CheekyChimp

Our house is all networked up with a clever linksys Cable router. We all have Norton Internet Security installed but I've noticed that before we connected through the router I had loads more attacks detected, at least a few a day, now, quite eerily, I have virtually none. Is this a sign that we are realy well protected or are we all being secretly buggered?

Figment

The router will be acting as a firewall, effectively masking your network from the outside world. Although not guaranteed to stop a determined attacker, it will block the majority of intrusions.

CheekyChimp

Phew! cheers mate!

chiark

What model is the router?

Gedi

Don't be deluded into thinking your safe. It is still relativly easy to break through a setup like this. Even if you are not running any services.

Always be wary of what your network is doing.

CheekyChimp

I see, not got the model number at hand. Is there anything I can install for the router to make it more samfe then, as I say it's just a 4 port router so we can network and share internet access, I configured norton in the network wizard so that it recognises the router so I can share stuff.

Chris L

True - run some of the security stuff on here on your Windows PC and be prepared to be very afraid. Anyone mention Macs?

Chris

Fatman

Thanks for the link, Chris. Yes it is very worrying! I had no idea that the Windows clipboard was that vulnerable. It's patched up now

Gedi

CheekyChimp, I would say that you have done everything you can to secure your network to the best of your knowledge.

I'm not trying to worry you, your setup will generally keep out viri, worms etc, and program attacks by skript kiddies looking for known exploits.

I was just saying don't be under the illusion you are 100% secure. Home routers and software firewalls like zonealarm etc, are completly usless against the real hackers. Then again, its unlikely you will be a target from such people. Just keep everything up to date from the vendors.

Taff107

Gedi, in response to your post, you say it is easy to break through his setup but would that be for an attacker targeting your machine specifically as opposed to the opportunist attacker?

Gedi

Fatman, potentially, every piece of software on a machine can be vunerable. Its the nature of code.

I'm getting reports of around 50 - 100 new exploits every day and that only scratching the surface. And no, this isn't all related windows (although I am an M$ hater)

Gedi

Taff, its largely dependant on what services are running. If there are no services running then your really only gonna be attacked by someone targeting your machine purposely for whatever reason.

marxsmann

and another tip - if at anytime you think you've been hacked or you're getting tonnes of hack attempt logs in your firewall - phone up your ISP and get them to issue you another IP. My NTL's DHCP seems to renew my IP anyway every 2-3 weeks. This'll make it harder for persitent hackers to keep track of you....

Marc

Gedi

Not nessesarly. They'll know your subnet and will have key crededentials on your setup.

On ISP's such as NTL, its only gonna take a matter of seconds to locate you again. They use \24 subnets which makes for a possible 254 machines. (unless of course you move subnets)

Also, if you have been compromised, there is a 99.9% chance that you now have a bot of some kind which will connect to an IP of the hackers choice (normally IRC for the skript kiddies....but we won't refer to these as hackers. They aren't worthy of the name), eliminating the fact that s/he will ever have to locate you again. You will find them while they sit back....hahaha.