Pennock's Fiero Forum
  Totally O/T - Archive
  internet insecurity

T H I S   I S   A N   A R C H I V E D   T O P I C
  

Email This Page to Someone! | Printable Version


internet insecurity by theogre
Started on: 03-19-2000 09:55 PM
Replies: 12
Last post by: zebrex on 03-29-2000 08:15 PM
theogre
Member
Posts: 29973
From: USA
Registered: Mar 99


Feedback score: N/A
Leave feedback





Total ratings: 558
Rate this member

Report this Post03-19-2000 09:55 PM Click Here to See the Profile for theogreClick Here to visit theogre's HomePageSend a Private Message to theogreDirect Link to This Post
Olympic Posted in another thread:
<Start Paste>
Finally, try this out, you may be surprised at the kind of information your browser allows out. http://www.leader.ru/cgi-bin/go?who http://www.anonymizer.com/3.0/snoop.cgi
<End Paste>

There is, I think it's still there, a third sniff at the Center for Democracy and Technology

You should also look at all the "cookies" on your system. Do you know that cookies are used not only for things like the fiero forum, but also to monitor your movment around the net? Nearly all the ad banners you encounter and many site hit counters set cookies on your system.

You can selectivly filter cookies by site with a shareware tool called "cookiepal." you can find it on most of the download sites like download.com or filemine.com.

IP: Logged
PFF
System Bot
SCCA FIERO
Member
Posts: 3781
From: Ogden, Utah
Registered: May 99


Feedback score: (3)
Leave feedback





Total ratings: 90
Rate this member

Report this Post03-19-2000 10:18 PM Click Here to See the Profile for SCCA FIEROSend a Private Message to SCCA FIERODirect Link to This Post
I thought it was kinda strange that place knew how long I had been online.
IP: Logged
mwbackus
Member
Posts: 608
From:
Registered: Jun 99


Feedback score: N/A
Leave feedback

Rate this member

Report this Post03-20-2000 06:37 PM Click Here to See the Profile for mwbackusSend a Private Message to mwbackusDirect Link to This Post
I think that the real problems lies in the "default" settings that the popular browsers install with. To obtain the maximum security that your software is capable of requires a bit of tweaking to the security settings. For example : Microsoft Internet Explorer uses security zones, but they are useless with the default install. The "Internet" zone should be reset to the highest security setting (depending on your browsing habits a custom setting may be preferable). Then the sites that you trust are added to the "Trusted Sites" list (duh). The trusted sites are given capabilities such as java, activeX, and cookies. (Note: "per-site cookie access" capability was added to IE version 5.0 but is only effectively enabled by using these security settings). This will provide adequate protection against unknown links that may contain malicious java or activeX components, and still allow for a pleasant browsing experience. If you are using IE 5.0, the only cookies on your system will be from a site that you have "allowed" to set one.

Mike

IP: Logged
DaRkLoRD
Member
Posts: 7001
From: Canada
Registered: Feb 99


Feedback score: N/A
Leave feedback





Total ratings: 83
Rate this member

Report this Post03-20-2000 09:10 PM Click Here to See the Profile for DaRkLoRDClick Here to Email DaRkLoRDSend a Private Message to DaRkLoRDDirect Link to This Post
Ogre, thanks for the tip about that cookie prog.

another good site to visit is Gibson Research (grc.com) They have a program (freeware, runs over the web) called ShieldsUp, and it tests your network security. it does not save any data, nor does it identify you. it indicates which of your computers ports are open, and there are several links to firewall programs available for download.

[This message has been edited by DaRkLoRD (edited 03-20-2000).]

IP: Logged
theogre
Member
Posts: 29973
From: USA
Registered: Mar 99


Feedback score: N/A
Leave feedback





Total ratings: 558
Rate this member

Report this Post03-20-2000 09:37 PM Click Here to See the Profile for theogreClick Here to visit theogre's HomePageSend a Private Message to theogreDirect Link to This Post
Gibson has been arround a long time. He is most known for his SpinRite product that tests and often restores hard disk drives. I don't know how much good SpinRite is on the newer drives but it was indespencable on the old MFM and RLL ones.

I believe the trusted sites you are setting up are maybe in the wrong part of IE??? HTTPS sites usually are running SSL encryption. I only have one machine with IE5 on it. I'll look at it tomorow.

Setting IE sites isn't a bad idea. It's cumbersome tho. Generally IE and Netscape wants to accept or deny all cookies. Setting site preferances one at a time is a pain. In the increasing presence of multi server sites it's even more of a pain. For example to use microsoft you would need:
www.microsoft
support.microsoft
windowsupdate.microsoft
and so on.

CookiePal quietly monitors and filters. If you hit a cookie from a site not in the database you get a prompt that most often you will simply click the never or the always button on. ((you can also select individual cookies if your screening a new site.))This way Carparts.com Wrenchhead and of course the forums work but DoubleClick will never set no matter what site you are on that is displaying their adds.

IP: Logged
DaRkLoRD
Member
Posts: 7001
From: Canada
Registered: Feb 99


Feedback score: N/A
Leave feedback





Total ratings: 83
Rate this member

Report this Post03-20-2000 09:49 PM Click Here to See the Profile for DaRkLoRDClick Here to Email DaRkLoRDSend a Private Message to DaRkLoRDDirect Link to This Post
Ogre, I checked again and figured it out.. there was a check box right in front of me that said "reqire secure server.." etc. I must have missed it before. oops.
IP: Logged
mwbackus
Member
Posts: 608
From:
Registered: Jun 99


Feedback score: N/A
Leave feedback

Rate this member

Report this Post03-21-2000 03:10 AM Click Here to See the Profile for mwbackusSend a Private Message to mwbackusDirect Link to This Post
No, actually the entry "microsoft.com" would encompass the entire microsoft site. You can also enter a single ip address, sub net, or entire class C net. It is really quite an easy and flexible feature to use, and I am always amazed at the number of users who are unfamiliar with this aspect of their browser. IMO, any MIS manager worth a salt should have this setup across their entire network if it is internet enabled. Try it out, it is really quite easy and I am sure you will find that very few sites need to have the "Trusted Site" classification. The incorporation of cookies into this security model with the release of IE5.0 was a long awaited feature that Microsoft should have enabled from the start. As a proficient programmer of ActiveX, Java, and Visual Basic, I know quite well what a few lines of malicious code embedded in an html document can do without the users knowledge. Better to be safe than sorry.

Mike

IP: Logged
theogre
Member
Posts: 29973
From: USA
Registered: Mar 99


Feedback score: N/A
Leave feedback





Total ratings: 558
Rate this member

Report this Post03-28-2000 09:04 PM Click Here to See the Profile for theogreClick Here to visit theogre's HomePageSend a Private Message to theogreDirect Link to This Post
Update..... One I forgot.....

Those of you with cable modems, DSL, and other always on service. You need to make sure that ALL sharing on the machine(s) is shut off. Especially on Cable modems.

Cable modems efectivly turn the local area into a large LAN. Anyone on the LAN can see any other device that is broadcasting. If you have file or printer sharing turned on then they likely can see you and use any shared resource. They can install software and do about anything else they want.

On DSL this problem is not quite as bad as cable. DSL doesn't route any protocol but TCP/IP. That doesn't however make it safe. Microsoft windows still requires allot of "NetBIOS" and simply ecapulates this in TCP/IP just like stuffing it in an envelope. How save you are depends on how your ISP has filtered the routers on their network.

If you don't understand this then find someone who does. The hard drive you save may be your own.

IP: Logged
zebrex
Member
Posts: 48
From: jasonville indiana usa
Registered: Mar 2000


Feedback score: N/A
Leave feedback

Rate this member

Report this Post03-29-2000 12:49 AM Click Here to See the Profile for zebrexClick Here to Email zebrexSend a Private Message to zebrexDirect Link to This Post
the sites couldnt scan me ha. I use a free firewall (and proxy server for my network at home ) that I got from www.zonelabs.com I gpt the proxy server from www.analogx.com

Im port sniff proof too
IP: Logged
DaRkLoRD
Member
Posts: 7001
From: Canada
Registered: Feb 99


Feedback score: N/A
Leave feedback





Total ratings: 83
Rate this member

Report this Post03-29-2000 01:34 AM Click Here to See the Profile for DaRkLoRDClick Here to Email DaRkLoRDSend a Private Message to DaRkLoRDDirect Link to This Post
zebrex, I use ZoneAlarm as well, but the AnalogX proxy screwed up my connection.. so now my network has no net access. just my computer (*sigh* still on dialup.)

I have NukeNabber as well. what port monitor do you use?

IP: Logged
zebrex
Member
Posts: 48
From: jasonville indiana usa
Registered: Mar 2000


Feedback score: N/A
Leave feedback

Rate this member

Report this Post03-29-2000 02:10 AM Click Here to See the Profile for zebrexClick Here to Email zebrexSend a Private Message to zebrexDirect Link to This Post
Ive got a whole bunch of trojens, blockers ,scanners, sniffers and crackers I dont run any certian one just play with them from time to time . as far as the proxy it works fine on my NT server ,NT Workstation, winn98, winn95 home network (I have 6 machines sharing a dialup no broadband out here in the boonies)if you need something let me know and I set it up on the ftp at work
IP: Logged
PFF
System Bot
fierospeeder
Member
Posts: 1785
From: Illinois
Registered: Oct 1999


Feedback score: N/A
Leave feedback





Total ratings: 61
User Banned

Report this Post03-29-2000 03:04 AM Click Here to See the Profile for fierospeederClick Here to visit fierospeeder's HomePageClick Here to Email fierospeederSend a Private Message to fierospeederDirect Link to This Post
does anyone have ip sniffers for people on aol?
IP: Logged
zebrex
Member
Posts: 48
From: jasonville indiana usa
Registered: Mar 2000


Feedback score: N/A
Leave feedback

Rate this member

Report this Post03-29-2000 08:15 PM Click Here to See the Profile for zebrexClick Here to Email zebrexSend a Private Message to zebrexDirect Link to This Post
If you use icq I can sniff your ip no matter what provider you use (I can do it without icq but it is a lot harder)
IP: Logged



All times are ET (US)

T H I S   I S   A N   A R C H I V E D   T O P I C
  

Contact Us | Back To Main Page

Advertizing on PFF | Fiero Parts Vendors
PFF Merchandise | Fiero Gallery | Ogre's Cave
Real-Time Chat | Fiero Related Auctions on eBay



Copyright (c) 1999, C. Pennock