As Graham said, "Shields up" is a good test
for
knowing how oppened if your PC.
As Graham said (again), due to some
aplication, you
need to keep some ports oppened, and always an open port is a hole in the
system. The first thing you must do is just open the ports that need to be
open.
You also must keep up to date the software
that is
listening to that oppened ports, installing all the patches and updates...
the
level of security of that port is up to the quality of the software that is
controling it.
There are some basic big holes that you must
be
sure to close in your system, and Shields up can tell them.
Obviously, one is the "great" default option
of
TCP/IP in Windows: Netbios over ip. If you have this option enabled, your
shared
resources can be accessed from an outer conections, for example direct
access to
you hard disk data. Make sure that you have that option
disabled.
What else... mmm.. a lot.. depending to the
type of
conection you have, and how your internet provider has configured your
adapter.
For example a modem conection is a dangerous
conection if you have no firewall installed.
A DSL conection using a router configured as a
multiPC conection can be very safe. In my country (Spain), the default
conection
of the router is "safe" (*)...
As a first test, check Shields up and read
what it
says about your conection.
Subject: Re: [ukha_d] External access
to
PCs / IP etc
Graham,
I see. As I said ... IP networking a
mystery to me. It has been an item on my todo list for years.
Theres just always something more important. Currently teaching myself Perl
is
top on my list ... but thats 20-30 items down the list SWMBO has for
me.
Subject: RE: [ukha_d] External access
to PCs / IP etc
The GRC site is very useful and I would certainly recommend everyone
to visit it to identify potential vulnerabilities in their systems.
Unfortunately it couldn't have saved my web server as the virus entered via
the web port which has to be open on a web server ! The only defence
in my case would have been up to date patching.
Graham
-----Original Message----- From: Robin Edwards
[mailto:robin@xxxxxxx] Sent: 30 September 2001
20:50 To: ukha_d@xxxxxxxSubject: [ukha_d]
External access to PCs / IP etc
Folks,
I've watched the discussions on IIS,
worms and ports/PCs being probed from external locations over the last few
days. I've never professed (that doesnt look to be spelt right)
to bein an person that understands IP networking but on it
potential for exposure seems high. Reading uk.comp.home.netowrking
today I saw somebody pointing to http://grc.com/ . The guy there offers
a
service called Sheilds up! which supposedly tests out how secure your PC
is to 'baddies' on the internet. Has anybody tried it? I
remember trying it, maybe a year ago and from what I remember it showed up
number of problems I had. Since then I've installed Wingate and enabled
its firewall. This time Sheilds Up! could not get in.
Two reasons for posting this,
firstly, any comments, anybody else tried Shields up! and secondly maybe
it is of use to some others (assuming it works fine)
regards,
robin
For more information: http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe:
ukha_d-subscribe@xxxxxxx Unsubscribe:
ukha_d-unsubscribe@xxxxxxx List owner:
ukha_d-owner@xxxxxxx
For more information: http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe:
ukha_d-subscribe@xxxxxxx Unsubscribe:
ukha_d-unsubscribe@xxxxxxx List owner:
ukha_d-owner@xxxxxxx
For
more information: http://www.automatedhome.co.uk Post message: ukha_d@xxxxxxx Subscribe:
ukha_d-subscribe@xxxxxxx Unsubscribe:
ukha_d-unsubscribe@xxxxxxx List owner:
ukha_d-owner@xxxxxxx
For more information: http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx
Subscribe: ukha_d-subscribe@xxxxxxx
Unsubscribe: ukha_d-unsubscribe@xxxxxxx
List owner: ukha_d-owner@xxxxxxx
Comments to the Webmaster are always welcomed, please use
this contact form
. Note that as this site is a mailing list archive, the Webmaster has no control
over the contents of the messages. Comments about message content should be directed
to the relevant mailing list.