Test your firewall...

[javalord]

Just because nobody posted it, doesn't mean that most of us aren't aware of it

Yeah yeah ;-) Not one mention in a firewalls thread, right ;-)

[javalord]

NETSTAT -A TBH

All these sites do is set the alarms ringing on "Novice Users" who'll all go out to the nearest PC World and pick up the latest Norton Internet Security and then proceed to block their AOL connections (thank god! - wahoo)

Its netstat -ao which is more use , just so your not stabbing in the dark next time your system is infected And im sure your checking it every minute of the day....

[GFiSH]

More holes than a house in Iraq

[TheAnimus]

But what happens when you've a rootkit installed that hooks the IP information API used by netstat ?

[javalord]

But what happens when you've a rootkit installed that hooks the IP information API used by netstat ?

What happens if you have a rootkit installed in the first place? Hopefully you'll have good intelligent IDS and AV software in the first place, otherwise your screwed.

My point is, one layer of inbound security is useless if you really want to stay protected against the determined.

[TheAnimus]

my point is, if you need outbound port protection already, your buggered.

a software firewlal can be got round with window messages half the time.

[javalord]

my point is, if you need outbound port protection already, your buggered.

a software firewlal can be got round with window messages half the time.

Zonealarm maybe, but not all of them are that weak. A bit flawed given how many corp networks survive the in's and out's of typical users by restrictions and ACLs and proxies and what have you not.

[Nick]

/unplugs network cable

HA! Let's see hackers try and ge...

[GDVS]

given how many corp networks survive the in's and out's of typical users by restrictions and ACLs and proxies and what have you not.

Most of them don't, all it takes is one laptop using rubbishrubbishrubbishrubbish who doesn't think the rules apply to him and the whole security infrastructure is completely circumvented. Most companies don't have automatic VLANs for machines transmitting infected traffic (my favourite solution to the problem) so one infected machine gets on the network and suddenly everything's going to Hell in a handbasket.

[Butuz]

Access Denied
The requested document, http://www.hackerwatch.org/probe/, will not be shown.

Reason: DDR score = 70. This page will not be displayed because it contains prohibited words or it has exceeded its tolerance of questionable words.

First level of safety is not even allowing access to the website!

Butuz

[javalord]

Most of them don't, all it takes is one laptop using rubbishrubbishrubbishrubbish who doesn't think the rules apply to him and the whole security infrastructure is completely circumvented. Most companies don't have automatic VLANs for machines transmitting infected traffic (my favourite solution to the problem) so one infected machine gets on the network and suddenly everything's going to Hell in a handbasket.

Indeed it does, but as mentioned intelligent IDS can track some of the odd behaviour.