable modem vendors) have been known to sell detailed information about their users, including name, address, and lists of URLs visited.

Even if your ISP does have a privacy agreement, they may still sell detailed information as long as it doesn't contain identifying information such as your name and phone number.

by diaphanous See Profile edited by DrTCP See Profile

None. It is up to the enduser to supply that security.

by yahtzee See Profile edited by DrTCP See Profile

If security or other tests report that you are unpingable, the reason is most likely a setting in either your firewall or, if you have one, your router. You will need to determine where the signal is being intentionally dropped and make the changes there. The best way to get help in this process is:
If you have a firewall, visit the DSLR Security forum.
If you have a router, visit one of the equipment forums dealing with your brand of router.

by 2kmaro See Profile

Basically a dummy DMZ is a fake non-existent LAN IP placed in a router's demilitarized zone. Some people have used this technique to send all unwanted traffic from the WAN (internet) side of a router into "nothing". Most people use this to give stealth results when security scans are run. It can also be used to make you stealth while also being pingable.

by JrC384k See Profile edited by 2kmaro See Profile

Yes there is a very large difference.

An IDS (Intrusion Detection System) may only detect and warn you of a violation of your privacy. Although most block major attacks, some probes or other attacks may just be noted and allowed through. An example of an IDS is Black Ice.

A good firewall will block almost all attacks unless specified otherwise or designed otherwise. The only problem is, the firewall might not warn you of the attacks and may just block them. An example of a firewall is ZoneAlarm.

It may be a good idea to have both an IDS and a Firewall, because the IDS will warn you and then the firewall will block the attack. Some Firewall/IDS's are combined into one internet security program, for example Norton Internet Security. This is a very well designed combination of both a firewall and IDS.

by KeysCapt See Profile
last modified: 2003-02-18 19:21:54

Also read About DSL for lots more information