Originally posted by XanthosNZheh, yeah. 🙂 well, not all of it is a useful as other parts. but it tells an average user if he has his netbios, 139 etc. wide open for anyone to contact to, or some server running he has no knowled of, listening on some port.
Oh no! Someone could know that a computer exists at this location! I may even be broadcasting an IP address! And I better make sure to close off ping replies as pings are a precursor to hacking attempts!
I get stealth all over.
you know, there's no forcing reason to let your machine answer to ping unless you're running a general service server, the users of which you'd like to have the possibility to ping you...
Originally posted by XanthosNZClosing port seven is pretty pointless except against script kiddies.
Oh no! Someone could know that a computer exists at this location! I may even be broadcasting an IP address! And I better make sure to close off ping replies as pings are a precursor to hacking attempts!
Originally posted by Wheelywell, yeah. anything can be attacked. and anyone competent enough could even get through once they learn my ip. but nothing ever got through my defenses, and I do scan my computers a couple of times a year just to make sure.
I think you might be being a bit complacent. It is not just a case of opening dodgy e-mail attachments or going to malicious web sites. Pretty much any service you run on your system is open to attack. Hell, even the tcp/ip stack itself is open to attack. Your firewall is open to attack, the port mapper and inet services starter (whatever that is on windo ...[text shortened]... se Microsoft rudely ignore established protocols and don't set a postmaster account though.
Originally posted by wormwoodI suspect you completely under estimate the scale of the problem as most people, unsurprisingly, do. Running scanning software will show you pretty much nothing.
well, yeah. anything can be attacked. and anyone competent enough could even get through once they learn my ip. but nothing ever got through my defenses, and I do scan my computers a couple of times a year just to make sure.
1 edit
Originally posted by Wheelyso, what would you do besides blocking all your ports, not install any software you're not sure of, use a firewall and semi-regularly scan your drives with an up to date virus scanner?
I suspect you completely under estimate the scale of the problem as most people, unsurprisingly, do. Running scanning software will show you pretty much nothing.
install firefox and hope you're safe? 🙂
edit: just wanted to clarify: I do think there are less security problems in firefox compared to ie, however, I don't think it matters in any practical consideration.
Originally posted by sonhouseYes but IE allows activex controls while FF does not. The tight integration of IE to the OS means IE users are a lot worse when surfing the net.
http://www.tgdaily.com/2006/10/02/firefox_security_issue/
It seems IE isn't the only problem child any more.
Originally posted by wormwoodGood point. But I don't think you can tell XanthosNZ anything. If the information doesn't come from him personally then he either won't accept it or change the subject! 😕
how many times have you been hacked by a zero-day exploit? do you know someone who's been hacked by a zero-day exploit?
I do hear what you're saying, and those things will happen to someone somewhere. but the only realistic scenario for getting compromized for an average joe, is to do something incredibly stupid like opening a mail attachme ...[text shortened]... ou if you say you've seen it happen. but if not, well you know how these stories go...
Originally posted by wormwoodIs this for real? It says that my 1000+ ports are operating in Stealth Mode and they can't even find out it they exist.
btw, what do you think of steve gibson's 'shields up' web based scanning service for finding out the basic status of your box? I don't base my security on it, but I do think it's an easy way for an average user to find out what his computer looks like from outside. are you familiar with him? I know some people think of him as a bit of a crackpot, but I have ...[text shortened]... nk that really makes a difference.
shield's up
https://www.grc.com/x/ne.dll?bh0bkyd2
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE
I'm using XP with Firefox and the basic free stuff (ZoneAlarm, AVG) . What am I doing wrong? This can't be right.
Originally posted by PalynkaI get the same from grc & I just use firefox & Norton.
Is this for real? It says that my 1000+ ports are operating in Stealth Mode and they can't even find out it they exist.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE
I'm usi ...[text shortened]... refox and the basic free stuff (ZoneAlarm, AVG) . What am I doing wrong? This can't be right.
By the way, it seems the threat to firefox has been... uh, somewhat overblown
From Mozilla website:
We got a chance to talk to Mischa Spiegelmock, the Toorcon speaker that reported the potential javascript security issue referenced earlier. He gave us more code to work with and also made this statement and agreed to let me post it here:
The main purpose of our talk was to be humorous.
As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.
I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven’t used it to take over anyone else’s computer and execute arbitrary code.
I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.
I apologize to everyone involved, and I hope I have made everything as clear as possible.
Sincerely,
Mischa Spiegelmock
Originally posted by wormwoodWell, there isn't any software you're sure of and you missed out patch regularly and keep abreast of the daily security alerts.
so, what would you do besides blocking all your ports, not install any software you're not sure of, use a firewall and semi-regularly scan your drives with an up to date virus scanner?
install firefox and hope you're safe? 🙂
edit: just wanted to clarify: I do think there are less security problems in firefox compared to ie, however, I don't think it matters in any practical consideration.
Personally, I don't actually do much as there isn't too much point. I have a firewall of course and I don't run any any internet services unless I actually need them. I then shut them down.
My point is really that you can make it harder for people to compromise your machine but you can't make it impossible (unless you pull it from the net) and assuming you are free of compromise because your virus checker doesn't find anything is a mistake. So, in a nutshell, don't keep any sensitive data on an internet enabled machine and make sure you patch regularly.