Just some food for thought, fellow FReepers!

"The premise behind all these kinds of exploits is that you have to get the malicious code onto your computer in the first place," he said. "If you have an antivirus program or you have set up an e-mail program securely, then you are safe." He added that keeping malicious programs off the computer is the only way to make sure information is not leaked to the Internet.

---

Well, that's a little bit of "warm and fuzzy". Call it a consolation prize? Keep your Antivirus updated!

"If you have an antivirus program or you have set up an e-mail program securely, then you are safe."

Of course, if you're running exchange, then setting up your e-mail program securely is about as likely as George Bush joining the AFL-CIO.

Guard Dog stops trojans, I think.

Anytime any personal information is being sent out for any reason (Name, Credit #'s, etc) it alerts you, and you have to give your permission.

The current version of Zone Alarm can be set to require the user's approval before a program can send information or data out to the Internet. Of course, if there's a trojan on your system that can control another program that already has permission, you're hosed...

The problem is that if a trojan is running on your system, then it's really too late: The system's been compromised, and the only safe way to restore security is to wipe the hard drive, do a complete system and software reinstall (not a restore from tape, as this could restore the trojan as well), and then install new virus protection & firewall software.

Mark

Go here to check if your firewall is working properly at keeping people out. The same site has a small (windows) app for testing whether your firewall is working properly on outbound messages, too. If it is, hostile programs on your computer can't do any harm anyway.

Stealth!

If all of the tested ports were shown to have stealth status, then for all intents and purposes your computer doesn't exist to scanners on the Internet!

I Run BLACK ICE and am on a Cabel Modum!

There is ONE MAJOR way to stop the kinds of exploits that this article addresses - and almost 100 percent of most virus these days. DUMP MS email programs - and use a better email client. There are several out there that will protect your system from attack. Any of the following are better, popular, secure and run rings around the junk from MS - AND they are free.

IncrediMail

pegasus mail

ePrompter

All can be down from CNet HERE

The longer people put this transition off - the more vulnerable they are - the law of averages sooner or later catches up with everyone where security is concerned.

I'm behind two firewalls, protected from an average of over 100 random attacks per day. I use the latest Zone Alarm as the secondary firewall, and highly recommend it. Use text only email, and disable script hosting on your computer and you'll not suffer from the ills this article does a poor job of addressing.

There's another way to avoid all this junk. Buy a Mac already!

"..to avoid all this junk.."

...you SURE don't buy a MAC - that only buys you another kettle of stinking fish. I own five of the damnable things, one of them is the latest on the block. (I have to own them as part of my business as an ISP)

They are just as vulnerable to virus, Trojans and security compromise as any other computer - only slightly less due to better email security than the MS junk. If you aren't running a firewall, you are wide open for exploit and you may never know you are being exploited as your computer can be used in DOSA without your knowledge.

Those who don't own a MAC have better access to software, services and compatibility with new products - at a lower cost, with less headache. Out of over 800 business clients that I service, almost NONE of them use macintosh - and the few (three) that do are constantly in trouble, and complaining about how they are being ‘left out' in access to new products.

a. Exchange is easy to secure, but many people simply do not do so.

b. Get a hardware-based firewall for broadband. For $75 I just picked up a new SMC Barricade broadband router/firewall. Faster, better, and doesn't use up my PC's resources. 4 ports and address translation, built-in printserver, it rocks the casbah.

One of the better sites for Home PC security on the internet is Home PC Firewall Guide.

Their opening page has a good summary of what the problems are and how to deal with them. Here is what it says.

---

The purpose of the Home PC Firewall Guide is to provide easy access to independent, third-party reviews of Internet security products for home, telecommuter, and SOHO (small office, home office) end-users.

"The perfect personal firewall would be inexpensive and easy to install and use, would offer clearly explained configuration options, would hide all ports to make your PC invisible to scans, would protect your system from all attacks, would track all potential and actual threats, would immediately alert you to serious attacks, and would ensure nothing unauthorized entered or left your PC." from Make Your PC Hacker Proof, Jeff Sengstack, PC World, July 21, 2000.

Hacker Proof?

The only way to make your computer completely hacker proof is to turn it off or disconnect it from the Internet. The real issue is how to make your computer 99% hacker proof. An unprotected computer connected to the Internet via broadband (cable, DSL) is like leaving your car running with the doors unlocked and the keys in it which a thief might interpret as "please steal me". Locking a car, using a "club" or installing a security system makes stealing a car more difficult. A broadband Internet connection is easier to hack because it is "always-on" and often has a static IP address. This means that once a hacker or script kiddie finds your computer, it is easier to find it again. Most 56k dial-up Internet connections use a new IP address each time you connect which makes it much harder to find your computer again unless a trojan horse has been installed which can phone home each time you connect.

Using personal firewall, anti-virus, anti-trojan and privacy software will protect your computer and data from most, if not all, script kiddies, commercial data collectors and  malware (virus, worm & Trojan horse) if you install them correctly and keep them updated. If you are connecting two or more computers to the Internet, you should also use a hardware router with firewall features. These products provide adequate protection because most "attacks" are impersonal. That is, the attackers are not targeting your computer but are looking for any easy mark connected to the Internet. If you make it difficult for them to find and gain entry to your computer, they will most likely leave you alone.

If a real hacker decides to attack your computer, you can make it difficult for him/her but if he/she is good, they will likely find a way in. That is why large organizations have computer security staff and consultants working 24/7/365 to protect their computer networks. Unless a hacker has some reason to make a personal attack on your home or SOHO computer, you should not worry too much about a direct assault. Telecommuters are a special case because they are working at home but are also connected to their organization's network. If you are a telecommuter or thinking about becoming one, contact your computer security staff for advice. Note: Microsoft was reportedly hacked via a telecommuter's home computer.

Many people are shocked at how many incoming and/or outgoing security alerts they get after installing their first firewall (depending on its features) because they had no idea of what was going on around them. The good news is that if your personal firewall gives an alert, your computer is usually protected.

When selecting a personal firewall, you should consider whether you want one that controls outbound communication with the Internet. The advantage is that you are alerted the first time any program tries to call out and you are given the option of deciding whether to allow it one time, always or never. The disadvantage is that you may have no idea what the program trying to call out is or what it does.

To be effective, outbound control requires a user who has need or interest and skill or knowledge. For the last year or two, this was fine because "early adopters" by definition love new stuff. Many alerts do not say that [program name] is trying to call home; instead, they often give a file name like [xyzabc.doit]. Everyone (the rest of us) who uses the Internet knows, of course, what "xyzabc.doit" means (right?). So, outbound control is a great feature but it requires ongoing effort on your part to use it effectively. New releases of Norton, ZoneAlarm and other firewall products make it easier to set up outbound communication rules and understand what is going on.

What should you do when your firewall detects a virus, worm, Trojan horse, or data collector trying to call out without your permission? Use anti-virus, anti-Trojan, and privacy software to detect, remove, repair and protect your system. Make sure that your security software is up-to-date. If you install new security software, check for updates immediately after installation before using it.

---

There is more on this page, and many additional pages, at: Home PC Firewall Guide.

Thanks to all of you for your helpful and informative posts! I just bookmarked this article for future reference.