MasterRacker
New member
Pretty interesting article.
Jeff
The future is already here - it's just not widely distributed yet...
Jeff
The future is already here - it's just not widely distributed yet...
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
20 min. to be hacked. 3
- Thread starter MasterRacker
- Start date
- Status
That sounds about right.
Makes it a little tough to bootstrap a computer installation when there's only one PC onsite, and it's the one being installed -- no way to download patches via a trusted machine.
Chip H.
____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
Makes it a little tough to bootstrap a computer installation when there's only one PC onsite, and it's the one being installed -- no way to download patches via a trusted machine.
Chip H.
____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
The same clear message was also related here:
Vince
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
Code:
"You've just bought a new computer, and you are determined to keep it free of intruders. You've made sure it came with the latest antivirus software. And you immediately downloaded the latest virus signatures and Windows patches before surfing the Web or checking your e-mail.
Think you're safe? You're not. In the time it took to download those updates, your system could have been attacked."
[more ...]Vince
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
-
2
- Thread starter
- #5
MasterRacker
New member
Yup. Baby routers from Wal-Mart are so cheap n ow there's no excuse not to have one. Even with a good, fully patched software firewall, I would prefer to have a hardware layer out there doing port masking anyway.
Jeff
The future is already here - it's just not widely distributed yet...
Jeff
The future is already here - it's just not widely distributed yet...
MasterRacker,
Give me a price range for these baby routers at WalMart etc?
I assume you are suggestion if I have a cable modem that I get one of these? I want to nextwork two computers together so that both have access to the Internet - is a baby router the answer?
Thanks in advance
Give me a price range for these baby routers at WalMart etc?
I assume you are suggestion if I have a cable modem that I get one of these? I want to nextwork two computers together so that both have access to the Internet - is a baby router the answer?
Thanks in advance
- Thread starter
- #7
MasterRacker
New member
I have one of these:
It is a router, dhcp server and 4 port switch. I haven't had two machines going on it yet but otherwise it works great connected to my cable modem. If I remember correctly, I got it for about $40.00.
Jeff
The future is already here - it's just not widely distributed yet...
It is a router, dhcp server and 4 port switch. I haven't had two machines going on it yet but otherwise it works great connected to my cable modem. If I remember correctly, I got it for about $40.00.
Jeff
The future is already here - it's just not widely distributed yet...
20 minutes? How about 20 seconds from 0 to Infected? 20 minutes sounds quite long to me.
New install of W2K last year, had SP3 on cd but not SP4. Installed that, got online to d/l SP4 (dial-up, click Start, Windows Update). Before I even GOT the MS website to pull up I was infected with the Blaster worm.
Just a bit quicker than 20 minutes....
New install of W2K last year, had SP3 on cd but not SP4. Installed that, got online to d/l SP4 (dial-up, click Start, Windows Update). Before I even GOT the MS website to pull up I was infected with the Blaster worm.
Just a bit quicker than 20 minutes....
SEE:
Survival Time
The "Survival Time" is the average time between attacks for our average submitter. An unpatched PC will survive about that long before it will be infected with the worm of the day.
SEE: Survival Time History LINK
I, too, believe that the survival time is grossly overstated for the average user since much of the submissions would likely be from technically oriented posters. Who else would be the majority contributors to the DShield project?
All you need to do is to run a tool like 'Linklogger' (a logging tool for the Linksys, Netgear, and ZyXEL - for its 14 day trial to see for yourself how quickly the scans and probes do start occurring .
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
Survival Time
The "Survival Time" is the average time between attacks for our average submitter. An unpatched PC will survive about that long before it will be infected with the worm of the day.
SEE: Survival Time History LINK
I, too, believe that the survival time is grossly overstated for the average user since much of the submissions would likely be from technically oriented posters. Who else would be the majority contributors to the DShield project?
All you need to do is to run a tool like 'Linklogger' (a logging tool for the Linksys, Netgear, and ZyXEL - for its 14 day trial to see for yourself how quickly the scans and probes do start occurring .
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
FrankieAIX
Technical User
That is a GREAT article!!! It was about a week ago that I have read it and yesterday I have witnessed a network of NT servers and PC's become infected with a virus within a few minutes of the infected host pc being placed on the network.. Lukily it was non-production but it was a great example of that article....
How about 1 second after network was set up! Installed Network card. Bang! Infected !!!
That was 6 months ago, now have a lovely netgear router / switch with NAT and ports locked down. Pc has Freedom Firewall with keyword blocking and blacklists and now XP SP2 Firewall (although this may come off, some issues with it to Iron out).
I had to turn off part of the log on the router because others on the network are so badley infected that it filled it up in seconds with port scans.
Stu..
Only the truly stupid believe they know everything.
Stu.. 2004
That was 6 months ago, now have a lovely netgear router / switch with NAT and ports locked down. Pc has Freedom Firewall with keyword blocking and blacklists and now XP SP2 Firewall (although this may come off, some issues with it to Iron out).
I had to turn off part of the log on the router because others on the network are so badley infected that it filled it up in seconds with port scans.
Stu..
Only the truly stupid believe they know everything.
Stu.. 2004
reply to darnell1:
Routers are ~ $40 to $100. $40-60 is fine for home LAN. Shoot, wireless are still in that range. Dlink, SMC, Linksys, Netgear, I've used all for something and all have been fine for me.
Yes, when computers are on LAN, and router is linked to broadband receiver/modem, all computers can get to internet. Condition to be true tho: router or switch must assign internal URLs to LAN boxes. A simple hub won't allow multiple machines to access the internet for this reason - but it will still allow a LAN.
IF you go wireless, read up on security issues. Used to be simpler, but the enemies out there are getting much better. Now I have to set filters on my wireless router to block a lot of potential inroads. Hardwired is more secure by nature.
I still run software firewalls, av, anti-spy and anti-ad on all machines. This makes LAN setup more difficult, but break-in is harder too.
It's all kind of ironic. My first LAN was Novell 3.11. NOT easy. All this peer-to-peer that was going to make it easier, did - BUT security issues have made it almost as hard to have a secure LAN now as ten years ago in Novell.
Mark
Mark
<O>
_|_
Routers are ~ $40 to $100. $40-60 is fine for home LAN. Shoot, wireless are still in that range. Dlink, SMC, Linksys, Netgear, I've used all for something and all have been fine for me.
Yes, when computers are on LAN, and router is linked to broadband receiver/modem, all computers can get to internet. Condition to be true tho: router or switch must assign internal URLs to LAN boxes. A simple hub won't allow multiple machines to access the internet for this reason - but it will still allow a LAN.
IF you go wireless, read up on security issues. Used to be simpler, but the enemies out there are getting much better. Now I have to set filters on my wireless router to block a lot of potential inroads. Hardwired is more secure by nature.
I still run software firewalls, av, anti-spy and anti-ad on all machines. This makes LAN setup more difficult, but break-in is harder too.
It's all kind of ironic. My first LAN was Novell 3.11. NOT easy. All this peer-to-peer that was going to make it easier, did - BUT security issues have made it almost as hard to have a secure LAN now as ten years ago in Novell.
Mark
Mark
<O>
_|_
-
1
- #14
I'm a total novice at this...
I've got an internal 56K Dial-up modem over BT landlines, and using IE6 under XP Home SP2 - can I just connect a router between my phone socket and the PC, or is it more complex than that?
Anything that stops me getting infested with about:blank![[flame]](/data/assets/smilies/flame.gif "[flame] [flame]")
every time I go online would be welcome!
Chris
Varium et mutabile semper Excel
I've got an internal 56K Dial-up modem over BT landlines, and using IE6 under XP Home SP2 - can I just connect a router between my phone socket and the PC, or is it more complex than that?
Anything that stops me getting infested with about:blank
every time I go online would be welcome!Chris
Varium et mutabile semper Excel
XP SP2 has the ICF, which is enabled by default. You can double-check that it is enabled using this process:
This is sufficient to protect you against Blaster, Sasser, and similar worms, but I recommend getting a firewall that also watches outgoing traffic. Sygate, Outpost, McAfee, Symantec, and ZoneAlarm are all good choices, from what I've heard...
As for about:blank hijacker, it does not, as far as I am aware, spread through network connections themselves, but through Internet Explorer/Outlook bugs. Specifically, it often travels via MS Java's Byteverifer expliots. Thus, you should look into these preventative tools:
These cleaning tools:
Or, an alternate browser and email client (which was my choice):
This is sufficient to protect you against Blaster, Sasser, and similar worms, but I recommend getting a firewall that also watches outgoing traffic. Sygate, Outpost, McAfee, Symantec, and ZoneAlarm are all good choices, from what I've heard...
As for about:blank hijacker, it does not, as far as I am aware, spread through network connections themselves, but through Internet Explorer/Outlook bugs. Specifically, it often travels via MS Java's Byteverifer expliots. Thus, you should look into these preventative tools:
These cleaning tools:
Or, an alternate browser and email client (which was my choice):
Much Thanklyness and Stardom to you Wereotter! ![[2thumbsup]](/data/assets/smilies/2thumbsup.gif "[2thumbsup] [2thumbsup]")
I've got the Firewall ON all the time, and I use ZoneAlarm and Norton.
I've also got SpyBot S&D, HijackThis, AdAware and CWShredder, all of which I run time and time again!
I've got so practiced at removing the damned about:blank .DLL's and HSA/SE/SW keys from the registry I can almost do it in my sleep!
But in the end, you are 100% correct - Bin IE6 and go with Mozilla is the safest way![[wink]](/data/assets/smilies/wink.gif "[wink] [wink]")
Thanks again STAR-dude!
Chris
Varium et mutabile semper Excel
I've got the Firewall ON all the time, and I use ZoneAlarm and Norton.
I've also got SpyBot S&D, HijackThis, AdAware and CWShredder, all of which I run time and time again!
I've got so practiced at removing the damned about:blank .DLL's and HSA/SE/SW keys from the registry I can almost do it in my sleep!
But in the end, you are 100% correct - Bin IE6 and go with Mozilla is the safest way
Thanks again STAR-dude!
Chris
Varium et mutabile semper Excel
relmanz2000 said:
NO! A router allows multiple PCs to connect using network cards (NICs) and has a 'wide area network' (WAN) connection to either a cable modem or DSL modem (not a dialup modem). A typical router has four (4) internal network ports and one (1) WAN port.
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
NO! A router allows multiple PCs to connect using network cards (NICs) and has a 'wide area network' (WAN) connection to either a cable modem or DSL modem (not a dialup modem). A typical router has four (4) internal network ports and one (1) WAN port.
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
Wereotter and vop:
Thanks for the advice folks!
I got a:b again last night - while I was downloading new windows updates!!!!
![[cannon]](/data/assets/smilies/cannon.gif "[cannon] [cannon]")
Jeez, how I'd like to shove something thick and spiny into the rear entrance of the originator of about:blank!
I decided it must have been some detritus left over from the last time I scoured my drives for this piece of Sh*tware, so I did 3 scans with AboutBuster then downloaded and installed Mozilla FireFox. Result: clean, superfast surfing
Chris
Varium et mutabile semper Excel
Thanks for the advice folks!
I got a:b again last night - while I was downloading new windows updates!!!!
Jeez, how I'd like to shove something thick and spiny into the rear entrance of the originator of about:blank!I decided it must have been some detritus left over from the last time I scoured my drives for this piece of Sh*tware, so I did 3 scans with AboutBuster then downloaded and installed Mozilla FireFox. Result: clean, superfast surfing
Chris
Varium et mutabile semper Excel
- Status
Similar threads
- Locked
- Question
- Locked
- Question