Computer Help forum

General discussion

General Comment

by w8678678 / December 28, 2008 10:02 PM PST

If the IP address of a machine is compromised, how can I make sure that only outgoing connections initiated by this machine are allowed to go through the firewall.

Discussion is locked
You are posting a reply to: General Comment
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: General Comment
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re: general comment
by Kees Bakker / December 28, 2008 10:25 PM PST
In reply to: General Comment

Let me first say this a bad subject title. Try to make it better next time, that is: a better description of the contents of your post or problem or question.

Then let me asked:
1. What do you mean with a 'compromised IP-address'?
2. What firewall do you mean.

Kees

Collapse -
Re:
by w8678678 / December 28, 2008 11:27 PM PST
In reply to: Re: general comment

I will answered wiht:

I means if the IP address becomes known, anyone can connect to this machine using this IP address how can I use the same machine with the same IP address without anyone connecting to it again.

By firewall I mean both Windows standard firewall and Linux iptables.

Collapse -
Your first sentence ...
by Kees Bakker / December 28, 2008 11:43 PM PST
In reply to: Re:

(I means if ...) is about incoming traffic. Your original question was about outgoing traffic.

Please explain your question better.

Kees

Collapse -
Re:
by w8678678 / December 29, 2008 1:14 AM PST

For example, I am online and by accident my IP address become known to many people. At that people everyone can connect to my machine using this address. How can I terminate all these connections and make sure that when I reconnect to the internet there is a one to one connection between the host and remote machine, and not one to many i.e. as in the first case.

Is it sufficient if I restart the machine and use an encrypted proxy assuming that all other security precautions have been accounted for.
If not, what other measures should I apply.

Collapse -
If you've got a firewall ...
by Kees Bakker / December 29, 2008 1:18 AM PST
In reply to: Re:

nobody will be able to connect to your PC from outside. Moreover, what is 'connect'? Try 'connecting' to CNET (that's 216.239.122.164).

There is enough port-scanning going on to say that they don't need to KNOW your IP-address to try. They just TRY all until they find one that allows access.

Kees

Collapse -
Re:
by w8678678 / December 29, 2008 2:02 AM PST

Thank you very much for your responses.

If a user's login information becomes known, and this user tries to change their password, however the format of the new password is fixed and is already known. Is there a way to overcome this problem.

For example, the old password is: XXXXXX

And the format of the new password is fixed: the first four digits of the year of birth followed by the month of the year. Assuming these values are known. How can the user's password be changed to a new one without being exposed.

Collapse -
Re:
by w8678678 / December 29, 2008 2:21 AM PST
In reply to: Re:

Is the firewall sufficient for protecting a system at startup.

Collapse -
Yes.
by R. Proffitt Forum moderator / December 29, 2008 4:20 AM PST
In reply to: Re:

Somewhere at sites like ZoneLabs (of Zone Alarm fame) they tell you why. I'll stop here.

Collapse -
The IP address of every single computer and router ...
by Edward ODaniel / December 29, 2008 2:31 AM PST
In reply to: Re:

on the Internet is KNOWN!

If it wasn't no one would be able to communicate with anyone else (pretty much like no one could send you mail or bills or paychecks if they didn't know your snail mail address.

A firewall will close ports that are open because it is through open ports that nodes on the Internet are compromised (kind of like since your house address is known someone can find you but if you have the doors and windows secured they can't get in UNLESS YOU LET THEM!) so if you are behind a firewall it is unlikely that you have been "compromised".

If a Router is added to the mix and placed between your modem and your computer then all that is known is the IP address to the Router and your computer's actual address will generally be assigned an unroutable address through its NAT (Network Address Translation and if curious about it try this link http://www.howstuffworks.com/nat.htm ) which keeps your computer's actual IP address hidden except from the router.

Later in this thread of yours you ask about password changing and that has nothing to do with the IP address your initial post questions but does make it sound like possibly you are looking for someone to hand you a manual on breaking into someone else's computer or someone else's online account.

If you are not looking for a manual and are actually concerned with someone compromising your account because they might guess your password, then it would makie sense to immediately change your password(s) to something they would not be likely to guess and would not be easily overcome by a dictionary attack to "guess" the password. Try something like ~9mMo0O#4pcP&%sS then don't write it on a post-it note and stick it near your computer.

Collapse -
Re:
by w8678678 / December 29, 2008 4:04 AM PST

Are there any programs for testing the effectiveness of a firewall, antivirus, antispyware, and web browsers.

Collapse -
Re: testing
by Kees Bakker / December 29, 2008 4:24 AM PST
In reply to: Re:

- What do you mean with "testing the effectivity of a web-browser"?
- For firewalls, there are sites that test what ports are open on your PC. See http://www.firewallguide.com/test.htm and http://www.auditmypc.com/firewall-test.asp (note I picked them from google, and can't guarantee what they do).
- You'll find many comparative tests of antivirus and antimalware programs on Internet. They give results like "program X finds y% of our virus test set". You'll understand that it isn't possible to do such tests without having an extensive collection of viruses, and few persons like you and me have.

Kees

Collapse -
Let me ask this.
by R. Proffitt Forum moderator / December 29, 2008 4:32 AM PST
In reply to: Re:

-> I had some one ask me for a protection software that was bullet proof.

I had to tell them that we didn't use bullets around our computers but the real problem here is the user. For EXAMPLE, nothing seems to block what the user might do.
Bob

Collapse -
Re:
by w8678678 / December 29, 2008 5:19 AM PST
In reply to: Let me ask this.

Are there programs which popular websites use to test and rank Internet security software. Are there any tools which contain a large updated database of viruses and spyware.

Collapse -
How would that help?
by R. Proffitt Forum moderator / December 29, 2008 5:25 AM PST
In reply to: Re:

All the majors block pretty much the same thing.

My question is simpler. None of these stopped the user from falling for the XP Antivirus 2008 malware. If we block what the user could do wrong, we'd have boxes like the PS3, Xbox 360 and Wii.

Is that what you want?
Bob

Collapse -
Re:
by w8678678 / December 29, 2008 7:25 AM PST
In reply to: How would that help?

Are there different types of port scanners each varying in the protocols of the TCP/IP layers included in their scan.

Is there a way to ensure that a process running on a host machine is only allowed to communicate with the intended process on a remote machine. Another process running on the remote machine is not able to use the same connection.

Collapse -
That's a stateful firewall.
by R. Proffitt Forum moderator / December 29, 2008 10:57 AM PST
In reply to: Re:

Which we do have.

But beyond that, you end up with a PS3, Xbox or such. "A locked down box."
Bob

Collapse -
Try here as Kees already linked you to ...
by Edward ODaniel / December 29, 2008 6:18 AM PST
In reply to: Re:
Collapse -
Re:
by w8678678 / December 29, 2008 11:01 PM PST
Collapse -
Re: tools
by Kees Bakker / December 29, 2008 11:10 PM PST
In reply to: Re:

Using a proxy doesn't make much difference for security. Just for traceability (less) and speed (generally less).

I had a quick look on the sectools. I find most of them are diagnostic tools, that won't do anything to enhance your security when connected to the net. Take password crackers and packet sniffers as an example of those.

What insecurities do you want to protect yourself against?

Kees

Collapse -
Re:
by w8678678 / December 30, 2008 12:50 AM PST
In reply to: Re: tools

Tracking Cookies and sniffers.

Collapse -
Re: cookies and sniffers
by Kees Bakker / December 30, 2008 4:23 AM PST
In reply to: Re:

Cookies are easy to delete. Can be done in IE (Tools>Internet options), in Windows Explorer or even with a batchfile at every boot. And I think you can find some nice add-ons to Firefox which handle it with more nuances. But I don't think there's a tool that will exactly mirror your view of what cookies are tracking and what cookies aren't and (dis)allow them at runtime.
Moreover, cookies aren't a security issue. At most, a privacy issue.

Please tell more about what you mean with sniffers.

Kees

Kees

Collapse -
Re:
by w8678678 / January 1, 2009 11:16 PM PST

protocol analyzers above the physical layer similar to nessus and nmap.

Collapse -
Re:
by w8678678 / January 1, 2009 11:40 PM PST
In reply to: General Comment

protocol analyzers above the physical layer similar to nessus and nmap.

In addition to having a secure firewall, is there a difference in the effectiveness of using an ipsec, ssh, ssl based proxy similar to those mentioned on proxy.org in providing protection against protocol analyzers.

Collapse -
That was responded to in your other thread ...
by Edward ODaniel / January 2, 2009 7:31 AM PST
In reply to: Re:
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?