Why not register?


Post new topic Reply to topic  [ 25 posts ]  Go to page Previous  1, 2

All times are UTC [ DST ]

Author Message
PostPosted: Sun Jul 13, 2003 10:28 pm  Post subject:
Reply with quote
User avatar
Offline

Site Admin
Joined: Sat Nov 02, 2002 1:35 am
Posts: 19753
Location: En España
My kerio is setup to be in stealth mode. Responding to ports indicate that a machine is there and unprotected, if you get a timeout, which you get if you set up your firewall right, he will not think a machine is there. If you have the port available but closed, your machine still responds, they no something is there. If a port is hidden, it timesout which is useless to any1 sniffing around.

And I get, many port scans, I had to modify the rule to not even bother logging or displaying a message anymore. BayTSP must have me on some kind of hit list because one of their machines follows me around :lol:

@ smasher, Zonealarm = CPU hog , that's why people don't like. It's quoted by most that it wasn't designed at all for P2P, and it's performance is poor in comparison to other walls. That's why people always recommend against it. Do a search for zonealarm on the fileheaven.org forums for lots of reasons to change. If your happy with it's many flaws there's not point, but if you want a less CPU intensive and securer option, Kerio is recommended in high regard :)

_________________
Mouse nipple for the win! Trackpoint or death!


Top
 Profile  
PostPosted: Sun Jul 13, 2003 10:47 pm  Post subject:
Reply with quote
User avatar
Offline

The Devil, Probably
Joined: Mon Jun 09, 2003 1:04 pm
Posts: 2497
Location: In the darkest spot of your soul.
spudthedestroyer wrote:
My kerio is setup to be in stealth mode. Responding to ports indicate that a machine is there and unprotected,

Funny, do you use edonkey? Either this or someone else is using your nick. If I am uploading or downloading to/from you, I think I can be sure that there is a machine there, even if you hide all your other ports. And a responding port does not automatically mean that there is an unprotected machine.

spudthedestroyer wrote:
if you get a timeout, which you get if you set up your firewall right, he will not think a machine is there.

This is correct, but for our cases, i.e. P2P users, absolutely irrelevant . You can only hide your machine if only a very limited user group needs to access it. A port open for the public and bye bye secrecy.

spudthedestroyer wrote:
If you have the port available but closed, your machine still responds, they no something is there.

Yes, that's why it is better to let unused ports open. Then they don't know that something is there.

spudthedestroyer wrote:
And I get, many port scans, I had to modify the rule to not even bother logging or displaying a message anymore. BayTSP must have me on some kind of hit list because one of their machines follows me around :lol:


Me too. But in your case: Don't worry. It is only the MPAA they are too cheap to pay first class hackers ;-)


Top
 Profile  
PostPosted: Sun Jul 13, 2003 11:00 pm  Post subject:
Reply with quote
User avatar
Offline

Site Admin
Joined: Sat Nov 02, 2002 1:35 am
Posts: 19753
Location: En España
wargand wrote:
spudthedestroyer wrote:
My kerio is setup to be in stealth mode. Responding to ports indicate that a machine is there and unprotected,

Funny, do you use edonkey? Either this or someone else is using your nick. If I am uploading or downloading to/from you, I think I can be sure that there is a machine there, even if you hide all your other ports. And a responding port does not automatically mean that there is an unprotected machine.


That's because I obviously have some ports open. I'm not bothered about someone using an edonkey port because they will obviously because the only service with access to that port is emule. I have secured access through that port :)

Quote:
Yes, that's why it is better to let unused ports open. Then they don't know that something is there.


Leaving ports open that are not in use actively is not very 'secure' at all, it's best to put it into stealth mode and let them timeout (then there is no indication that anything is there :) ). Then when someone initiates a scan on that port, they realise a machine is not there and move on. If it responds, they will go through all the other ports when scanning for vulnerabilities, if they are hell bent on exploiting a vulnerability. That is why it best to use a firewall and ensure, however safe you think your pc is to timeout those port connection attempts. I know it's very unlikely to be hacked, but I'd still rather "be safe than sorry" to coin a phrase, especially when there is a vested interest in my pc.

I am bothered about the port scans, which don't start on an edonkey port ;)

_________________
Mouse nipple for the win! Trackpoint or death!


Last edited by spudthedestroyer on Sun Jul 13, 2003 11:03 pm, edited 1 time in total.

Top
 Profile  
PostPosted: Sun Jul 13, 2003 11:02 pm  Post subject:
Reply with quote
Offline

The Devil, Probably
Joined: Sun Dec 08, 2002 3:07 am
Posts: 2174
Location: I'm inside of you.
i did mess with my zone alarm a lot, but i think its setup fine now. I'm almost always max'd out on uploading and downloading speeds for the last few months 24-7, and emule or the internet is the only thing i use this computer for. I wouldnt even bother with a firewall if i wasnt worried about someone turning my computer into a kiddie porn server/mass spam mailer/credit card fraud/ or something equally bad.
zone alarm is using about 20% of my cpu, but this is a rather old computer. thats why i use it for the internet, if it gets fucked up, oh well. I use my other computer for everything else, and it never goes online.

_________________
'You - you monster! Why? Why in God's name do you do these horrible things??!'

'I thought it was obvious, you sillly girl.
I'm a monster. I do monstrous things.'


Top
 Profile  
PostPosted: Sun Jul 13, 2003 11:05 pm  Post subject:
Reply with quote
User avatar
Offline

Site Admin
Joined: Sat Nov 02, 2002 1:35 am
Posts: 19753
Location: En España
monkeysmasher wrote:
i did mess with my zone alarm a lot, but i think its setup fine now. I'm almost always max'd out on uploading and downloading speeds for the last few months 24-7, and emule or the internet is the only thing i use this computer for. I wouldnt even bother with a firewall if i wasnt worried about someone turning my computer into a kiddie porn server/mass spam mailer/credit card fraud/ or something equally bad.
zone alarm is using about 20% of my cpu, but this is a rather old computer. thats why i use it for the internet, if it gets fucked up, oh well. I use my other computer for everything else, and it never goes online.


on old machines it's even more recommended to not use zonealarm. It's cpu usage is astronomical. Tiny Personal Firewall is optimized for windows 98, if it's XP/2000/NT, use Kerio. It's cpu usage will be around 5% absolute max.

_________________
Mouse nipple for the win! Trackpoint or death!


Top
 Profile  
Display posts from previous:  Sort by  

All times are UTC [ DST ]

Post new topic Reply to topic  [ 25 posts ]  Go to page Previous  1, 2


Who is online

Users browsing this forum: No registered users and 7 guests


Moderator: Help Mods

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Frontpage / Forums / Scifi


What's blood for, if not for shedding?