NIS will not let me synchronize the PC Date/Time

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
I am using NIS Ver 8.0.7.1 and I have noticed that it will not let me
synchronize the computer date/time with either of the internet time
servers...windows or nist.
I have tried the faq's at Symantec and googled for info but no results yet.
Can anybody in this group give me advice?
Regards
Patrick.


Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

Yes. Remove Norton InSecurity. You probably don't need it. Use the
Windows-Firewall instead.

Yours,
VB.
--
"If you want to play with a piece of windows software that makes you
click all over the place, there's always minesweeper."

                    Kyle Stedman about "Personal Firewalls" in c.s.f

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

Wrong answer bubba.

Proper answer is just look at the block list, remove the NTP blocking
rule, restart the computer.

Windows firewall does not protect as well as NIS or most other PFW
solutions.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time

Quoted text here. Click to load it
yet.
Little did I realise what I was starting with the original question....
However, from keeping a close eye on this thread I think it is probably best
if I use the FW built into my wireless router (3Com 3CRWE754G72-A) and just
disable both NIS and Windows FW's.
Would all you knowledgeable folks in here agree?
Regards
Patrick.


Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

It would be a good idea, while it will do no harm to let the
Windows-Firewall on.

Yours,
VB.
--
"If you want to play with a piece of windows software that makes you
click all over the place, there's always minesweeper."

                    Kyle Stedman about "Personal Firewalls" in c.s.f

Re: NIS will not let me synchronize the PC Date/Time
says...
Quoted text here. Click to load it

Not really, at the least I would suggest the following:

On a single computer network:

NAT Router for connection to internet
Windows Firewall
File/Printer sharing disabled/removed
additional security settings, browser, email, AV software, updates,
etc...

On a multi computer network:

NAT Router for connection to internet
  ROUTER blocking outbound ports 135-139, 445
Windows Firewall on all machines,
  File/Printer sharing exception if needed
File and Printer sharing enabled (if needed)
additional security settings, browser, email, AV software, updates,
etc...

If you want more security, remove Windows Firewall and install a Quality
PFW of your choice.

All solutions would also include WallWatcher so that you could monitor
in/out bound traffic in real time.

If you want one better than a cheap NAT router, which offers little
protection, get the D-Link DFL-700 Firewall Router.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time
Volker Birk wrote:
Quoted text here. Click to load it

I'm home user and recently I tested my laptop security since I'm going
to travel for a while and I will not carry my NAT router with me. During
test I noticed that I have C$ in shared resources, I thought that I had
got rid off that hole long time ago, but it was there. I also forgot to
reconfigure wireless connection NetBIOS over TCP and file and printer
sharing was on. I tried to access to root from remote computer and one
thing prevented me to attempt to access to root was that useless ZA who
luckily asked me do I want to put new network in a trusted zone. Then I
turned ZA off and I used Windows firewall, I tried to access C$ and I
got login/password prompt, like I expected it didn't block, I got a
lesson and here it is:
There is no good protection for home users, most of us don't even know
how to configure wireless connection nor we are aware that C$ exist,
there is only protection which at least tries to block and one which
not. To an ordinary home user who will just take his laptop and connect
to a hotel wi-fi network without reconfiguring anything, that's what
most of us do, Windows firewall is useless. ZA will at least put wi-fi
network in internet zone and it will try to block something.
So please don't advice us to use Windows firewall, we are not computer
geeks who know how to configure OS and applications (we use application
control) we don't understand words like NetBIOS (we use firewalls ZA,
NIS etc.), we use our computers not knowing how they work. ZA or NIS is
built for us not for you, you have Windows firewall and many options in
windows registry, leave ZA, NIS etc. to us, we need them. To use Windows
firewall we should first learn something about Windows and networks and
sometime we are busy people not having time or interest for that.



Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

Windows-Firewall has a correct default configuration, especially for
rookies. Just don't change anything, and you're protected.

Quoted text here. Click to load it

I.e. with Norton InSecurity you don't add any extra security, but you're
adding extra security threats you don't have with just Windows-Firewall.

Try to understand.

I'm not calling any rookies to understand technical issues. And as soon
as I'm getting to know a "Personal Firewall", which is increasing security
above Windows-Firewall or just stopping services, I will recommend it.

What I'm seeing, though, is selling snake-oil, which even is making
the users more insecure in many situations, not more secure.

Yours,
VB.
--
"If you want to play with a piece of windows software that makes you
click all over the place, there's always minesweeper."

                    Kyle Stedman about "Personal Firewalls" in c.s.f

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

Except you're not seeing how things work in the "REAL WORLD". I've seen
many people that were using Windows XP + SP2 and the Windows firewall on
a public IP that were compromised in short order, under a month in most
cases. Once adding a PFW to their solution they go at least a year
without the same problems - that's REAL WORLD experience.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

"Leythos",

usually I'm not replying on what you're writing any more. And usually
I'm even not reading what you're writing any more.

But on this posting I'll make an exception:

I think you're just lying to all of us. You're not the "specialist" you
claim, you don't have the experiences you're claiming, you're just a
liar, who is vaporing and prancing.

Your "real world experience" is not worth the bytes to store the data
you're excreting, and it is very clear to me, why you're refusing to
tell us your real name and insisting on keeping anonymous.

What a perfect position for a liar.

VB.
--
"If you want to play with a piece of windows software that makes you
click all over the place, there's always minesweeper."

                    Kyle Stedman about "Personal Firewalls" in c.s.f

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

Like it or not, you are in the same position you say I'm in - your POC
fails to prove the PFW solutions don't block it, your statements don't
reflect how PFW's work in the real world, your solution of only using
the Windows Firewall is weak at best, and you kill-file anyone that
strongly disagrees with you.

As for your claim that I'm hiding/being anonymous, you've got to be
really reaching for straws here. I am always reachable via email, see
sig, and it's been that way for almost 20 years, feel free to contact me
anytime you want - others do.

Ask yourself this, since your POC fails on a properly configured system,
since ZAP does work for many users, why do you keep denying that PFW's
work?

Sure, PFW solutions are what I would consider as a LAST option, having a
NAT Router appliance being better than Windows or a PFW solution, but
even PFW's protect a users computer better than Windows firewall does.

So far, all I've seen from you and your followers is a bunch of hype,
while in the real world I've seen a LOT of installations where ZAP and
even Tiny protected the users from being compromised on public internet
connections and even on clients LAN's that were compromised.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

I'm Volker Birk, Wettgasse 7, 88339 Bad Waldsee, Germany. You can reach
me by phone at +49 (7524) 912142. You can reach me by mail at
bumens@dingens.org. You can find my Homepage here: http://fdik.org

You easily can find in the net what I'm doing as a hobby and where and
what I'm working for.

You can find thousands of people who will tell you, that my public
work helped them, especially www.dingens.org. You can find enough people
here who are telling you that they tested my PoC code and it worked.

You can read articles in different newspapers about my PoCs, including
http://www.heise.de/newsticker/meldung/68725 - the publisher with the
greatest reputation in the German IT market, and PC Professional, the
German edition of the PC Magazine. They tested, too, what I did, and
affirmed. Just like http://www.firewallleaktester.com /

I call you a liar, and that's it. And a chicken-hearted liar, o anonymous
"Leythos"-K00k.

And, folks, that's it. I will filter out this idiot again. This never
will lead into a sensible discussion.

VB.
--
The kook trademark is paranoia and grandiosity. Kooks will often build
up elaborate imaginary support structures, fake corporations and the
like, and continue to act as if those things are real even after their
falsity has been documented in public. (Jargon file: Kook)

Re: NIS will not let me synchronize the PC Date/Time
Quoted text here. Click to load it

What does posting your real name mean? Nothing. Your message to the
public is still flawed and full of holes that you don't dispute.

You completely fail to address how PFW solution actually protect many
users and dismiss them all when users misconfigure them, just as they
would with Windows Firewall.

It's really pompous of you to make the claims that I'm telling lies when
you refuse to believe what people in the real world have shown you and
others many times.

Like it or not, just because you think you're the end-all guru, you need
to take your head out of your a$$ and look at what is happening in the
real world around you - being locked behind your keyboard all the time
is warping your ability to analyze how things actually work outside of
your limited experience.

Oh, and you can find people that will tell you that your POC doesn't
work also, but you just kill-file them instead of testing on your own.
It's easy to say the facts prove something when you discount all the
results that disprove it.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time

Quoted text here. Click to load it

How did they get compromised? From the outside?

Re: NIS will not let me synchronize the PC Date/Time
b__nice@hotmail.com says...
Quoted text here. Click to load it

Yep, from the outside, after allowing applications to quietly open holes
and by not blocking outbound connections that phone home to download
more payloads.....

When XP Firewall first came out, apps could open holes without any
notification, now, some app do it with little notice to the users, like
AOL software does. If they had been behind a NAT device they would have
not been compromised.

It's not funny to see file/printer sharing enabled on a single user/node
computer directly connected to the internet with it's running Windows
firewall to protect (or not as the case most often is) it.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time

Quoted text here. Click to load it

I see, but then the damage actually *was* initiated from the inside
and not from the outside. It was made possible from the outside by
mistakes made on the inside.

You are right about the "outbound part" not taken care of by windows
firewall, but I'm among the ones convinced that the average user is
not able to stop the right things anyway.

Quoted text here. Click to load it

Users (and novices in particular) should not run programs they don't
trust. When You decide to install or run a particular app to help You
accomplish something You also accept to let it do what it takes.

Quoted text here. Click to load it

Most likely not. But then there is also UPnP, of course.

Quoted text here. Click to load it

I am not too familiar with the XP firewall. But are You saying that
windows will more or less silently allow opening ports for file- and
printersharing? - I find that hard to believe. Which applications or
parts of windows will do that?

Finally, just a short comment to Your 1 month w/o PFW followed by a
whole year with statement:
Would it be fair to assume, that after having been compromised for the
first time users will have a significant raise in awareness to how
they act?
And that that higher level of awareness is the prime reason for taking
longer to be compromised again - and not being the result of
installing a PFW?

/B. Nice

Re: NIS will not let me synchronize the PC Date/Time
b__nice@hotmail.com says...
Quoted text here. Click to load it

I don't consider Windows file/printer sharing to be an inside thing when
the user is connected to the internet directly.

Quoted text here. Click to load it

I agree, and in the case of some malware, a PFW can alert the user to it
existing when Windows Firewall would not have even burped.
 
Quoted text here. Click to load it

That's the first thing I disable for any NAT device.

Quoted text here. Click to load it

There were a number of them out when Windows Firewall was first
presented, and AOL will modify it to allow AOL ports, I've seen
computers with IM installed that have IM App installed exceptions, I've
seen users with a single computer, that has F/P sharing installed by
default, with exceptions created by users (and by apps in the early
days).

I have not see any users with File/Printer sharing unblocked when
running ZAP or Tiny during this same period.

Quoted text here. Click to load it

Yes, it would be fair to assume that, but most users remain ignorant
even after warnings and help.

--

spam999free@rrohio.com
remove 999 in order to email me

Re: NIS will not let me synchronize the PC Date/Time

Quoted text here. Click to load it

When a firewall is present, it is. Because that is what firewalls do:
Establish a border line - in this case betweeen the outside and the
inside.

Quoted text here. Click to load it

Makes no difference. In line with Your own final comment, average
users will not react properly to the burp anyway :-)

Quoted text here. Click to load it

Of course You do :-)    I was thinking of those out there who has it
turned on without knowing and without having a clue (and without
caring, for that matter). They are in the exact same situation.

Quoted text here. Click to load it

Could You name some app's that would need to specifically open for F/P
sharing?

Quoted text here. Click to load it

Whether that's a problem solely depends on the purpose.

Quoted text here. Click to load it

There could be good reasons for that, like enabling IM-partners to
connect directly. Remember that most users expect their software to
"just work". Companies struggle to find ways to deal with that. We are
back to the basics: User installs IM app, user accepts risk.

Quoted text here. Click to load it

So a user did mingle with it :-)

Quoted text here. Click to load it

Maybe not. However, I hope You don't use that as a valid argument to
install a PFW.

Quoted text here. Click to load it

Well, then a PFW will not make much difference anyway.

/B. Nice

Re: NIS will not let me synchronize the PC Date/Time
B. Nice wrote:

Quoted text here. Click to load it

Point is that NetBIOS can be easily bound to an interface.
Or, if you're inside a LAN, the router usually is the boundary.

In any case, Windows firewall is a host-based packet filter, not a
firewall, that works as supposed!

Quoted text here. Click to load it

Usually a malware will easily circumvent the PFW, shut it down or simply
click away the message.

Re: NIS will not let me synchronize the PC Date/Time
On Tue, 06 Jun 2006 09:07:19 +0200, Sebastian Gottschalk

Quoted text here. Click to load it

I know.


I know it is just a host-based packet filter. But if the definition of
firewall is "a piece of hard- and/or software to control communication
between different zones of trust in a networking environment" You
*can* get away with calling ZA or the windows firewall a firewall
because it tries to establish a virtual border line between the
internet and Your PC.
And take note of the fact that I am *only* talking defintion here. I
haven't said anything about the quality of solutions.

Quoted text here. Click to load it

Yup. The clever ones will. The not so clever ones will be spotted by a
PFW and granted access by the user ;-)

Site Timeline