Security and hacking - Basic Knowledge

Security and hacking - Basic Knowledge: Posted by Webmaster on October 19th, 2003; About to go live with ADSL, and I have shiny new router to play with.

I know very little about ports, TCP, UDP, firewalls, DoS, port-scan
attacks, etc.

What are the done things with firewalls etc? How does one set them up to be
effective?

ISP is plusnet, and useage will be per-perr filesharing, websurfing,
newsgroups and email. Not into remote management although I should like to
find out about it if I can.

Any good resources for these sorts of things?
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by BitsAndBobs on October 19th, 2003; "Webmaster" <spam@unlockingshop.co.uk> wrote in message
news:MPG.19fc801663fb545e989e43@news.cis.dfn.de...
Once you get on Broadband you are going to get regular port scans etc. I use
Norton Firewall 2003 and Norton Antivirus 2004 and every file that
enters/exits my pc is checked for Trojans etc..; Posted by Webmaster on October 19th, 2003; BitsAndBobs reckoned that:
I see.

My router is a netgear DG824M and features and in-built firewall. I have
been lead to believe that hardware-type firewalls are virtually impregnable
compared to software ones.

What I want to do is to utilise the firewall in my router, and I should
like to learn how to do so, and give myself some background knowledge about
security etc.
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by Hiram Hackenbacker on October 19th, 2003; On Sun, 19 Oct 2003 13:15:57 +0100, Webmaster
<spam@unlockingshop.co.uk> wrote:

Of course you can create large holes in any type of firewall (hardware
or software based) if you aren't careful.

--
Hiram Hackenbacker; Posted by Les Thompson on October 19th, 2003; In article <MPG.19fc90d5b4b2b754989e46@news.cis.dfn.de>, Webmaster
<spam@unlockingshop.co.uk> writes
There is some info here on setting up the firewall.
http://www.adslguide.org.uk/hardware...ear-dg824m.asp
--
Les; Posted by Pete Smith on October 19th, 2003; In article <pan.2003.10.19.16.47.06.615681@fenrir.org.uk>,
scrap@fenrir.org.uk says...
Can I point something out here...

If you opened port 110 on incoming ports on my ZyXEL Prestige, then you'd
allow _outsiders_ to access your POP email system (assuming you have one
installed).

I personally close _all_ incoming ports (bar 80, because I run a
webserver).

I can still access the net etc, because the sockets are opened from inside
the network on those ports, and the data comes back in that way.

Therefore if I blocked port 80 on outgoing connections, I couldn't browse
the web, even though the data is incoming.

TBH, at the moment, my router choice is going to be a Speedtouch 510v4,
and I'm going to set it up to block _all_ incoming ports (again, bar 80,
if I decide to), and use UNPnP to allow anything that needs incoming data
access (not that I've really needed that in the 5 years+ of having a
hardware firewall!).

HTH.

Pete.

--
NOTE! Email address is spamtrapped. Any email will be bounced to you
Remove the news and underscore from my address to reply by mail; Posted by Webmaster on October 19th, 2003; Pete Smith reckoned that:
Indeed, I thought that. Having spent a few hours reading up, I can now see
that the default configuration of the DG824M is for all incoming to be
blocked, and for all outbound to be open. This seems like a fairly sensible
arrangement, and as you say although there is 2-way data flowing when using
most applications because the connection has been initiated from inside the
firewall there won't be a problem.

What I will do however is close off eveything except 110, 25, 119, HTTPS
and AIM, just to be sure.
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by Webmaster on October 20th, 2003; Webmaster reckoned that:
PlusNet came online this morning... lovely!
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by Webmaster on October 20th, 2003; Brian Morrison reckoned that:
Yep!

Quite. Basics is what I need, but the firewall is configured form the
factory to block all incoming TCP, UDP and ICMP packets, not to respond to
SYN packets or PINGs. So I reckon I'm OK for the time being.
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by Webmaster on October 20th, 2003; Brian Morrison reckoned that:
I think I understand.

If a hacker was trying to bust in he could choose to attack a given port as
used by a popular service. What your setup does would see which port the
retun journey finishes at and then consults a lookup table of
ports/services and if the 2 don't quite match, the connection is blocked.

Yes?
--
www.unlockingshop.co.uk
Motorola remote unlocking - £10 (includes A920 on '3')
Now unlocking Siemens x5x (SL55, S55, A55 etc) - £10
Change 'spam' to 'jon' to email; Posted by Pete Smith on October 20th, 2003; In article <pan.2003.10.20.08.07.48.238326@fenrir.org.uk>,
scrap@fenrir.org.uk says...
That sounds like a pretty good way of setting up a firewall. I think my
firewall has the ability to filter for source & destination ports, but
overall, the filters are very crude.

Hope my ADSL router can improve it (even if I do have to type them in by
hand!)

16 days and counting 'til ADSL is delivered to our exchange!

Pete.

--
NOTE! Email address is spamtrapped. Any email will be bounced to you
Remove the news and underscore from my address to reply by mail; Posted by Dolphin Boy on October 21st, 2003; Yep! I have a netgear too. Left in the factory config for the
firewall.
(cos, like you, I'm a novice in such matters :-)
I just do newsgroups, browse & play games. I use my laptop to
connect to work via a different (Netscreen) VPN.
All work no problems with the default firewall.

ALL downloads are virus scanned, & the virus scanner is updated daily
(well, I click the update tab every evening I fire the PC up - most
times there ain't a new signature file!)
I run AdAware frequently too.
Data files are backed up to floppy or CD-R
Finally there's NOTHING on the PC I can't live without!

I had a very bad attack of paranoia recently, and I purchased a second
disk, and took an image
of the first disk & stuck it in a draw! The next time I screw up my
system, I'm just gonna swop the disks over & copy the good over the
bad!

Dolphins guide to safe computing. :-)

Similar Posts

CISSP , Adv. Ethical Hacking , Penetration Testing , Wireless Security and Scanning plus more - Lowest UK Prices - Guaranteed (Computer Security) by raza@raza.demon.co.uk
[LONG] Computer Security, Hacking, Crypto, Programming, Anonymity and More - Links List (Computer Security) by Lord Shaolin
How can I learn computer security / hacking (ethical)? (Computer Security) by Beowulf
Book on Security/ Hacking (Computer Security) by Bharat Bhushan
Security, Hacking, Encryption, Programming and Various other links [LONG] (Computer Security) by Lord Shaolin