Sorry but this is all very confused...
Steve LeMaster Wrote:
-------------------------------------------------------
>
> 1.) Never use more than one firewall as they can
> cancel each other out.
>
That's not true. Where did you hear that ? It actually provides extra protection due to the different ways they work - but is not necessary for a home user.
> 2.) Always keep firewall definitions updated.
Firwalls don't really have "definitions" as such
>
> 3.) Typically, firewalls (I recommend Nortons)
> will tell you what type of attack was used and the
> IP address. If yours does this, great! it's
> updated and working...Don't mess with it.
>
Well it doesn't necessarily mean its "updated"...
>
> 4.) Use a third party anti-virus program (I
> recommend McAffee or Norton). Never use more than
> one anti-virus program, because they WILL cancel
> each other out.
>
No they won't. Again who told you that ? It will just use up extra resources for no good reason.
>
> 5.) If you want to trace an IP address, use WHOIS
> or INTERNIC.
Thats for looking up domains not IP addresses
> However, the individual most likely
> has his IP proxied using SOCKS 4 or SOCKS 5
> protocols, if the person doesn't, he's an idiot.
> Assuming that it is proxied, you will never trace
> it.
>
I think you are talking about NATing which is not really the same thing.
There is no need at all for a home user to use a proxy.
>
> 6.) If you don't want to use either WHOIS or
> INTERNIC, I recommend VisualRoute.
>
> 7.) Always keep your OS updated. Microsoft always
> posts critical updates. Just go to your Control
> Panel and click on Windows Update.
Well that IS good advice
>
> 8.) It is very common that your firewall is
> reporting a hack attempt that's false. If you want
> to check this, contact your Internet Service
> Provider (ISP) and give them the IP address.
> BlackIce Defender gives false hack attempts.
>
Generally there is no need to worry about "hack attempts". People scan IP ranges to look for someone not protected or something they find interesting. The very fact your firewall detects it shows that it is handling it. Only if you get repeated attempts from the same address is there any need to worry at all. Sometimes there are ligitimate calls that are seen by software as attempted intrusions but its rare in my experience (I haven't used BD).
>
> 9.) Get to know what makes a hacker tick. Hacker
> Manifesto, Script Kiddie and WhiteHat
>
Why ?
>
> 10.) The best firewall in the world is a router (I
> recommend LinkSys).
Only if it had a harware Firewall built in. Not all routers do by any means.
> These are impossible to hack
> because it assigns a MAC (Media Access Control)
> address.
Every point on any network has a MAC address...
> Routers use headers and forwarding tables
> to determine the best path for forwarding the
> packets, and they use protocols such as ICMP to
> communicate with each other and configure the best
> route between any two hosts.
>
> One last note if you attempt to trace an email
> address:
>
> A single PC on the Internet can be running both a
> Web server and e-mail server. If the PC's IP
> address, say, 227.134.196.101, a Web browser that
> looks at 227.134.196.101 will find Web pages
> there,
Only if you have an application on the PC that hosts web pages and is active (eg. IIS or Apache)
> while an e-mail program will find mail at
> 227.134.196.101.
Only if POP3 software is installed and configured...
> They don't get confused because
> (this is the crucial part) TCP/IP uses different
> 'ports' for each type of service. Ports are like
> lanes on a motorway, and keep the Web traffic and
> e-mail traffic separate. Web services generally
> run on port 80, while e-mail runs on ports 25 and
> 110. There are thousands of ports to choose from,
> and you can run any service on any port, but there
> are standards that most people abide by.
>
Simon
Edited 1 time(s). Last edit at 04/07/2005 03:36PM by Simon.