 Number 211 - December 2000 |
| Are We Careless, Paranoid, or Right in the Groove? | ||
| by Jean Wilcox, August 2000 Suncoast Beeper, St Petersburg FL | ||
|
There has been a lot of
discussion among our merry little band of cable modem and other
"always-on" Internet users about safety. Primarily our conversation has
run on the track of just how safe is safe. Without taking some serious
precautions, we cable and DSL users are wide open to the world of bad
guys. If our computer is on, whether or not we are using the internet,
then our front door is ajar, inviting all passers-by with the right
software to enter at their will. Those who use the telephone wire of the
majority of Internet providers are only visible when actively using
that modem so there is less concern there.
We have talked at the meetings about the things you can do to protect yourselves by closing all close-able ports and turning off print and file sharing, but the broadband users wanted and needed an additional layer of protection. We found it in varying ways. By going to Steve Gibson's GRC.com site we learned how to shut down the ports to intruders. We learned by trial and experience the other protective measures we could take, such as running OptOut, to find out if our computer harbored any "phone home" applications that were ratting us out to advertisers and who knows who else. Some spent some major bucks installing a hardware firewall, while others tried to cover themselves sufficiently with software firewalls like ZoneAlarm or Black Ice Defender. Another fix is running the windows file, "winipcfg.exe". This allows you to "release" your I(nternet) P(rotocol) address, a series of numbers. This appeared to shut down the open door without having to physically unplug the cable modem. When you're ready to connect, you run it again and "renew" the address. This reassigns an address to your computer so you can go on your way. There was a school of thought that held that this method was not totally sufficient for protection, and that the only truly safe way was to unplug the coaxial cable on the back of the modem. Which definitely works, make no mistake about it. So, since there was 'dissention in our ranks', no matter how friendly, I decided to find out and put an end to the question. I went to Protonic.com for my answer. This site works just like the old NoWonder.com that went commercial except it's still 100% free and very friendly, knowledgeable, and helpful. So, campers, you get to read my mail this month! Herewith are my three messages to them, each followed by their response. Q "If I run winipcfg and tell it to "release" my adapter address, such that my numeric address goes back to zero, as it should, can I then continue to use the computer and be certain that I am protected completely from scanners looking for open ports or what have you? I use S.Gibson's site as well as DSLreports [www.dslreports.com] and AntiOnline [www.antionline.com] to check my status about once a week, and I'm proud to report I'm the next thing to invisible. But I've heard that so long as the computer is on and the modem is connected, that I can still be seen and the only way to completely secure myself is to unplug the coax to the modem. I'd love to have an answer from the expert horse's mouth. Love and kisses, Jean" A Your question has been answered! "Hi, Jean: Thank you for using protonic.com. It is a pleasure for me to help you with your question. What you are doing is a start. Please visit Steve Gibson's Shields Up site to test the security of your computer and get tips on how to keep it from being seen by anyone else on the Internet. To make sure the test is absolutely correct use the IP Agent. Specifically Steve explains in detail how to lock down your machine. Rick, Technical Support Representative" Q "No, sir, it hasn't been answered. Please go back down at the bottom and read it again. I've already been to GRC and others, too. Please read the question all the way through. I'd really appreciate the help. Jean" |
A "Jean: Yes, on
the contrary your question has been answered. And I did read all of your
letter! If you run Steve's tests on the Shields Up! site using the "IP
Agent" and it cannot find your machine you are indeed very secure. Using
his site as well as the DSLreports and AntiOnline to
check your status weekly is not necessary, since once your machine is
locked down according to Steve's instructions at his site and disabling
"File and Print Sharing" it is absolutely secure and keeps your
machine's contents invisible to others on the Internet. While a real
hacker can see your machine, he cannot gain access to it or any files.
Just knowing that your machine exists gives a potential evil doer no
more information about you than having a porch light on in your house.
While your machine can be probed every few seconds, if it returns a
message to the evil doer that it cannot be connected it will make him
look for greener pastures.
If you are really paranoid about evil applications sending information to others from within your machine, run the "OptOut" application to make sure there is no "Phone Home" app running and then install a good hardware firewall such as the "LinkSys Etherfast Cable DSL Router Switcher" and/or one of the software firewalls Steve recommended such as "Norton Internet Security", "Black Ice Defender", or "Zone Alarm", all of which I have tested. I prefer instead to keep my full time Internet connection locked down according to Steve's instructions since this approach takes no overhead. I have tested my connection's visibility to the Internet from various sites throughout the US and find it to be either invisible or closed to connections on every port I try. Your friend who told you that the only way to keep your machine safe is to unplug the cable is not doing you any service. It is analogous to not trusting the wall switch on your ceiling light, preferring to unscrew the bulb instead. Q "This is EXACTLY what I wanted to hear. Thank you very much for your time and patience. Corroboration was just what I needed. I used the IP Agent at GRC, I have also run OptOut and I at least own Zone Alarm, although it's not yet installed. I consider myself fairly well-informed but I'm not so confident that I don't at least listen to people who may know more than I. Now that I feel so good and I've made nice on you, do I have permission to re-print our correspondence in our monthly newsletter? I've been telling them about you people ever since NoWonder.com (Now e-People.com - ed) went commercial. Thanks again. Jean" A "Hi again, Jean: I'm very glad I could be of help. We are all volunteers from all parts of the world here at protonic.com and our best and only payment is in the knowledge that we have helped our clients through great letters like yours. Please return to the site if you need any more help. We at "protonic.com" really appreciate any and all referrals we can get. We are a totally volunteer organization and have a total monthly advertising budget of probably less than $20.00. Also please refer your friends to "protonic.com". Any free publicity is very much appreciated. Though our information is copyrighted, meaning it is not for use by other technical support organizations, we have little problem using our correspondence with satisfied clients as promotional material. Feel free to use it for this purpose. Rick Streeter, Administrator and Technical Support Representative www.protonic.com or rick@protonic.com, Fast, Friendly, Free, Accurate, Computer Technical Service"
|
|
|
Number 211 - December 2000
|
|
|