Direct connect to Internet...???

M

midicad2001

I started another recent thread: "Auto-restart whacks Ad-Aware SE".

Until recently I have not had much problem with viruses. I use NetGear
RT314 with NAT to connect to DSL and also McAfee VirusScan 8. Usually
I turn off internet connection firewall - I forget why, but I think it
had to do with wanting to share drives on the LAN (I have 5 machines
that get used for different things).

Right before all this mayhem occurred, I had some problems with my DSL
line and was talking to Verizon DSL support - they said -

"Do you have a router?"

"Yes"

"Can you bypass it?"

"OK"

"Does it work now?"

"Yes"

"So it's something wrong with your router".

All this made sense. But THEN all heck broke loose.

Am I paranoid in assuming that my moments of direct connection to the
internet likely resulted in this particular worm/virus getting on to my
computer? Honestly I don't recall how long I left it like that - it
may have been minutes or hours.

Assuming I need to test this again via direct connect to DSL, would
using "Internet Connection Firewall" be adequate to protect against
this type of attack, or is something else better (very dumb question).
The literature I have read about Firewall Software doesn't mention
"this won't help if you already use NAT" or "this will improve security
even if you use NAT" - it just doesn't mention it at all (after a very
quick glance).

Thanks
 
K

kurt wismer

I started another recent thread: "Auto-restart whacks Ad-Aware SE".

Until recently I have not had much problem with viruses. I use NetGear
RT314 with NAT to connect to DSL and also McAfee VirusScan 8. Usually
I turn off internet connection firewall - I forget why, but I think it
had to do with wanting to share drives on the LAN (I have 5 machines
that get used for different things).

Right before all this mayhem occurred, I had some problems with my DSL
line and was talking to Verizon DSL support - they said -

"Do you have a router?"

"Yes"

"Can you bypass it?"

"OK"

"Does it work now?"

"Yes"

"So it's something wrong with your router".

All this made sense. But THEN all heck broke loose.
Click to expand...

ouch, you connected directly to the internet without a firewall...
guess what happened... it only takes a matter of minutes *on average*
(it could happen in a matter of seconds) for your machine to get
malware on it under those circumstances...
Am I paranoid in assuming that my moments of direct connection to the
internet likely resulted in this particular worm/virus getting on to my
computer?
Click to expand...

nope, no paranoia there...
Honestly I don't recall how long I left it like that - it
may have been minutes or hours.
Click to expand...

plenty of time...
Assuming I need to test this again via direct connect to DSL, would
using "Internet Connection Firewall" be adequate to protect against
this type of attack, or is something else better (very dumb question).
Click to expand...

there's probably better but that firewall should be considered the bare
*minimum* of what you should be doing if you're connecting to the
internet directly...
The literature I have read about Firewall Software doesn't mention
"this won't help if you already use NAT" or "this will improve security
even if you use NAT" - it just doesn't mention it at all (after a very
quick glance).
Click to expand...

if you suspect you're going to be in the position of connecting
directly to the internet again you should read
http://isc.incidents.org/presentations/xpsurvivalguide.pdf and follow
the steps outlined there (in fact you might want to follow them even if
you aren't going to be connecting directly to the internet)...
 
G

Gabriele Neukam

On that special day, kurt wismer, ([email protected]) said...
if you suspect you're going to be in the position of connecting
directly to the internet again you should read
http://isc.incidents.org/presentations/xpsurvivalguide.pdf and follow
the steps outlined there (in fact you might want to follow them even if
you aren't going to be connecting directly to the internet)...
Click to expand...

And maybe it helps if you apply the script from

http://www.ntsvcfg.de/ntsvcfg_eng.html

which shuts down all services that shouldn't be open to the internet, so
that worms and bots have a slightly harder time, trying to settle down
in your machine.

HTH


Gabriele Neukam

(e-mail address removed)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cannot connect to internet via wifi 5
Moving Router 2
McAfee's firewall OK behind a wireless router? 1
Need Help Trying To Speed Up My DSL Internet. 2
Unable To Connect To Internet - IP Address Conflict 6
Wireless router simply connects to DSL modem? 9
Westell DSL / ADSL / ADSL2 Modem Router. Want it? 0
Windows cannot connect to the internet using HTTP, HTTPs, or FTP 5

Top