 navalpatel
join:2003-07-28
Lubbock, TX
1 edit | They deserve it... There is no excuse for not running a firewall anymore. Consumers have been warned enough and it is getting on my last nerve. There are plenty of firewalls which are free; they may not be the greatest, but they get the job done. | |
|
 | |
| | |
| | | 
ArchAngel21x
MacFan Pro
Premium
join:2001-10-28
Lincoln, NE
1 edit | Re: They deserve it... NAT is not a firewall. | |
|
| | | | raythompsontn
join:2001-01-11
Oliver Springs, TN | Re: They deserve it... But it does hide your IP address from the outside world and in most cases that is enough. | |
|
| | | | | |
| | | | | | raythompsontn
join:2001-01-11
Oliver Springs, TN | Re: They deserve it... And how is that true? I have a non-routable IP address of 192.168.1.101. Now you tell me, how you are going to get to that IP address from your computer?
The IP address the world sees is the address of the router, not of the computer. | |
|
| | | | | | | 
MxxCon
join:1999-11-19
Brooklyn, NY
clubs:  
| Re: They deserve it... said by raythompsontn  :And how is that true? I have a non-routable IP address of 192.168.1.101. Now you tell me, how you are going to get to that IP address from your computer? The IP address the world sees is the address of the router, not of the computer. but your router is in DMZ mode, so anything going to your internet address will automatically go to 192.168.1.101
--
[Sig removed by Administrator: Signature can not exceed 20GB] | |
|
| | | | | | | | BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
 ·Comcast
| Re: They deserve it... said by MxxCon : said by raythompsontn :And how is that true? I have a non-routable IP address of 192.168.1.101. Now you tell me, how you are going to get to that IP address from your computer? The IP address the world sees is the address of the router, not of the computer. but your router is in DMZ mode, so anything going to your internet address will automatically go to 192.168.1.101 Huh ? This new revolutionary thing is ground breaking.
I mean wow a router that defaults that ip to the dmz. Ah no internal ip is visible to the outside world unless the router is set to forward packets to that ip on the internal side.
NAT think about the name and how it works. Address translation.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
|
| | | | | | | | raythompsontn
join:2001-01-11
Oliver Springs, TN
| Well, with that kind of wisdom it is hard to argue. A Forest Gump response (stupid is as stupid does) if I ever saw one.
If you truly believe that you are correct then you have my sympathy and I hope that you are never tasked to setup a network of even a single computer. | |
|
| | | | | | | | |
MxxCon
join:1999-11-19
Brooklyn, NY
clubs:
| Re: They deserve it... said by raythompsontn :Well, with that kind of wisdom it is hard to argue. A Forest Gump response (stupid is as stupid does) if I ever saw one. If you truly believe that you are correct then you have my sympathy and I hope that you are never tasked to setup a network of even a single computer. ah, nice. we switched to personal attacks good, good what's next? 'yo mama' or 'ghey' remarks?
i've setup more than enough networks to know that i'm 100% correct. and i dare you to prove me wrong.
--
[Sig removed by Administrator: Signature can not exceed 20GB] | |
|
| | | | | | | | | 
sivran
Long Live The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
·RoadRunner Cable
| Re: They deserve it... Prove yourself right.
Show me a single home router that, by default, forwards everything.
In fact, show me a router which, upon receiving a packet that it cannot determine that packet's destination, will forward that packet onto the LAN in the absence of a pre-configured default route or an access list. Say its LAN interface is a.b.c.d and it receives a packet addressed to the wan interface (w.x.y.z), but for which no rules exist. The router has no idea who it's for and that packet's headed for the bit bucket.
The fact you complain of your firewall complaining about the slightest activity only tells me you didn't even put any effort into configuring it.
--
TCPA - Treacherous Computing
Kerio 2.1.5 - Best damn firewall
Licenses should be per user, Ditch Norton! Get F-Prot! | |
|
| | | | | | | | | raythompsontn
join:2001-01-11
Oliver Springs, TN
| said by MxxCon : said by raythompsontn :Well, with that kind of wisdom it is hard to argue. A Forest Gump response (stupid is as stupid does) if I ever saw one. If you truly believe that you are correct then you have my sympathy and I hope that you are never tasked to setup a network of even a single computer. ah, nice. we switched to personal attacks good, good what's next? 'yo mama' or 'ghey' remarks? i've setup more than enough networks to know that i'm 100% correct. and i dare you to prove me wrong. OK. I want to to try and ping my system at 192.168.1.101. Did you get a response? What was that response?
Explain to me how the net routes "non-routable" IP address requests?
The router is "NOT" in the DMZ. The router is what is connected to the outside world, the WAN. All IP addresses on the LAN side of the router are not accessable from the WAN side in an unsolicited request. You CANNOT reach any computer as you cannot get to the IP address.
Only if you place a computer in the DMZ, in which case all unsolicited requests will get routed to that computer. And that is a very bad idea as that opens a hole in your network.
If you have set up "more than enough networks" with the kind of knowledge that you are presenting, then you need to go back to school and get the basics.
So, again, try and ping my computer at 192.168.1.101. You should see more than one hop otherwise you are simply seeing your computers. Better yet, I have another computer with an IP address of 192.168.1.50. You are free to try and ping that computer also.
You dared, I answered. | |
|
| | | | | | | | | |
| | | | | | | | | raythompsontn
join:2001-01-11
Oliver Springs, TN
| Re: They deserve it... said by MxxCon :people are you freaking retards or intentionally read only what suits you?! if your computer's LAN ip is 192.168.1.111 or anything else in the ranges 10.0.0.0 through 10.255.255.255 or 172.16.0.0 through 172.31.255.255 or 192.168.0.0 through 192.168.255.255and you DMZ that ip, incoming connections are automatically forwarded to that ip. and if you say otherwise you should shove your head even further up your ass so you can see the light from the other end. Who said anything about placing any of those IP addresses within the DMZ? And if I have 20 computers behind the router which computer gets the request? All of them? The first address?
A DMZ is something that YOU have to configure in the router and it goes to a specific "NON ROUTABLE" address in the LAN. The WAN has nothing to do with that.
If DMZ is NOT enabled then unsolicited requests, such as port probes from viruses, go nowhere as there is nowhere to go. If you probe port 19 on my router you get nothing, no response, zilch, it does not exist.
You still have not answered YOUR DARE. Ping any of my machines (IP range 192.168.1.50 through 192.168.1.200) and see if you get a response. A response from any manchine on any port.
When you can do that then maybe one can see the light at the end of their orifice. | |
|
| | | | | | | | |
MxxCon
join:1999-11-19
Brooklyn, NY
clubs:
| Re: They deserve it... said by raythompsontn :Who said anything about placing any of those IP addresses within the DMZ? [rest of the post snipped because it's pointless] I AM TALKING ABOUT DMZ!
scroll up and READ!
--
[Sig removed by Administrator: Signature can not exceed 20GB] | |
|
| | | | | | | | | raythompsontn
join:2001-01-11
Oliver Springs, TN
1 edit | Re: They deserve it... said by MxxCon : said by raythompsontn :Who said anything about placing any of those IP addresses within the DMZ? [rest of the post snipped because it's pointless] I AM TALKING ABOUT DMZ! scroll up and READ! You said "but your router is in the DMZ mode so anything going to your internet address will automatically go to 192.168.1.101"
I never said anything about DMZ. And there is NO automatic routing to a specific IP address such as 192.168.1.101. You have to configure the router to place a computer in the DMZ.
And for your information my router is not in DMZ mode and in fact has DMZ turned off.
You indicated you could get to my computer, DARE I believe was your term. The challenge is still on. I have yet to see you get to my computers behind my router. I have no firewall, just NAT. Yet you will not be able to get to my computers simply because of NAT. My IP address on my system is not routable and that provides a fair measure of protection.
If you are placing computers in the DMZ when you set up your "many" networks, then you have simply defeated one of the primary security reasons for using NAT. That shows a considerable ignorance of how NAT works and you have done those that you set up networks a considerable disservice.
To put it in your words "scroll up and read!" | |
|
| | | | | | | | 
Gomez
Been drinking brew for breakfast?
Premium,Mod
join:2001-02-21
Atlanta, GA
clubs:
 ·Speakeasy
Host:
Pub Games
It is the economy,..
Clearwire
| said by MxxCon :but your router is in DMZ mode, so anything going to your internet address will automatically go to 192.168.1.101 Simply not true.
I'm on 192.168.0.70, then again three other boxes or on .2 .3. and .4. Should NAT automatically route, which box will it pick? Typically, most NAT routers can support a DMZ host, if configured as such (Not the default). Otherwise packets are dropped unless a) there is a forwarding rule, b) there is a TCP connection established on the NAT'ed port, and the sequence is sane.
--
"Perhaps the best way to decide whether or to surf a given wave is to talk a frind into trying it first. That way you can see what would have happened to you had you not been so creatively empirical" -- William Neally "Whitewater Home Companion" | |
|
| | | | | |
| | | | | | 
ppcpunk
join:2001-02-11
Davenport, IA | Re: They deserve it... The point was in most cases it is enough.
I'd like you to list some of these things you don't think it isn't enough for since you seem to think other wise. | |
|
| | | | | | | 
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by ppcpunk :I'd like you to list some of these things you don't think it isn't enough for since you seem to think other wise. What the heck? I can't even understand what you're trying to say.
Either way, you made a statement that was untrue.
said by you:
But it [a NAT router] does hide your IP address from the outside world and in most cases that is enough. Nothing will hide your public IP, since it is precisely that.
As for hiding your internal IP? Nobody's debating that. Whoopity do.
--
Touch a thistle timidly, and it pricks you; grasp it boldly, and its spines crumble. -William S. Halsey
Kazaa Is Spyware. Gator / Claria Is Spyware.
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 1186 | |
|
| | | | | | | |
ppcpunk
join:2001-02-11
Davenport, IA
| Re: They deserve it... Well to start off I find it amazing you say you don't understand what I was trying to say yet you can some how tell that I made an untrue statement, but whatever.
You said
"It'll hide your private, non routable IP, but nothing beyond that.
TCP/IP still requires your public IP for everything.
Hiding your internal IP isn't going to help you didly squat. I'm not sure what point you're trying to make."
I want to know how it won't help didly squat.
That's the point that has been trying to have been made. | |
|
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by ppcpunk :That's the point that has been trying to have been made. Um... Yeah.
Sure...  :D:D | |
|
| | | | | | | | |
ppcpunk
join:2001-02-11
Davenport, IA | Re: They deserve it... Oh is that shorthand for "I don't know what I am talking about"? | |
|
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
2 edits | Re: They deserve it... said by ppcpunk :Oh is that shorthand for "I don't know what I am talking about"? No, that's english for "I don't understand what you're trying to say".
I think we simply misunderstood each other. | |
|
| | | | | | | | |
ppcpunk
join:2001-02-11
Davenport, IA
| Re: They deserve it... Ok well to make it really simple
You said -
"reply to raythompsontn
------------------------------------------------------------
said by raythompsontn :
But it does hide your IP address from the outside world and in most cases that is enough.
------------------------------------------------------------
It'll hide your private, non routable IP, but nothing beyond that.
TCP/IP still requires your public IP for everything.
Hiding your internal IP isn't going to help you didly squat. I'm not sure what point you're trying to make. "
The point is - "hiding" your internal ip as you put it will help didly squat.
You obviously disagree - I want to know why you think that. | |
|
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by ppcpunk :The point is - "hiding" your internal ip as you put it will help didly squat. You obviously disagree - I want to know why you think that. I disagree in that knowing your internal, private IP address really isn't going to tell you anything.
Heck, mine is 192.168.1.101. OH NOS!!11!! I told you my internal IP. Big deal. 
What matters is whether unrequested traffic can reach the computers that have been assigned those private IP addresses.
You've yet to put forward any evidence supporting what malicious things can be done once you know (OH NOS) my private IP address.
--
Touch a thistle timidly, and it pricks you; grasp it boldly, and its spines crumble. -William S. Halsey
Kazaa Is Spyware. Gator / Claria Is Spyware.
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 1186 | |
|
| | | | | | | | |
ppcpunk
join:2001-02-11
Davenport, IA | Re: They deserve it... Um... duh?
That's the whole point - You are the one who thinks using a router/nat won't do didly squat. | |
|
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by ppcpunk :Um... duh? That's the whole point - You are the one who thinks using a router/nat won't do didly squat. Nope, I never said that. In fact, I believe the exact opposite, a NAT router provides a layer of protection that is dangeroudly lacking from most home networks, a firewall.
This is pointless, you have some issues understanding what people are saying, and trying to verbalize what you want to say.
You said:
But it does hide your IP address from the outside world and in most cases that is enough. That's what you said.
Hiding your internal IP has absolutely nothing to do with whether unrequested outside traffic makes it inside the network.
Hell, forward ports 1-65536 to 192.168.1.255 and see what happens. Your internal IP is still hidden, but now unrequested outside traffic is given carte-blanche to everything on the inside.
--
Touch a thistle timidly, and it pricks you; grasp it boldly, and its spines crumble. -William S. Halsey
Kazaa Is Spyware. Gator / Claria Is Spyware.
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 1186 | |
|
| | | | | | | | | |
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by sivran :Nerdtalker: Not if you have a linky it won't  It won't forward to a broadcast address. I've actually tried it on my BEFSR41 v.2. YMMV with other vendors' routers, commercial-grade routers, and other versions of the BEFSR41. Good to hear
Who would actually forward inbound traffic to the broadcast internal IP address anyways?
--
Touch a thistle timidly, and it pricks you; grasp it boldly, and its spines crumble. -William S. Halsey
Kazaa Is Spyware. Gator / Claria Is Spyware.
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 1186 | |
|
| | | | | | | | |
sivran
Long Live The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
·RoadRunner Cable
| Re: They deserve it... Maybe someone who has um... the World of Warcraft updater running on multiple computers? Yeah, that's it.. stupid crap that doesn't let you choose your own ports...
I imagine that would get somewhat confusing for the remote end with TCP, and perhaps result in incomplete data under UDP. The only application for this that comes to mind is running multiple webservers, each using vhosts and not overlapping each other. The request hits both, but only one responds.
--
TCPA - Treacherous Computing
Kerio 2.1.5 - Best damn firewall
Licenses should be per user, Ditch Norton! Get F-Prot! | |
|
| | | | | | | | |
ppcpunk
join:2001-02-11
Davenport, IA | It was pretty clear to me that "hiding your ip address" was being talked about as if we were talking about a router/nat setup.
The point is most people don't need a firewall - just a good router/nat setup. | |
|
| | | | | | | | |
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: They deserve it... said by ppcpunk :The point is most people don't need a firewall - just a good router/nat setup. I consider "firewall" almost entirely synonymous with NAT router.
But yes, I think it was just unclear. | |
|
| | | | |
| | | | |
ArchAngel21x
MacFan Pro
Premium
join:2001-10-28
Lincoln, NE
·Internet Nebraska
| Re: They deserve it... said by djrobx :Sure it is. NAT provides THE most essential firewall function - blocking unwanted and otherwise unspecified requests from hitting a machine. That fact that you are saying that tells me you do not understand NAT. The purpose of NAT, network address translation, is to give you the option of hooking up more devices to the Internet by translating private IP addresses to one public address and visa versa. It is not to block ports or control access to programs, which is what a firewall does. It is not designed to offer you security. What you are getting is obscurity.
--
Listen to an episode of Savage Nation. Updated 25 Nov 2004. | |
|
| | | | | | 
AthlGrond
Premium,MVM
join:2002-04-25
Aurora, CO | Re: They deserve it... NAT is intended to do both. (Block unsolicited inbound traffic and the ability to hook multiple devices to one routable IP address.)
And it does do both just fine.
--
"I drank what?" -Socrates | |
|
| | | | | | 
DaDogs
Semper Vigilantis
Premium
join:2004-02-28
Deltaville, VA
| said by ArchAngel21x :It is not designed to offer you security. What you are getting is obscurity. No... It is security. It does not matter what it was originally designed to do, what matters is what it actually does.
Scan the ports of a host behind a NAT router that is not in the DMZ and I will agree with you.
Scan the network behind a NAT router and tell me what hosts are there and I will agree with you.
NAT is the single most effective security measure you can do on your network, just behind removing all vestiges of Microsoft software.
It doesn't matter whether you believe NAT offers security, it doesn't matter whether I believe that. It doesn't matter if we both believe it is not a firewall. What matters is what it does and how it is being used.
NAT is used primarily to provide security it is a firewall in that it denies access to hosts behind it.
--
I'd rather chew sand than watch sixty seconds of 60 minutes. | |
|
| | | | | | | rradina
join:2000-08-08
Chesterfield, MO
| Re: They deserve it... There are several forms of NAT that must be considered before the protection argument can begin.
STATIC NAT maps one IP address to another IP address. This type of NAT does NOTHING to prevent traffic of any kind from flowing between the two IP addresses involved in the translation. It simply maps one address to another.
DYNAMIC NAT maps multiple primary IP addresses to a smaller pool of secondary addresses. The mapping is on an as-needed basis. That is, when one client is finished, the map will be torn down and the secondary IP will be returned to the pool. This type of NAT offers some protection since the primary IP is not continuously mapped to the secondary IP. However, when the map is active, it does not prevent any traffic from flowing in either direction.
PORT OVERLOADING or sometimes called PAT (Port Address Translation) involves mapping multiple primary IP addresses to a single secondary IP address. This is the type of NAT that is used by typical consumer routers. This allows multiple computers "behind" the router to use the single "public" IP address provided by the HSI provider. Provided no port forwarding or DMZ features are enabled, this type of NAT provides significant protection because all inbound port requests (from the Internet to the router) are refused unless they are first established by an outbound request. That is, unless an internal computer establishes a socket connection with an outside site on a specific port (an invitation), all inbound traffic is discarded. In simple terms, unless the computer behind the router invites the traffic, the router will discard the traffic.
However, if the DMZ feature is enabled, all uninvited traffic is forwarded to the configured IP address behind the router. This is the same as STATIC NAT except that the router still allows other IP addresses behind it to use the IP for invited traffic (PAT continues to work...)
I think everyone in this thread made somewhat ambiguous but correct statements. | |
|
| | | 
lyls
@tele.dk | when you enable DMZ your router doesnt protect that computer anymore | |
|
| | | | raythompsontn
join:2001-01-11
Oliver Springs, TN
| Re: They deserve it... And that is close to having no router at all. All unsolicited requests get routed to a specific machine. Why would you want to do that?
If you have to play games, then open specific ports to a specific machine. Opening all ports is a recipe for getting attacked. | |
|
| | | | |
lyls
@tele.dk | Re: They deserve it... sometimes its hard to find the port needed so it wont do much harm as long as you disable it after youre done.... just have your OS properly updated etc | |
|
| | |
|
Alain T
@bellsouth.net
| You'd be surprised how many people out there are computer illiterate and don't know what a firewall is let alone safe web surfing. Even worse many are running win 95 or 98 unpatched.
Let's face it, just as people need lawyers, doctors, etc. for their expertise in their fields, average computer users need people who are computer savvy to help them fix things. It will always be that way. | |
|
| |
See 6 replies to this post |
|
| 
Morac
join:2001-08-30
Riverside, NJ
·Comcast
| Many people have no idea what a firewall is, let alone know how to use one. The average person has no clue as to what a good hacker (or even a script kiddie) is capable of and that is what is scary.
Here's a perfect example. I set up my parents new computer over the weekend and installed AV software and firewall software. My parents didn't understand why they needed a firewall software. When I tried to explain it to them I might as well have been speaking Greek. Finally I just said, it made the machine safer and they seemed to accept it though they still had no idea why they really need it. My father also freaked out when I was able to view all his "hidden passwords" using a simple program.
My parent's old computer had been running without firewall software, but fortunately their DSL modem comes with build in NAT so they were running with a private IP and partially safe. Most people aren't so lucky.
Most non-IT people didn't start running AV software until they or a friend had become infected with a virus. Old school viruses were a lot nastier than they are today so when you got a virus you knew it (lost data, formatted machine, nasty messages, etc) and people noticed that. Once bitten, twice shy so they got an AV program.
People don't notice today's worms and spyware and other hacking since they are designed not to be noticed. The hackers don't want the users to know that they have turned the users computer into a zombie otherwise the user with get it fixed. Most people who have been hacked don't even know it and that is why they don't think they need a firewall since they never used one before and have "never been hacked".
--
The Comcast Disney Avatar has been retired. | |
|
| |
lyls
@tele.dk | Re: They don't deserve it i dont see any reason to make the us more scared than what has already been done... just inform them that it is safer i dont see the need to scare people at all.... a patched up box with firefox will work fine for most people | |
|
| | | 
lupinia
Premium
join:2004-08-24
Harrisonburg, VA | Re: They don't deserve it Firefox does nothing to protect you from outside attacks, it's nowhere near a security catch-all, and those who pretend that it is are placing themselves and those they advise on a silver platter for hackers to play with. | |
|
| | | |
lyls
@tele.dk | Re: They don't deserve it noone has said that it did but theres nowhere near the exploits for firefox that there is for IE | |
|
| | | | |
lupinia
Premium
join:2004-08-24
Harrisonburg, VA
| Re: They don't deserve it Bugger off, you're not even close to the topic at hand. We're talking about hackers coming in from the outside world and compromising a computer, which has absolutely nothing to do with what browser someone uses. An un-firewalled machine running Firefox is just as vulnerable as an un-firewalled machine running IE. Running Windows Updates (something you mentioned earlier) does, to your credit, help significantly. HOWEVER, there are always new vulnerabilities being discovered, and the hackers almost always find them before the developers even figure out what's going on.
So, get on topic and stop wasting screen space, or shut up and lurk. And while you're at it, register here, most members don't take anon posts seriously even if they make excellent points. | |
|
| | |
| dustman81
join:2002-05-28
Tallmadge, OH
 ·AT&T U-Verse
·RoadRunner Cable
1 edit | If you're running Windows XP, install SP2. It installs most of the patches to fix the holes that most worms use to infect the machine and enables the Windows Firewall. It may not be the best firewall in the world, but something is better then nothing.
When someone asks me to help them with their computer, I install antivirus, a firewall and spyware scanner on their machine and show them how to USE IT! I set Windows and the antivirus to automatically update themselves. If they didn't SP2 before I came, they have it before I leave.
Most people say they have antivirus, but come to find out it's either out-of-date or just expired, which is worse then not having any antivirus at all. Security is everyone's responsibility. Because if your computer is infected, not only does it affect you, it affects the entire Internet.
I use a firewall on top of my NAT network. When I lived on-campus at my college, it was bad. I could look through my firewall logs and see who was infected with a worm or a bot as their machine was hitting my IP address. And most were from student's personal machines. Since most did not have their machines patched when they plugged in to the campus network, it just took one infected machine and the viruses spread like wildfire. | |
|
| 
rgoulet
join:2000-10-27
Pittsburgh, PA
| Ha!
This reminds me of a guy on another thread who basically said running a hardware firewall, software firewall, and a small local proxy (proxomitron) was just too much work. Instead he suggested all one had to do to stay safe on the net was to stop useing IE and use Firefox instead.
This should just give you an idea of how willfully ignorant some people are? | |
|
| |
lyls
@tele.dk
1 edit | Re: They deserve it...  if you run windows update regularly and use firefox and a little common sense then you will be pretty secure | |
|
| |
| | |
| jekler
join:2000-11-23
Cincinnati, OH
clubs:
| I don't think that people "deserve" it. The average person isn't knowledgeable about computers and related technologies. I think a lot of us who have a vast amount of technical knowledge take it for granted.
Computer security isn't something that's as easy as the push of a button. You can't just get a firewall, install it, you're done. No, you have to spend time making sure it's configured correctly, which means learning things that you may have no interest in at all. 
There really is no quick solution, it's nobodies fault but the hackers, crackers, and spammers. When someone's house gets broken into, we don't (and shouldn't) blame them for not knowing enough about home security. A firewall isn't as simple and basic as locking a door, it requires a whole lot of invested time to even reach a basic amount of security, at least to your average user who barely understands how to open and save a word processing file. | |
|
| 
redxii
too big to fail
Premium,Mod
join:2001-02-26
Texas
Host:
/dev/null
Broadband Tweaks
Suddenlink
ISDN
Fiber Optic
2 edits | I don't use a firewall all the time when I am connected to my network or networks without internet... except LAN parties with people I don't know I be sure to tighten things up.
I have Kerio 2.1.5 installed but it doesn't run at startup. I'm always well aware of what's running, any LAN/WAN activity, and up to date with patches. Buffer overflows should be obsolete with NX in SP2. There was some iframe exploit I tried the test and IE SP2 prevented it from running. But I don't use IE as my default/preferred browser and nor do I use Outlook or Outlook Express as my default or preffered email client. I don't allow write access to my shares. And so on and so forth.
NAT is enough for me
--
Soyo K7V Dragon+ Motherboard, Athlon XP 1900+ @ 1.66GHz, 768MB Crucial DDR RAM (PC2100), GeForce FX 5600Ultra 128MB DDR AGP, VIA Rhine II 10/100 NIC, Samsung SD-616T 16x DVD-ROM and Sony CRX215E1 48x24x48 CD-RW, 40GB & 30GB HDD. | |
|
| |
| 
JammerMan79
Premium,VIP
join:2004-05-13
Prince George, BC | I'm confused... are you saying that if I have your public IP address and you have a router I can't get to your computer just because your computer shows a 192.... address?
I haven't seen anyone post their public IP here yet as a test. | |
|
| 
Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
 ·Time Warner VOIP
| Anyone who runs w/o a firewall on todays internet IS STUPID AS HELL!!!!!!!!!
I have 2 firewalls running and some things slip by one of them and my LOCAL 1 (On my computer) catches them...........
Who the hell would run w/o a firewall????? Its stupid!!!!!!!!!!!!! | |
|
| |
ppcpunk
join:2001-02-11
Davenport, IA | Re: They deserve it... People who don't need to worry about running one perhaps?
Like... mac users. | |
|
| | |
JammerMan79
Premium,VIP
join:2004-05-13
Prince George, BC | Re: They deserve it... both of you ar pretty safe lol | |
|
|
Dude111
An Awesome Dude
Premium
join:2003-08-04
USA | Yeah maybe........ | |
|
B
Premium,MVM
join:2000-10-28
| It's the ISP's Fault I want to preserve the right to freely use one's IP address (I hate SMTP port blocks and the like) but the ISPs have every ability to monitor and stop machines that are randomly poking at hundreds and thousands of other machines per hour.
And yet they don't, until maybe they get enough complaints from the likes of DShield and MyNetWatchman.
I'm not sure why they're not held more accountable. To me it's a lot more important and a lot EASIER than the spam blocking for which more people seem to hold the ISP responsible.
-- B
--
In a realm outside causality and function | |
|
|
See 35 replies to this post |
|
feedhead
join:2003-06-05
Sioux Falls, SD
clubs:
1 edit | Word Of The Day Scumbaggery. Let's all try to inject this in to a conversation today. | |
|
| |
| 
SRFireside
join:2001-01-19
Houston, TX
| "Smithers who let in this wretched mass of scumbaggery?" | |
|
Dennis
Premium,Mod
join:2001-01-26
Algonquin, IL | How exactly Do you determine that 67% of people don't use a firewall? What about NAT?
Bend over, insert arm up ass, pull out statistic.... | |
|
|
See 11 replies to this post |
|
|
Newegg
Supreme Ideology
join:2004-11-14
Atlanta, GA | ....... i dont have a firewall and i never run one. im unprotected and exposed....
--
850 MHz AMD Athlon 256 MB of RAM ATI 7200 64MB Video Card 20GB HDD Win XP | |
|
|
See 19 replies to this post |
|
MacWin
join:2003-06-26
Imperial, MO | Out of the box There were no successful compromises of the Macintosh, or the Linspire
BUHAHHAHAHAHA | |
|
|
See 8 replies to this post |
|
ryan4state
join:2001-06-22
Wilmington, NC
| People are just lazy.... even if you don't know jack $h*t about a computer, it is not that hard for people to buy a $30.00 linksys and plug up. Guess what they even provide tech support (i would hate to get your call if you don't even know what a firewall, ppoe, dynamic, or static address is). Ok guys I have vented, now i can go back to work. | |
|
|
See 8 replies to this post |
|
|
Derch
Premium
join:2004-10-16
Tulsa, OK | Rubbers baby! It's like this, would you go on a date without protection? Think about it.
Now if you excuse me, I need to go scold myself with hot water... | |
|
MustardMan
join:2003-05-22
Sealand
| All you need is NAT I love these DSLreports forums but it's a double edged sword. If you ask how to fill a glass with water you will inevitably get a bunch of responses explaining that you MUST build a water distribution and purification system.
Sung to the tune of "All you need is love" by the Beatles
"All you need is NAT...da dada..da..da"
"All you need is NAT...da dada..da..da"
"All you need is NAT..NAT.....NAT is all you need" | |
|
rudnicke
Premium
join:2004-10-23
Rantoul, IL |  Freeware Sources
| |
|
| |
| cooperaaaron
join:2004-04-10
Joliet, IL
·AT&T Yahoo
| Some of the distros I use already have firewalls included with the rest of the software installed, Mandrake and Mepis, just two examples, will set up firewalls for you ( with very little, if any, input ). And I have just used the firewalls with these distros and have had no problems whatsoever.. | |
|
nirvansk815
Premium
join:2001-06-18
Rancho Cucamonga, CA
clubs:
2 edits | Where Campaigns should be... Where's the spread "firewall" campaign? Flunk firefox... Where fighting the WRONG battle.
--
There's so much to be thankful for...How can anyone be sad? | |
|
TechieZero
Tools Are Using Me
Premium
join:2002-01-25
Wesley Chapel, FL
|  Another brick loose in the wall
The only thing usefull about a firewall is to tell you about stuff that is outgoing you don't know about---to close the barn doors after the horses leave.
A NAT router that doesn't respond to external traffic is about the best you can do; that and practice safe computing.
--
"Democracy is the worst form of government except for all those others that have been tried."-Winston Churchill | |
|
|
| 
wwdubbia
join:2002-06-03
Clinton, NY
| Re: No Firewall, Fun with the Internet scumbaggery Didn't you mean to say 'Scumbaggery'?
If not, that would have been a perfect time to use it!
(read posts above if you don't get it...) note the use of ellipsis. I learned a lot today. | |
|
| | josephtan_89
join:2004-11-29
singapore | Re: No Firewall, Fun with the Internet scumbagge haha....i neva installed a firewall....lolx....makes my internet slower i guess.....no need for a firewall here...^^......anyway.....my computer is fine....i did anti virus scan and crap lyk tat....^^...ya | |
|
| | | keyboard5684
join:2001-08-01
Youngsville, PA | Re: No Firewall, Fun with the Internet scumbagge I think that is enough of the Scumbaggery, k? | |
|
| | | | caktusrn
join:2004-01-10
Palmyra, PA
| Re: No Firewall, Fun with the Internet scumbagge just go to yahoo chat rooms and ask ppl what they use.. i was told some use nothing no av no firewall...then when u ask them about updates , some say yeah i get a pop up about it but people say not to install cause it aint worth it...these are the people we are dealing with who dont wont to know nothing about a computer but to sign in a chat room...dumb asses...:D | |
|
GlenQuagmire
Giggidy Giggidy Giggidy Goo
Premium
join:2004-02-16
Grand Rapids, MI | No Firewall I would love to see how long it would take a unpatched Windows XP box with no firewall, no Antivirus, and no Anti Spyware, No NAT router will last on a public IP before it was hacked. | |
|
|
See 20 replies to this post |
|
jsullvn
Premium
join:2001-02-11
Lansdale, PA | 67% News flash.......
Government statistics reveal that 67% of American Consumers are MORONS! | |
|
|
|
|
·
What!?!?
