[Rhodes22-list] virus?

kroposki kroposki at innova.net
Fri Mar 5 08:10:07 EST 2004



Michael,
	What is smc stuff?
           Ed K

-----Original Message-----
From: rhodes22-list-bounces at rhodes22.org
[mailto:rhodes22-list-bounces at rhodes22.org] On Behalf Of Michael Meltzer
Sent: Thursday, March 04, 2004 10:35 PM
To: The Rhodes 22 mail list
Subject: Re: [Rhodes22-list] virus?

I do not like the software firewall(execpt in dailup)`,  The problem is
the first thing the virus do is disable them :-) same for
ani-virus software(that what happened to night), any of the statefull
firewalls do a much better job, been using smc stuff, good
software, on the inside pc it not worth the griff and adds little
protection. The virus are going after the shares which will be
turn on anyhow.

MJM

----- Original Message ----- 
From: "Mark Kaynor" <mark at kaynor.org>
To: "The Rhodes 22 mail list" <rhodes22-list at rhodes22.org>
Sent: Thursday, March 04, 2004 8:54 AM
Subject: RE: [Rhodes22-list] virus?


> Dang. That's "stateful packet inspection", not "tasteful packet
inspection".
>
> Hmm... would that typo be the opposite of what Justin Timberlake did
during
> halftime?
>
> Mark
>
>
>
> -----Original Message-----
> From: rhodes22-list-bounces at rhodes22.org
> [mailto:rhodes22-list-bounces at rhodes22.org]On Behalf Of Mark Kaynor
> Sent: Thursday, March 04, 2004 8:51 AM
> To: The Rhodes 22 mail list
> Subject: RE: [Rhodes22-list] virus?
>
>
> Peter,
>
> Switches do not normally contain the firewall-type functions included
more
> often in routers and wireless access points. They're usually fairly
dumb in
> that they simply allow several computers to be connected to form a
network.
>
> The real trick to Internet security is to use what's known as "defense
in
> depth". This is basically the practice of placing as many impediments
in the
> way of the black hats as you can without unduly restricting the
ability of
> your users to conduct business. Good security consists of several
levels of
> defense. IMHO, the top three among these layers are a good firewall,
regular
> application of software updates and patches (including anti-virus and
> operating system), and user education.
>
> For those of you who are interested, the following is a bit of how I
explain
> this firewall stuff to my less technical users - maybe it'll help. It
does
> get a bit technical since the subject by nature is a bit technical, so
if
> you're not all that interested, you can save yourself some time by
skipping
> the rest of this email.
>
>
>
> Mark Kaynor
>
>
>
>
> Each computer on the Internet requires it's own, unique Internet
Protocol
> (IP) address. At some point "the Internet guys" realized that, at the
rate
> things were growing, they were going to run our of IP addresses. To
address
> this problem, Network Address Translation (NAT) was created.
Basically, NAT
> allows you to map several internal (local area network) IP addresses
to a
> single external (Internet) IP address. This means many computers
inside your
> firewall can share a single outside IP. To the outside world, it looks
like
> all the traffic is coming from a single computer. A byproduct of this
is
> that it also "hides" the addresses of your internal computers,
discouraging
> direct attacks.
>
> A firewall should include the ability to selectively open and close
ports
> (think of them as channels on a TV for now). For example, the
world-wide web
> protocol HTML uses port 80. If you use Outlook or another POP email
client,
> your computer probably talks to your email server on port 110. Your
email
> server talks to other email servers on port 25. For two computers to
have a
> conversation, they must be able to "speak the same language"
(protocol) on
> the same "channel" (port). A firewall should allow you to selectively
open
> and close ports in both incoming and outgoing directions. Closed ports
> prevent undesired access.
>
> Many firewalls use what's called "tasteful packet inspection" to
determine
> whether packets can get through the firewall based on the protocol,
port,
> and source and destination addresses. Each allowed request opens the
port
> for a limited time and only allows communication with the same
computer with
> which the conversation began.
>
> Many firewalls allow you to set time use policies - for example, you
can
> allow access to email servers only between 07:00 and 17:00.
>
> Many firewalls allow you to create "white lists" and "black lists",
allowing
> you to prevent access from specific IPs or to allow access only from
> specific IPs.
>
> Each computer's network interface has a unique hard-wired address
called a
> MAC address. This is built into the network card and cannot be changed
(it
> can be "spoofed", but that's another issue). Firewalls usually allow
you to
> lock down access to or from specific MAC addresses. I use this method
on my
> wireless access point at home - if your computer's MAC address isn't
on the
> list, you're not accessing the network.
>
> A firewall should allow the ability to create rules or "filters" based
on
> one or several of the above. You should be able to create specific
allow or
> deny filters on a port-by-port, protocol-by-protocol, IP-by-IP,
MAC-by-MAC
> basis.
>
> A firewall should provide a method for logging all or selected access
> attempts. This allows you to identify problems, fine-tune your
firewall
> settings, and track break-ins or attempts.
>
> -----Original Message-----
> From: rhodes22-list-bounces at rhodes22.org
> [mailto:rhodes22-list-bounces at rhodes22.org]On Behalf Of Peter Thorn
> Sent: Wednesday, March 03, 2004 6:41 PM
> To: The Rhodes 22 mail list
> Subject: Re: [Rhodes22-list] virus?
>
>
> Mark,
>
> We have a LinkSys hardwired home network ( a switch?).  Does that
contain a
> firewall and would there be a problem usuing two firewalls?
>
> PT
>
>
> > Peter,
> >
> > A personal firewall is definitely a good idea. ZoneAlarm is a good
one,
> but
> > I like the Sygate Personal Firewall - it's also free, very easy to
use and
> > works well. Here's a link to it:
> > http://smb.sygate.com/products/spf_standard.htm
> >
> > Mark Kaynor
> >
> >
> >
> > -----Original Message-----
> > From: rhodes22-list-bounces at rhodes22.org
> > [mailto:rhodes22-list-bounces at rhodes22.org]On Behalf Of Peter Thorn
> > Sent: Wednesday, March 03, 2004 2:33 PM
> > To: The Rhodes 22 mail list
> > Subject: Re: [Rhodes22-list] virus?
> >
> >
> > Rummy,
> >
> > Thanks for the suggestions.  My McAfee antivirus automatically
updates
> > itself whenever the "Big McAfee" says to, so I never have to do it
> manually.
> >
> > I'm also using Spy-Bot Search and Destroy about once a week.
> >
> > Haven't heard about zonelabs.  The guys who installed our home
network
> said
> > it was a firewall.  Do you think this would this be sufficient?
> >
> > PT
> >
> >
> >
> > ----- Original Message -----
> > From: <R22RumRunner at aol.com>
> > To: <rhodes22-list at rhodes22.org>
> > Sent: Wednesday, March 03, 2004 1:47 PM
> > Subject: Re: [Rhodes22-list] virus?
> >
> >
> > > PT,
> > > Antivirus definitions should almost be updated daily. Norton's
2003
> > version
> > > has an automatic update feature that does the update every time
you sign
> > on to
> > > your ISP.
> > > I would also recommend installing spybot software
> > > http://www.safer-networking.org/index.php?page=mirrors and
depending on
> > the Windows version you are
> > > running also installing Zone Alarm which also has a free version
to try
> > out:
> > > http://www.zonelabs.com/store/content/home.jsp
> > > It seems like a lot to do, but it is necessary in this day and
age.
> > >
> > > Rummy
> > > __________________________________________________
> > > Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
> >
> > __________________________________________________
> > Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
> >
> > __________________________________________________
> > Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
> __________________________________________________
> Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
> __________________________________________________
> Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
> __________________________________________________
> Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
>

__________________________________________________
Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list




More information about the Rhodes22-list mailing list