I have a broadband connection with a static IP. I have a D-link router with Freedom firewall software.

Occasionally the freedom software opens an ad window stating something like "Warning, you are broadcasting your IP making you vulnerable to hackers." They are trying to sell another privacy service.

Is a firewall enough protection? Is there something else I should do for protection because of the static IP? (layman terms would be appreciated as I'm not very computer savvy)

Thanks

I do not know what kind of firewall "Freedom" provides, but if it is their software popping up those messages, I would seriously think of obtaining different software or possibly using what may be available in your operating system.

Are you using Windows? If so, what version (XP, 2000,98...)

Is this a stand alone machine or are there other computers networked via the DLink hub?

Are you running a web server or ftp server?

If you are running Windows XP as a stand alone computer and are not running I.I.S.(web or ftp server), you can simply use the Windows built-in firewall- this will close all of the ports on your computer to the outside world.

Go to Network Connections, right-click the Network connection listed that contains the network card with the static IP, click properties, click advanced, then mark the check box to enable the Internet connection firewall. click ok, close the property and network connection windows, and the pop-up messages will cease.

Of course your machine is braodcasting an ip address. That's what being on the internet means. If it weren't, when you connected to a website, the server wouldn't know where to send it.

As long as you're using a decent firewall (I recomment ZoneAlarm) you don't need to worry about these slighly desperate adverts.

I have a static ip, my machine's on 24/7, and I've never had any security issues or the like.

Cheers,
Rat.

Ditto.
A good firewall (consider Sygate Personal Filewall Pro) and decent A.V. software is all you need. I'm in the same situation, and my firewall usually sees several minor port scans and one serious attempt per month.

Whomp!

Yes. A good firewall is all you really need.

Having a static IP makes you vulnerable to hackers in the same way that having a static house address makes you vulnerable to people who want to break into your house.

Thanks very much for your suggestions.

I have a stand alone computer with Windows XP. I think I'll try the built-in firewall for the time being and maybe look into purchasing one of the other firewall programs you guys suggested.

Is there any way to check your firewall's effectiveness?

Thanks

Dont buy anything, both the free Zone alarm firewall and the free Kerio firewall are enough for your needs.

Google Zone alarm or Kerio and get it from them.

Originally posted by RoadToNoReturn

Is there any way to check your firewall's effectiveness?

I use Shields Up!! at http://www.grc.com to test my IP for open ports anytime I make changes to my firewalls. (Click through on Shields UP! then scroll down to Hot Spots for Shields Up!

By broadcasting an IP address, I can only assume that they mean that your computer responds to a ping. That is if a hacker were to send a signal to you computer by trying random IPs, your computer replies by saying it is present at that IP address. A hacker could then try to look for vulnerabilities on your computer.

I also agree with thrombus that the free ZoneAlarm is good enough for most people. Plus get an Anti-virus program of course!!

Why is everyone kissing ZA's behind? It's a pretty good program - I even purchased the Pro version because I like that the base one is free - but it's not the end-all of security, no matter what Steve Gibson says. ZA = all right. Hardware firewall = better.

That said, please do not use ShieldsUp as your only testing device. If you know someone with nmap, have them scan you.

Originally posted by LFTKBS
Why is everyone kissing ZA's behind? It's a pretty good program - I even purchased the Pro version because I like that the base one is free - but it's not the end-all of security, no matter what Steve Gibson says. ZA = all right. Hardware firewall = better.

That said, please do not use ShieldsUp as your only testing device. If you know someone with nmap, have them scan you.


ZA will keep regular users happy and confugure itself to do what it has to without the user knowing anything about it. Have you ever tried to configure Black Ice? I personaly like the free Kerio best because it's small size but for some reason it isn't working on my new instalation.

We are giving basic advice on a bulliten board here, should we be telling people to set up smoothwall Linux boxes out of old computers they have lying around?

Any of the free firewalls are good enough for the average users out there.

Originally posted by LFTKBS
Why is everyone kissing ZA's behind?

1.) It's free
2.) It's easily configurable
3.) It works
4.) The AVERAGE user can download and install it in a matter of minutes


but it's not the end-all of security, no matter what Steve Gibson says. ZA = all right. Hardware firewall = better.

SG is very intelligent, and very good at marketing himself. But some of his security ideas are more of a chicken little type of advice more than anything.
I don't like ZA because SG says it's good. I like it for the reasons posted above. Telling someone to "Go to Zonelabs.com and download & install their free firewall" is a lot easier (and, more important, far more likely) for them that telling them download the iso version of Linux, burn a CD, find an old PC, pick up a book on iptables, read it, implement the firewall....etc.

Or telling them to drop $150 on a DLink or Linksys router/firewall combo.


That said, please do not use ShieldsUp as your only testing device. If you know someone with nmap, have them scan you.

Or do a Google search for "free port scanning". SU is a useful tool but I heartily agree that depending on only one item (or one web site) for all your security needs can leave you vulnerable.

Yeah - sorry if i got a bit testy on you there, ShowMe. There's just a lot of people who trust Gibson about everything , and I think a false sense of security is in many ways worse than having no security at all.

Also I hear a lot of people say things like "ZA blocked all these hackers who were scanning me!" Well, no. So that's also a concern of mine, the unfounded fear of "hackers."

I still apologize, tho'.

Originally posted by LFTKBS
Why is everyone kissing ZA's behind? It's a pretty good program - I even purchased the Pro version because I like that the base one is free - but it's not the end-all of security, no matter what Steve Gibson says. ZA = all right. Hardware firewall = better.

Hardware firewalls are for different purposes than personal firewalls. Hardware firewalls are much better than personal firewalls at stopping incoming traffic, which is crucial to protecting yourself from outside attacks, worms, etc.

However, hardware firewalls can't do anything about viruses and trojans put onto your system and calling out. To your hardware firewall, they look just like any other piece of software accessing the internet. A personal firewall such as ZoneAlarm will keep track of which software is or is not allowed to access the internet and notify you if a new piece of software attempts to do so, or if an existing piece of software has been changed. Hardware firewalls can't help you there.

Me, I run both. Multiple barriers is the key to security.

By the way, don't get thrown by people calling it a "hardware firewall"—that just means that the firewall is separate from your PC. The firewall is STILL running in software on that box, and can STILL be vulnerable to security flaws which could allow a hacker to compromise your firewall and gain entry. So, just as you run Windows Update, just as you keep ZoneAlarm and your virus checker up to date, be sure to keep up to date on the firmware releases for your hardware firewall.

Originally posted by thrombus29
We are giving basic advice on a bulliten board here, should we be telling people to set up smoothwall Linux boxes out of old computers they have lying around?

But a Linksys or Netgear router will both manage your internet connection and help you share internet access among several computers. They're easy to set up and configure, and they also provide a basic hardware firewall.

Originally posted by ShowMe
SG is very intelligent, and very good at marketing himself. But some of his security ideas are more of a chicken little type of advice more than anything.

You'll want a paranoid "chicken little" approach to security. There IS a way into your system, and there ARE people trying to get into it. Are you really paranoid if they actually are out to get you?

I did a free port scan with Zone Alarm running and got the following result:

(The 1600 ports scanned but not shown below are in state: filtered)
Port State Service
113/tcp closed auth

Nmap run completed -- 1 IP address (1 host up) scanned in 844 seconds


What does this mean? Is this good news?

Thanks

Originally posted by shanek


You'll want a paranoid "chicken little" approach to security. There IS a way into your system, and there ARE people trying to get into it. Are you really paranoid if they actually are out to get you?

True. But you don't want so much noise that the message gets lost.

Case in point: SG made a big deal out of the Code Red worm, speaking about the "meltdown of the Internet". He had some formula that showed how every PC would be infected in a matter of days, or some such. He never thought about folks patching their systems, or the AntiVirus crowd getting their definitions up to date, etc.

SG is an incredibly smart person, but like others on this board I agree that folks shouldn't look to him as the end all and be all of security.

Originally posted by RoadToNoReturn
I did a free port scan with Zone Alarm running and got the following result:

(The 1600 ports scanned but not shown below are in state: filtered)
Port State Service
113/tcp closed auth

Nmap run completed -- 1 IP address (1 host up) scanned in 844 seconds


What does this mean? Is this good news?

Thanks

It's probably very good news. NMap usually gives an output something like this:

The 1511 ports scanned but not shown below are in state:closed)

Port State Service
21/tcp open ftp
23/tcp open telnet
25/tcp open smtp
79/tcp open finger
80/tcp open http
98/tcp open linuxconf
111/tcp open sunrpc
113/tcp open auth
513/tcp open login
514/tcp open shell
515/tcp open printer
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second


If you didn't get any listing that said the port was open, the port is closed & you should be fairly secure as far as intrusion attempts.

Keep in mind this doesn't cover spyware or viruses.