CingularDuality

You are so wrong... Software based firewalls can prevent users from becoming unwitting participants in DDoS attacks.

I used to think like you. Until I got a letter from Yahoo's legal department advising me that my computer had been used on more than one occasion against them in a DDOS attack.

Firewalls are like AV software now: there are perfectly good free versions out there that will help you MUCH more than they could possibly hurt you...

__________________

Become a supporting member! -- Shop at the Tactical Market!

Take the world's smallest political quiz! "I was touched by His Noodly Appendage."
TacticalGamer TX LAN/BBQ Veteran:

dragon

Actually let me step in here,,,,, Both CD and Spectre have great points and neither is wrong

Yes a software firewall will help prevent a hacker on getting in to your pc. H3ll that is what it is made for so it should. But at the same time it is software so it is both unstable and very flakey. Mainly like anything you need to know what you are doing with it. Being that I am both a "Hacker" and going to school for Security I would suggest if you can to get a hardware firewall (IE. Router). I have had a pc since I was 10. I have been messing with hacking pretty much the whole time. I have never used a software firewall and just recently started using a hardware firewall. I have been actually hacked a number of times but only once was damage cause and it was my own fault cause I egged the guy on to see what he could do and he was a little faster then me.
As spectre said most the hits you get well boil down to ISP or Microsoft.
Now as far as the DDOS issue. DDOS attacks are the most "basic" attacks and the easiest to manage. CD your pc may have been used in the DDOS attacks mainly because yahoo is the home of "wannabe hackers" and script kiddies. Yahoo is also the easiest to get a ip address off. Easy access and a easy attack method are a great mixture for getting people kicked off a ISP network just for fun.

Real "Hackers" Do not hack into DOD, DoD, General Electric, or the RIAA. Real "Hackers" hack for education. Most will hack into friends pc's, home pc's, some may get in a business pc but they NEVER do damage. Now this case is based on the fact that he thought he was helping. Yes he was wrong for getting and changing information. He also admits that it was pure stupidity that made him take it that far. This "kid" is very smart and has been doing this for a long time and has always lived by not messing with or destroying records.




Being in the field you should agree with me when I say. This subject is a very touchy subject in the security field. I personally dont have a issue with port scans, or ping. They are both more there for testing. I do think that packet sniffers are a worry though being they can pick up anything that comes thru no matter what.

__________________
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR.

Spectre

Re-Read my last part again...

"Hackers...bah...they only exist in movies for the general public. Now if you happen to be the DoD, General Electric, RIAA, etc...then yeah...someone who hates the term "Hacker" is trying to get at your crap."

Cobra

He must be half geek/half idiot!

dragon

Yes I read it and I was backing it up for you

__________________
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR.

verbose

Not only DDoS attacks. The latest trend is to use compromised machines, no matter if they're on business or home networks, to relay spam. Spam proxies are popping up everywhere. As a relatively small ISP, I still deal frequently with complaints about customers of mine that are unknowingly relaying spam for some third party.

However, software and hardware firewalls, and NAT/PAT devices such as "DSL/cable routers" don't protect against all the common attack vectors. You all are probably smart enough to not click on that trojan you were emailed, but not everyone is. Not everyone by far.

CingularDuality

True.

I protect my computer with:
A NAT "firewall" (my router)
ZoneAlarm on all PCs
NortonAV on all PCs
AdAware on all PCs

I hope I'm not being naive in thinking that my computers are protected. I have no worries. I don't think anyone is going to try to specifically get into my computer for any reason, and I think that my safety precautions are sufficient to stop anyone looking for an easy target.

__________________

Become a supporting member! -- Shop at the Tactical Market!

Take the world's smallest political quiz! "I was touched by His Noodly Appendage."
TacticalGamer TX LAN/BBQ Veteran:

dragon

That is the perfect outlook. Most people that get "Hacked" are usually innocent bystandards that were stumbled acrossed from a port scan or it was someone the person pissed off.

__________________
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR.

verbose

At my ISP, we used to give out static, "live" IP addresses to every new DSL customer. We're moving towards a default configuration of NAT, only providing publically-addressable IPs by request. You can't trust the average home user to patch their Windows boxen or protect themselves in any way, and the worms of the past few years have forced our hand in this matter. Joe User hates it when I shut off their connection because their box got hacked. They absolutely love being told "your machine is compromised. You'll need to format and reinstall." Oh yes, they love it.

We figure, if they have the need and the knowledge to ask for live IP addresses, then they can reasonably be expected to try to secure their machines, and that they won't throw a fit if we turn them off when they screw up and get 0wn3d.

dragon

Come on they are end users of course they are going to get 0wn3d. They forget to read the part of the users manual that says "dont cry to us if you a not 1337 and get h4x0rd!!!1"

__________________
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR.