1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

LOOK OUT: A New Windows attack can kill firewall

Discussion in 'General Software' started by Alec§taar, Oct 31, 2006.

  1. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Last edited: Oct 31, 2006
  2. DaMulta

    DaMulta My stars went supernova

    Joined:
    Aug 3, 2006
    Messages:
    16,135 (4.96/day)
    Thanks Received:
    1,459
    Location:
    Oklahoma T-Town
    This is why I have a Hardware firewall.
     
  3. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Agreed, & also why I did things like port filters & services "hardening" too... this is also another reason WHY I run Windows Server 2003 - this exploit isn't possible on it!

    APK
     
  4. tigger

    tigger I'm the only one

    Joined:
    Mar 20, 2006
    Messages:
    10,187 (3.01/day)
    Thanks Received:
    1,402
    i reckon my blackice firewall could block that.windows firewall pah
     
  5. bruins004 New Member

    Joined:
    Sep 27, 2005
    Messages:
    2,480 (0.70/day)
    Thanks Received:
    75
    Well Windows Server 2003 was meant to be more protective than Windows XP.
    There have been some exploits on it, but def. not as much as XP.
     
  6. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Maybe, for now? That's the best move an XP user could make... for a 'quick fix', just use another firewall!

    You have a good point.

    APK
     
  7. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.44/day)
    Thanks Received:
    267
    Location:
    England
    Well I have a hardware firewall on my router and both my PCs are protected by a software firewall behind that. I know it could be hacked but at the end of the day hackers are much more likely to exploit the easier PCs and leave mine alone. Plus my firewall is Comodo not the built in windows one so it should be fine against attacks.
     
  8. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    As long as you don't run UPnP service, & don't allow remote administration of your HARDWARE "NAT" firewalling router, that should be safe as 1 layer of defense.

    (Steve Gibson of "shields-up" gives a decent explanation of that on his sites, & the newscast downloadable .mp3 files he has there & HOW that works in case your interested. A lot of folks give that guy a lot of guff, but he often makes pretty good points imo!).

    And, like others stated above? It's probably a wise move to just use another firewalling program until the next "Patch Tuesday" issuance from MS... even if only temporarily.

    APK

    P.S.=> You know, I do TRY to be an "optimist" about 'hacker/cracker' types exposing this type of weakness, because if they didn't, who KNOWS if the OEM's of various softwares would make patches or not... but, it gets a little "maddening" finding out wares we use are riddled w/ holes too, every month or two... apk
     
  9. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.44/day)
    Thanks Received:
    267
    Location:
    England
    Yeah, I think UPnP is the most idiotic attempt at improving firewalls I've known. It tried to make them easy to use but opens them up to trojans. Both UPnP and remote administration are disabled... and for local security so is 128bit wep and MAC Filtering... not one port is open on my router's firewall. I would enable WPA encryption and use a hidden SSID but my some of my family's laptops can't connect then.
     
  10. Agility

    Agility

    Joined:
    Jun 10, 2005
    Messages:
    1,660 (0.45/day)
    Thanks Received:
    54
    Location:
    Singapore
    So what now? I wait for my stupid brother who doesn't know a shit about computers to hack me in my local network? Lol.
     
  11. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Ah, now THAT's the point I was curious about...

    I.E.-> Does this count merely for INTERNAL "Home LANS", or does it also count for folks on the same ISP/BSP?

    (Sort of like how the old filesharing errs existed on Win95)

    * I am unclear about this... what do you guys think?

    APK
     
  12. Agility

    Agility

    Joined:
    Jun 10, 2005
    Messages:
    1,660 (0.45/day)
    Thanks Received:
    54
    Location:
    Singapore
    Thats why i was wondering this would also mean a LAN network which means offices or a small net work set up. And it would also mean that hacker can hack easily and get caught easily too.
     
  13. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Probably VERY true, because there is a log you can maintain in Windows Firewall, & it indicates who/what is connecting to you & from where...

    APK
     
  14. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,970 (2.54/day)
    Thanks Received:
    1,607
    One machine, one download, one user.



    Users are the biggest security risk to any company. All we can do is to educate them on what is unsafe, and possibly deny them as much access, through firewall filtering, and local file access.


    In our network here, if one PC gets hacked via a downloader, or some other form of malware, and they actually manage to make it through the firewalls........
     
    10 Million points folded for TPU
  15. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.40/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    In a way, I don't BLAME network techs/admins for "locking things down" for most folks, or moving towards std.'ized desktops like Citrix/TS or even Winterms usage...

    I usually am not subject to that as a developer (usually I get admin rights across a LOT of areas, especially data I have to access), but I have seen folks NOT like it as end-users... limiting their freedoms & such.

    I wouldn't like it either, but then, the equipment's NOT MINE either. I am only "borrowing it" to do a particular job is all.

    BUT, it makes good for the "whole of the herd" @ any company... and, does make guys like you Steevo, have an easier day... hopefully!

    (And, I am sure occasionally? Stuff gets thru, anyhow... bad stuff!)

    APK
     
  16. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,970 (2.54/day)
    Thanks Received:
    1,607
    We have a suck re tardy that would download everythign she could get her hands on. And a few years back when er were still inthe 9X days I was plagued by a copy of a trojan-worm that was infested so bad that I had to travel to our other store and start, one machine at a time boot-clean-check-shutdown. Then back here.

    And the bad part was is only 3 PC's on then etwork had internet access through dialup. But they spread due to everything being shared with no username or password.

    All from one user.


    No more though. I have the server check inside all the backups, and with proper file access control no more problems. I do look forward to a server version of Vista-Longhorn for the ability to forward errors and critical event logs to one location from many machines. Plus enforced security for access.
     
    10 Million points folded for TPU
  17. Batou1986

    Batou1986

    Joined:
    Oct 2, 2005
    Messages:
    2,713 (0.76/day)
    Thanks Received:
    508
    Location:
    Baltimore MD
    i don't worry about firewalls because theres really noting on my computer worth hacking or any reason to waste the time
     
  18. Canuto

    Canuto New Member

    Joined:
    Jul 8, 2006
    Messages:
    2,157 (0.66/day)
    Thanks Received:
    4
    Location:
    Portugal
    It's not the importance of what you have it's a question of principle..
     
  19. bruins004 New Member

    Joined:
    Sep 27, 2005
    Messages:
    2,480 (0.70/day)
    Thanks Received:
    75
    And it can also be a major headache as well.
     
  20. Batou1986

    Batou1986

    Joined:
    Oct 2, 2005
    Messages:
    2,713 (0.76/day)
    Thanks Received:
    508
    Location:
    Baltimore MD
    exactly i find i have more problems with firewalls then anything else also im behind a router with the firewall off but to my understanding its quite hard to hack a computer behind a router that only has a local ip address i may be wrong but still who's gonna take the time to hack my computer to do what steal my steam account that i don't use or what my porn from bt ??

    Btw anyone know of a anti virus like avg free that supports x64
     
  21. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.44/day)
    Thanks Received:
    267
    Location:
    England
    I think Avast supports X64, might be wrong. As for being behind a router - it makes it slightly more difficult than a direct connection but still very easy compared to a firewall being there.
     
  22. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,970 (2.54/day)
    Thanks Received:
    1,607
    A small encapsulation program and a bit of ping 6 will get you a false origination IP address generator as well as a source generator. Plus a tiny little random number generator. Think about it. Generate millions of packets from a few machines and a few mediocre connections in a few minutes.



    All small enough to fit on a floppy.
     
    10 Million points folded for TPU

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page