Securing my network

I’m getting the eerie feeling I’m being hacked. Weird things have been happening over the past month or so, like all my torrents in ABC being unpaused, tracks from entire folders being queued in Winamp, and my clock being set back to January 1st, 2003.

I’m thinking I may not be secure.

Though, probably no surprise, as I’ve never really messed with security issues.

So, I’m wondering how I would go about securing my network. I’m currently behind a Linksys BEFSR41v4 router, so I don’t know if it has a built-in firewall or not. I’d rather avoid software firewalls as my experience a few years back with ZoneAlarm wasn’t that pleasant. It there something simple I could do, or am I just being paranoid and my system is just flipping out on me?

That is one old old router, but it should be fine.

The world basically gets by having NAT and DHCP turned on at the router and keeping its mouth shut. Only open the ports you need when you need them (or get a modern router and use UPNP)

Assuming you’re running windows XP, make sure you have the latest updates, a virus checker ( and antispyware (, click Defender). XP’s built-in firewall is conservative, useful and unintrusive. Just turn it on and let it do its thing.

It’s hard to know how to help without more info, but that lot should get you started.

You might want to take a look over yonder and run some of the tests if you’re feeling paranoid:

There’s a ton of stuff to read there. The Leak test or “Test my Shields” is one you want to run.

Also see the BroadBand Reports port security test:
There is some really vile stuff out there, including rootkit bugs that can instruct your Windows computer to ignore them. If your system has no effective security, it is possible to present an open share to the Internet!

You need a software firewall that can effectively stealth your ports and block unauthorized outgoing traffic, as well as the hardware f/w implemented in the router to one degree or another. There are some alternatives to ZoneAlarm, but you have to do something to at least keep out the wretched little kids and their hacker scripts. The XP firewall is basically cosmetic, and can be turned off as soon as you get a real one.

You need to scan your system with at least the free programs like Spybot and Adaware. If you find more than half a dozen known malware operations on your system, seriously consider rebuilding from the partition up. Spybot’s “Teatimer” resident will let you see what’s writing into your registry.
Get Firefox, and add the NoScript extension. A certain amount of inconvenience is better than sending your credit card numbers to Singapore.
Other sites of interest:

There’s a really good walkthrough here. Do that stuff.

The linksys is a fine firewall, assuming it’s configured correctly (or with defaults). But it’ll only stop attackers from getting in; if you download and run the wrong file you’re still screwed.

The XP firewall is no good. It’ll protect certain services from intrusions, but it
doesn’t actively watch programs and warn you if something is already on the
system and wants to set up a server. I’m using Outpost, which seems to do
a splendid, if paranoid, job :)

Zone Alarm has been reported often, since many years back, to mess with
the contents of many things going in or out. I’ve seen Kerio filter out nearly
all graphics on some sites, and give you a 404-like page for certain content,
even with webfilters off. McAfee and Norton firewalls are right out. Norman
is still cool.

If your router just silently opens ports when a program from the inside wants
to start a service, you’re not protected. If your computer is a “patient zero”,
software firewalls are the best thing since sliced milk.

Use both.

Both software firewalls? No, that would kill is system’s performance.
If you have to pick go with Zonealarm. Nothing beats a hardware firewall though.

My bad, I meant a hardware firewall (linksys router, etc.) plus a software firewall.

Wouldn’t it be easier to just disable UPnP on the router?

UPnP allows your computer to request that the router open an incoming port. But a compromising piece of software can just initiate the connection anyway, UPnP or not.