I see in the NIPS (Network Intrusion Detection and Prevention System) logs that my ISP (151.6.142.220) is blocked as an attack source, with this description: BAD-TRAFFIC IP Proto 103 (PIM) with priority "medium".
I don't know what it means and I'm wondering if I should allow it (allowing all the intrusions of "medium" class), because recently I have many disconnections from my dial-up, it seems I can't keep the connection alive for more than a few minutes.
I hope in your help, thanks!
You're just fooled by your "Personal Firewall". Just use the Windows- Firewall to filter, it's enough. Then you will not see any senseless messages any more, which only are misinterpreted.
Yours, VB.
venerdì 26 agosto 2005 Volker Birk ha scritto:
Thank you, VB, but then how can I block unwanted outbound connections? Is there another way?
With kind regards,
sabato 27 agosto 2005 Volker Birk ha scritto:
[...]
I understand. Thank you for your thorough response.
Unfortunately, it's not possible to secure that a software program, which is already running inside, cannot communicate with computers "outside".
This is because of existance of tunneling.
The "Personal Firewalls" all just "secure" one single way to do this - it's the usual way to open a connection "outside".
So the "Personal Firewalls" all are controlling the programs only, which allow to be controlled.
Because this would be the only advantage I see to want to have a "Personal Firewall" and not the Windows-Firewall, and because of the fact that this advantage isn't really one, I'd prefer the Windows- irewall to any "Personal Firewall" I know. Don't forget:
"Personal Firewalls" have much disadvantages compared to the Windows- Firewall, i.e. many of them have system services, which open windows (which is a security design flaw), have functionality to filter PINs out of traffic (which is based on the complete lack of understanding of data security) and lead into publizising this data.
Because of these facts, that any "Personal Firewall" will not secure your system compared to securing it with the Windows-Firewall, but many of them open a broad range of additional security problems, I'd prefer the Windows-Firewall.
Yours, VB.
One thing, just to be fair:
Kerio, or to be specific, Kerio Personal Firewall 4.1.2 was the least bad software in our test (I'd not call it the best one, because also Kerio had no real advantages over the Windows-Firewall). Even Tiny is worse.
Kerio only has small design flaws like the fact that it is opening sockets with listen() on 0.0.0.0 itself, and filtering away afterwards, Kerio is easy to switch off from a malware in the standard configuration and Kerio installs extra code onto your system, so theoretically the system has more code which could be object of an unseen attack vector.
The Witty worm was a real-world example, how sometimes such theoretical flaws cause practical problems:
Yours, VB.
I've been trying to educate myself on firewalls ect... I'm running XP PRO and was running ZA but had too many email problems so removed that thru control panel - and was told to install Kerio - but after reading some of the messages on this thread - maybe I don't even NEED a firewall other than my xp pro which is already activated? Is that what you are saying?
If that's true...then do I need anything to stop virus ect?? what should I be using?
thanks so much -
frustrated, tired and not getting emails again .... in OE 6 from my domain emails...just my earthlink acct addresses..........Pam
Windows Firewall is not what I would consider much in the way of protection and should be supplemented with a good DSL / Cable NAT router
- you can purchase a cheap Linksys BEFSR41 at most places that sell computers.
It's only true for those that are very, very, diligent in protecting their systems.
If you want AV software, and everyone should have it if they have a Windows based PC, try Norton 2005 or AVG from Grisoft - AVG is free and does email filtering too.
Stop using OE and look into ThunderBird.
Yes. The Windows-Firewall is OK.
It's a good idea to use a virus scanner. Virus scanners are one of the most overestimated software types, though.
A virus scanner cannot find every virus. But a virus scanner can find the viruses it knows already, and those are usually many.
The best virus scanner is your brain ;-) If you don't use software out of dubious sources, if you cannot be folled by mail worms, because you're thinking before opening a mail (and not using a MUA which opens the mail for you like older Outlook Express releases), and you don't use Internet Explorer, which has lists of unfixed bugs, but any other browser and keeping also this software up to date like your system software (use Windows-Update!), then you should be safe even if you have no virus scanner.
A virus scanner can help, though. Especially, if you're not using it as "online-access-scanner", but rebooting from another media from time to time, and scanning your hard disk frequently. Also it is a good idea to scan files, which you're downloading or receiving as mail attachement, before you're using them the very first time.
HTH, yours, VB.
"Pam" wrote in news:ehHQe.1957$ snipped-for-privacy@newsread2.news.pas.earthlink.net:
Since you're having so much trouble, I would just go with XP's FW. I don't think it is any worst than the others.
Maybe, you should go to the XP O/S itself and tighten up things a bit like disabling MS File and Printer Sharing service if the computer is not on a LAN and shutdown other services not needed when doing a direct connection to the Internet. Also you could enable IPsec to supplement the XP FW.
IPsec will block file downloads on high ports so you disable IPsec and do the download and enable it again. But you can also configure to open the ports, since you want to learn about FW(s). IPsec will stop inbound and outbound traffic by port, protocol and IP and is a good learning tool when reviewing the rules configured by AnalogX.
Duane :)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.