Are you part of the problem?

[chromium]

did I say firwall <img src="graemlins/laugh.gif" border="0" alt="[Laugh]" /> <img src="graemlins/laugh.gif" border="0" alt="[Laugh]" /> <img src="graemlins/laugh.gif" border="0" alt="[Laugh]" />

 

[nigelh]

Originally posted by wolford:
<strong>I'm using a mac so does that mean i get to be smug about this?

And what about OSX any ideas on *nix setups? How safe are they? </strong><hr></blockquote>

Like you, I use Macs, but I decided to run these tests anyway (well, the first three only, as I don't use either IE or Outlook!). Just to see what would happen, I removed the firewall first.

Answer, all three test e-mails came through to my Inbox. Trying to run the VBS attachment resulted merely in my system trying to open it as a PDF - which, needless to say, failed. The CLSID test merely resulted in my browser opening with a page of what looked like HTML gobbldegook. And the MIME header test did absolutely nothing at all!

Now, what should we deduce from this? Should we Mac users be complacent? Hell, no!

Well, partly! In fact, the simple reason why these tests failed is that they ARE specifically designed to test for the ability to exploit known loopholes that exist in the Windows OS architecture. Not surprisingly, these same loopholes, and/or the system facilities to which these loopholes allow subsequent access, just don't exist within MacOS.

Given that the vast majority (and I use the word vast advisedly!) of crackers, viruses etc etc out there ARE aimed at Wintel platforms - precisely BECAUSE they are the most prevalent? - it does clearly mean that users of ANY other platform, not just Macs, simply aren't at risk to the majority of these underhand activities.

However, that's NOT the same as saying that Macs and other platforms other than Wintel aren't at all vulnerable. There ARE viruses and crackers that target Macs, UNIX systems, and probably anything else you care to name. There are just way less of them! There are also qualified computer security assessors who will tell you that the MacOS architecture (the classic one, more than the new OS X one) is inherently more secure and resistant to undesirable attacks from third parties - but they'll also tell you that the low rate at which people try to attack them also means that this invulnerability is rather less well put to the test. Obviously. MacOS X, being less than a year old (in full release form) is even less tested than that, although there is every reason to suspect that it is at least as vulnerable as any other implementation of FreeBSD (which underlies that beautiful Aqua GUI!).

So, in the end, the wisest thing to do is to run the best firewall you can, with your system, whatever platform it is. I'm checking out what the latest position is re the best software and hardware firewalls for use with both MacOS and MacOS X and will try to get back here with the findings asap.

ITMT, anyone who wants to discuss this with me further is welcome to e-mail me directly on nigelh@pobox.com. Please include "ISPr" in your message subject header, to aid my filtering system - if you don't want your message to end up in my "suspect junk trash" folder!

Nigel

 

[crashandburn]

Question for DrDry.

As you can see, we're not all irresponsible when it comes to security but it does appear that its almost impossible for us home PC users to be anywhere near completely secure. Our biggest vulnerability appears to be via e-mail. Do Zetnet run any server level e-mail defences? (Scanning subscribers incoming mail for viruses etc..).

Also, what kind of firewalls are you running?

I guess you may not be able to answer these questions for commercial reasons, or maybe even security considerations, (why give the hackers info), but a little reassurance may go a long way here..... If you can though, it'd be a good marketing tool when explained properly.

One final thought - is it still paranoia if you think the b*****ds are out to get everyone?

 

[chromium]

Crash,

It's not paranoia, they are! The trouble is they're not all no-dads, some of there antecedents are out to get you too. <img src="graemlins/laugh.gif" border="0" alt="[Laugh]" />

 

[Captain_Cretin]

I`ve used Zone Alarm for nearly a year and had no problems with it, however I have noticed that some of the features that used to be available before a recent update are now only available as part of the Pro version; such as tracing where an intrusion came from.

I have also noticed a dramatic increase of alarms in the last three weeks, some of which zonealarm cannot identify by type.
This has never happened before; it has allways been able to tell what kind of intrusion had been attempted.

I used to get 4 or 5 alarms per night, now I`m getting that per hour.

If you are`nt behind a firewall you`re naked in the snow dudes.