General Discussion General discussion on...anything!

Reply
 
Thread Tools Display Modes
  (#11) Old
holmes4 holmes4 is offline
Administrator
 
holmes4's Avatar
 
Posts: 6,156
Join Date: Nov 2008
Location: New Hampshire
Default 07-20-2009, 11:20 PM

Quote:
Originally Posted by Theophilus View Post
without any problems I know of.
That you know of... I'm sure all those "zombie" botnet PC owners don't know what their PCs are doing either...


Steve
Mini 9|2GB RAM|64GB RunCore|Intel 5300|Windows 10
Reply With Quote
  (#12) Old
Theophilus Theophilus is offline
Junior Member
 
Posts: 7
Join Date: Jan 2009
Location: Kentucky, USA
Default 07-20-2009, 11:45 PM

LOL! I didn't say I did not know what my pc was doing I said I found no problem.


I own 3 DELL's
Mini 9
XPS M140
XPS T450
Reply With Quote
  (#13) Old
Z4i Z4i is offline
Senior Member
 
Posts: 101
Join Date: May 2009
Location: Tampa, FL
Default 07-21-2009, 02:48 PM

Quote:
Originally Posted by mfruit View Post
Antivirus doesn't stop programs from phoning home or 0-day exploits.
What's wrong with Adobe Update phoning home?

Also, how many times has anyone you know been affected by a zero-day exploit? Unless you're an irresponsible browser, the chance of being victim of that is very slim.


Quote:
Originally Posted by holmes4 View Post
That you know of... I'm sure all those "zombie" botnet PC owners don't know what their PCs are doing either...
So can you tell me what the technique is called to penetrate a NAT from the outside? I've never heard of it and nor have any of the people I've asked, which includes network engineers, programmers, and IT. If you're going to say that NAT is "not an absolute barrier to intrusion" and simply "makes it harder" I would hope you have some information to back this up. Aside from UPnP, port forwarding, and DMZ, all of which require being inside the NAT, what way is there?


Unix fanatic
Vostro A90, 16GB SSD, 2GB DDR2, US-INTL Keyboard, FreeBSD 7.2-STABLE
Latitude E6400N, 2.4GHz, 4GB, 320GB, Opensolaris 2009.06 updated to build 118
Dell Tech Support agent
Reply With Quote
  (#14) Old
holmes4 holmes4 is offline
Administrator
 
holmes4's Avatar
 
Posts: 6,156
Join Date: Nov 2008
Location: New Hampshire
Default 07-21-2009, 04:02 PM

Here's one discussion I found in a quick Google search - I know I've read more on this in the past. The risk is low, I'll admit, but it is not zero.


Steve
Mini 9|2GB RAM|64GB RunCore|Intel 5300|Windows 10
Reply With Quote
  (#15) Old
Z4i Z4i is offline
Senior Member
 
Posts: 101
Join Date: May 2009
Location: Tampa, FL
Default 07-21-2009, 07:31 PM

Quote:
Originally Posted by holmes4 View Post
Here's one discussion I found in a quick Google search - I know I've read more on this in the past. The risk is low, I'll admit, but it is not zero.
That's not establishing a connection to a NATted machine, that's session hijacking, just like the first reply said. NAT simply has nothing to do with it. What would a firewall do about it that a NAT wouldn't?


Unix fanatic
Vostro A90, 16GB SSD, 2GB DDR2, US-INTL Keyboard, FreeBSD 7.2-STABLE
Latitude E6400N, 2.4GHz, 4GB, 320GB, Opensolaris 2009.06 updated to build 118
Dell Tech Support agent
Reply With Quote
  (#16) Old
mfruit mfruit is offline
Senior Member
 
Posts: 291
Join Date: Apr 2009
Default 07-21-2009, 08:11 PM

Quote:
Originally Posted by Z4i View Post
What's wrong with Adobe Update phoning home?
Shrug. You might not care if apps phone home but I don't want anything accessing the outside world unless I specifically allow it.

Quote:
Also, how many times has anyone you know been affected by a zero-day exploit? Unless you're an irresponsible browser, the chance of being victim of that is very slim.
As long as you don't connect to unknown networks, you should be safe but let's just say that I'm not as trusting as you seem to be.


Dell Mini 9 | 2 GB RAM | 64 GB STEC SSD | 16GB RiData SDHC
Triple Boot: Windows 7 | OSX 10.6 | XP
Reply With Quote
  (#17) Old
Z4i Z4i is offline
Senior Member
 
Posts: 101
Join Date: May 2009
Location: Tampa, FL
Default 07-22-2009, 02:11 AM

Quote:
Originally Posted by mfruit View Post
Shrug. You might not care if apps phone home but I don't want anything accessing the outside world unless I specifically allow it.
Why install them then? :/

Quote:
As long as you don't connect to unknown networks, you should be safe but let's just say that I'm not as trusting as you seem to be.
Paranoia requires prioritizing. On a server where you're going to set it up and then not touch the configuration for ages, taking every precaution makes sense. On a desktop where things are far more dynamic, it's not very practical to do every Good Thing you can for security. This is why we don't all run our browsers in virtual machines. If you want to be really secure, run a seperate minimal virtual machine for each network-connected app, and firewall the host up. On a server, jailing each app is just common sense and good practice. On a desktop, we just plain don't do that.


Unix fanatic
Vostro A90, 16GB SSD, 2GB DDR2, US-INTL Keyboard, FreeBSD 7.2-STABLE
Latitude E6400N, 2.4GHz, 4GB, 320GB, Opensolaris 2009.06 updated to build 118
Dell Tech Support agent
Reply With Quote
  (#18) Old
mfruit mfruit is offline
Senior Member
 
Posts: 291
Join Date: Apr 2009
Default 07-22-2009, 02:45 AM

Quote:
Originally Posted by Z4i View Post
Why install them then? :/
Because I want to use them?

Installing an app to use and letting it phone home are two different things. Just yesterday I stopped a screen capture utility from phoning home. (And no, it wasn't checking for an update.)

Quote:
Paranoia requires prioritizing. On a server where you're going to set it up and then not touch the configuration for ages, taking every precaution makes sense. On a desktop where things are far more dynamic, it's not very practical to do every Good Thing you can for security. This is why we don't all run our browsers in virtual machines. If you want to be really secure, run a seperate minimal virtual machine for each network-connected app, and firewall the host up. On a server, jailing each app is just common sense and good practice. On a desktop, we just plain don't do that.
Perhaps on a desktop where you are tied to one presumably secure network, you might not care if your ports are open to other machines but when you are talking about a laptop (look at what forum you're on!) that connects to any number of networks, it's better to be paranoid, IMO. You never know who your neighbors might be.


Dell Mini 9 | 2 GB RAM | 64 GB STEC SSD | 16GB RiData SDHC
Triple Boot: Windows 7 | OSX 10.6 | XP
Reply With Quote
  (#19) Old
Z4i Z4i is offline
Senior Member
 
Posts: 101
Join Date: May 2009
Location: Tampa, FL
Default 07-22-2009, 03:10 AM

Quote:
Originally Posted by mfruit View Post
Because I want to use them?

Installing an app to use and letting it phone home are two different things. Just yesterday I stopped a screen capture utility from phoning home. (And no, it wasn't checking for an update.)
Where'd you get that screen capture utility from? >.>


Quote:
Perhaps on a desktop where you are tied to one presumably secure network, you might not care if your ports are open to other machines but when you are talking about a laptop (look at what forum you're on!) that connects to any number of networks, it's better to be paranoid, IMO. You never know who your neighbors might be.
In Vista and 7, networks are profiled as home, work and public, specifically so you can change your firewall etc settings depending how much you can trust the network. It asks you when you join the network, what kind it is. I never said it was a good idea to go without a firewall on untrusted networks, but many people, myself included, use their laptops primarily at home due to their convenience over desktops, and in a fairly low-power machine like a mini, having a firewall running when it doesn't need to is a waste. On a network profiled as "home", you usually wouldn't need a firewall, but you should only classify one or maybe two networks as "home" networks. On the work profile you should use whatever your work requires, and on the "public" network profile, firewall up.

It's easy to not run a firewall when you don't need it, and turn it on only when you need it. So easy that you would have to make a conscious thought and lie to the computer in order to get it wrong. So what's the harm in turning it off when it's appropriate?


Unix fanatic
Vostro A90, 16GB SSD, 2GB DDR2, US-INTL Keyboard, FreeBSD 7.2-STABLE
Latitude E6400N, 2.4GHz, 4GB, 320GB, Opensolaris 2009.06 updated to build 118
Dell Tech Support agent
Reply With Quote
  (#20) Old
notladstyle notladstyle is offline
Junior Member
 
Posts: 23
Join Date: Jun 2009
Send a message via MSN to notladstyle
Default 07-22-2009, 08:41 PM

wow, a windows pc without a firewall at any time in any location is just stupid.

I cant think of a reason you would want to disable a firewall regardless of the perceived safety of a location. a single compromised computer behind your home network and you will have to wipe & reinstall all of them when they are infected.

as a default, I leave windows firewall on with no exceptions checked. besides gaming, there is no reason to change that setting.
Reply With Quote
Reply

« Asus EEE 1005HA | Need outlet Coupon »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Copyright © 2008-2016 MyDellMini.com.