Registered: Dec 2000
Location: Elkins Park, Pa
Posts: 577

Do dial-up connections need firewalls?

I recently was, or seemed to be hacked into my AIM account. (See http://discussion.visorcentral.com/...;threadid=18053) I have dial-up. I thought hacking woes were reserved for high-bandwidth customers! So here's my question: Do dial-up customers need firewalls? I think not really, even though I was hacked, because it's the first time this happened, and I don't think it's worth the aggervation. What do YOU think?

__________________
-Bernie

"One word sums up probably the responsibility of any vice president, and that one word is 'to be prepared'.
-Dan Quayle

Registered: Jan 2001
Location:
Posts: 278

Bernie,
When you establish your dial-up connection you are assigned an ip address just like any other internet user. The only difference is that this number changes each time you log on and you are not connected 24 hours a day like broadband users. When I had dial up I played around with a software firewall on my computer but really had no use for it. I doubt you are at much risk since hackers would rather go after a easy unprotected cable user rather than a dial-up user if they just want to cause trouble.

--David

Registered: Oct 2000
Location:
Posts: 18

A varying IP isn't necessarily protection

Just because the IP changes doesn't mean you're protected. There are many scanners out there that just scan huge ranges of IP space looking for vulnerable systems. As long as you have an IP, you will eventually be scanned. Set up a sniffer and just dial in and wait; it shouldn't take very long.

Once someone has a backdoor into your system, they can do anything they want with it. Including have it notify them of what your new IP is every time it changes, so they can find you again. I'm not saying that's happening now, but it's just a matter of time before someone writes a backdoor program that does that if they haven't already.

Hell, if you run Outlook you don't even have to fall victim to a scanner, you'll probably get backdoored by a an email virus anyway.

Registered: Oct 2000
Location:
Posts: 16

Securing M$ Outlook

If you run M$ Outlook as originally setup when installed, then yes you are begging for email viruses and malevolent scripts. However if you change a few settings, Outlook will behave properly and only operator error will set off an email virus.

First DISABLE AutoPreview. That can be found in the View menu. AutoPreview must be disabled for EACH and EVERY folder that you anticipate viewing email messages or web pages. That stops the automatic running of scripts, web-bugs, and spontaneous downloads.

Second, click in Tools | Options | Security, and set the zone to Restricted Sites. Modify the Zone settings and disable all ActiveX, VBscript, and anything else you don't want to happen automatically once the email is opened. If you get a warning about how Internet Explorer uses the Restricted Sites zone, go ahead and accept anyway. A nice side effect is that you can add web sites to the restricted list. (wink, wink, nudge, nudge)

Third, go to Tools | Options | Preferences, and change the Email Options | to RETURN TO THE INBOX AFTER MOVING OR DELETING AN OPEN ITEM. This way only the emails YOU want to open are opened. It may seem a pain be returned to the Inbox after each email, but this protects you from accidentally triggering a spam email.

Of course, make sure your copy has all the patches and updates available. http://officeupdate.microsoft.com While you are there, sign up for the MS Security Notification email list. As new patches become available, you'll get notified about them.

Lastly, or should I say first: GET ZONEALARM!! A freebie firewall that has proved more effective than the high-profile consumer firewalls available, this sucker is small, free, and effective. Easy to use, easy to setup, easy to understand. Get it at http://www.zonelabs.com

Take advantage of the Junk email filtering capabilities built into Outlook. You can also establish rules based on message content, subject, and addresses both sender and receiver. Setting up Outlook like this will take between 15 to 30 minutes depending on the experience level of the user. But once set in place, the only way to trigger email viruses and malevolent scripts is to INTENTIONALLY open the email. So now we turn to Mom as she reminds us not to open gifts from strangers...

__________________
Color is on my mind - I dream in color...
You know when you have been around computers for too long...you dream in digital.

Registered: Aug 2001
Location:
Posts: 383

I use Tiny Personal Firwall on my dial-up. I suggest anyone who has a dial-up try a free software firewall for a while as you can find out some interesting stuff about what apps are phoning home or if people are probing your ports a lot.