I’m getting the eerie feeling I’m being hacked. Weird things have been happening over the past month or so, like all my torrents in ABC being unpaused, tracks from entire folders being queued in Winamp, and my clock being set back to January 1st, 2003.
I’m thinking I may not be secure.
Though, probably no surprise, as I’ve never really messed with security issues.
So, I’m wondering how I would go about securing my network. I’m currently behind a Linksys BEFSR41v4 router, so I don’t know if it has a built-in firewall or not. I’d rather avoid software firewalls as my experience a few years back with ZoneAlarm wasn’t that pleasant. It there something simple I could do, or am I just being paranoid and my system is just flipping out on me?
That is one old old router, but it should be fine.
The world basically gets by having NAT and DHCP turned on at the router and keeping its mouth shut. Only open the ports you need when you need them (or get a modern router and use UPNP)
Assuming you’re running windows XP, make sure you have the latest updates, a virus checker (avast.com) and antispyware (microsoft.com, click Defender). XP’s built-in firewall is conservative, useful and unintrusive. Just turn it on and let it do its thing.
It’s hard to know how to help without more info, but that lot should get you started.
Also see the BroadBand Reports port security test: http://www.dslreports.com/scan
There is some really vile stuff out there, including rootkit bugs that can instruct your Windows computer to ignore them. If your system has no effective security, it is possible to present an open share to the Internet!
You need a software firewall that can effectively stealth your ports and block unauthorized outgoing traffic, as well as the hardware f/w implemented in the router to one degree or another. There are some alternatives to ZoneAlarm, but you have to do something to at least keep out the wretched little kids and their hacker scripts. The XP firewall is basically cosmetic, and can be turned off as soon as you get a real one.
There’s a really good walkthrough here. Do that stuff.
The linksys is a fine firewall, assuming it’s configured correctly (or with defaults). But it’ll only stop attackers from getting in; if you download and run the wrong file you’re still screwed.
The XP firewall is no good. It’ll protect certain services from intrusions, but it
doesn’t actively watch programs and warn you if something is already on the
system and wants to set up a server. I’m using Outpost, which seems to do
a splendid, if paranoid, job :)
Zone Alarm has been reported often, since many years back, to mess with
the contents of many things going in or out. I’ve seen Kerio filter out nearly
all graphics on some sites, and give you a 404-like page for certain content,
even with webfilters off. McAfee and Norton firewalls are right out. Norman
is still cool.
If your router just silently opens ports when a program from the inside wants
to start a service, you’re not protected. If your computer is a “patient zero”,
software firewalls are the best thing since sliced milk.
UPnP allows your computer to request that the router open an incoming port. But a compromising piece of software can just initiate the connection anyway, UPnP or not.
