Firewalls ?

Discussion in 'Backup and Security' started by babe714, Aug 18, 2001.

  1. babe714

    babe714

    Do you experienced traders and computer users recommend use of a firewall. I have been trading for several years without one and have wondered just how secure my online accounts are .
     
  2. JayS

    JayS

  3. fast

    fast

    I use ZoneAlarm, not just to protect myself, but also to keep my computer from being used for hostile attacks that shut down targeted servers and/or websites. Hackers can load programs onto unprotected computers and use these computers to send messages that create disrupting overloads. The computer owner has no idea this is happening. High power computers using broadband connections are hackers' favorites, but other computers also can be used. Hackers now have programs that rapidly seek unprotected computers.

    I think, but am not sure, that the website of one or more online brokers was shutdown by a hostile attack during the last year or so. Does anyone remember this? Anyway, I do not want my computer to be used in this way.

    Like JayS, I also use ZoneAlarm with both DSL and direct dial-up.

     
  4. Babak

    Babak

    if you don't have a firewall you are just asking for it

    get ZA and a good antivirus (and keep it upto date)

    once you get ZA and configure it go to http://www.grc.com and test it before a hacker does (use the SHIELDS UP! on the site)
     
  5. roger2

    roger2

    There are two very good, and free, personal firewalls available: ZoneAlarm (ZA) and Tiny Personal Firewall (TPF).

    http://www.zonelabs.com
    http://www.tinysoftware.com

    ZA is more well known. It is also easier to set-up, more automatic. ZA makes you look at an opening splash screen ad for about 30 seconds when you boot-up and there are links on the main set-up page for ZoneLabs' non-free products. Other than that ZA is free and easy.

    TPF is more configurable, if you want to make your own settings for specifc ports, programs, and/or connection attempt either inbound or outbound. It is very flexible. And it is a smaller program than ZA (1.3MB vs 2.7 MB).

    I have installed and used both and they are both very good.

    There is a site with great tools and info regarding hacking and firewalls (and a lot more). The site is kinda cheesy looking but don't let that put you off - it really is pretty good.

    http://www.grc.com

    for tools and tutorial on hacking/firewalls follow this link from homepage:

    Shields Up! >

    -the top of this page has tools for testing your ports (vulnerability to hacking)
    -the bottom of this page has infomational links organized by topic

    At grc you can also read about ZA, TPF and others:

    LeakTest > Personal Firewall Scoreboard > info on each firewall


    Besides firewalls, another anti-hacking approach is to close down a lot of unnecessary network services/protocols which Microsoft has enabled by default on your computer. This is what I have done because I worry about firewall slowing down my connection, HOWEVER, I have no evidence that a firewall would do that. I am just guessing. I have heard of cases where firewalls have interfered with various programs i.e. virus, broker, others? i don't know?

    I am not even close to an expert, but I did take some time a couple months ago to learn enough not to feel vulnerable.

    I was surprised to learn (by watching my TCP/port activity in real time) that I get scanned/probed several times a day by unknown sources. But, from what i can gather, the majority of hacking is minor leaguers who have easy access to hacker programs on the web. A good book is "Hacking Exposed 2nd Ed." ISBN 0-07-212748-1

    Don't do nothing. Get a firewall or disable unnecessary network tools (or both). As Babak mentioned, updated virus protection is also important. This ensures against trojan horse programs which can be installed and used by hackers to make outgoing connections from your computer.

    The $64,000 question: is my account safe? I wish I knew for sure...
     
  6. ktm

    ktm

    ZA is good, BlackIce is also good. I have a cable connection and get probed about twice per hour 24/7. If you have a high speed connection (always on), you need something. Roger made some very good points. I have a peer-to-peer network setup with 3 computers at home. A friend of mine has the same setup and was getting probed heavily as well. He purchased a specific type of router and only gets hit once or twice a month now...appparently the router serves as a "hardware firewall".

    My experience is similar to Roger's in that most folks who hit mine are amateurs running scripts looking for trojans and port probes to attempt to get a launching point for something bigger. I would definitely get a firewall but I would gather that any threat to your account would come from elsewhere. I've never heard of anyone probing through and removing funds in that way. Most of these hackers, albeit amateurs - are out for things other than money. One of the best ways to defend against them is to keep your hard drive free of viruses and other things they can latch on to.

     
  7. jperl

    jperl

    ktm-
    I'm surprised your friend gets hit at all with a router in place. He should check ShieldsUp at

    http://grc.com/

    to see if he has some vulnerability. I use a D-Link 4 port router. ShieldsUp indicates my computer doesn't exist-that's pretty nifty. I suggest everyone check this site out and if you are not running in what they call "Stealth" mode, you do something about soon.
     
  8. Babak

    Babak

    do NOT use BlackIce it is useless

    if you want proof go to http://www.grc.com and you will find how he repeatedly found massive vulnerabilities

    You would think that if you pay for something (BlackIce) it should be better than what you get for free (ZoneAlarm)


    NOT SO

    if you are using BlackIce or considering using it, and you truly value your data then go to http://www.grc.com and read what Steve Gibson has to say about it.

    I have nothing personal against BlackIce or its manufacturers, I just don't want to see anyone lulled into a false sense of security. That is worse than having no security at all.
     
  9. white17

    white17

    Just so I understand : is there any conflict between the firewall and data feed?? Is anyone using Preferred's software behind ZA ?

    thanks
     
  10. roger2

    roger2

    As i see it, there are 2 types of potential 'conflicts' between data feed and firewall:

    1) simply can not run or connect to data feed
    2) potential slowing of data by some small degree

    Regarding item 1, both ZA and (even more so) TPF are configurable so that you can set-up permission/denial for specific programs. So item 1 should not be a problem although I have not tested myself . If there was a problem with ZA then one could try TPF.

    Regarding item 2, I would like to know if a firewall introduces any type of small delay into the feed's signal, but I don't know how one would test for this. Anyone have an opinion (or better, knowledge) on this?
     
    #10     Aug 19, 2001