April 19, 2000
11:31 PM   Subscribe

I have dsl at home and have had a pretty good experience with Norton Internet Security 2000. Basically it sits in your tray and monitors incoming and outgoing transactions based on the level of protection, 3 of them, that you select. I have had to disable it a couple times for specific reasons, but overall I am very satisfied with it. It also has a built in banner ad blocker if you choose to activate it. They have a 30 day trial version and you can also download the fully functional version after purchase. Good luck and feel free to email me with any specific questions.
posted by bvanveen at 12:11 AM on April 20, 2000

I have a cable modem at home and I am using ZoneAlarm for a while. I am very satisfied with the software.
It is easy to configure and use. And the most important of all, it is free.
BTW you can check the security of
your computer's connection by going to grc.com and clicking on the ShieldsUP icon.
posted by Yeet at 12:50 AM on April 20, 2000

I notice these are PC apps...what options exist for the Mac platform, or are any needed? My apologies for my total ignorance on the subject.
posted by Bryan at 2:26 AM on April 20, 2000

Black Ice Defender is an excellent program for your home/PC needs. I can say that I do like this one, I've tested and evaluated many, many of these programs and this is tops. It gives a lot of false positives, but it's really kind of fun to watch...

For Mac users, I'll check with some of my Mac friends, I know a couple of security consultants that have Mac experience.
posted by Dean_Paxton at 4:37 AM on April 20, 2000

Best solution: get a firewall/proxy server. You'll need nothing more than a cheap 486 or Pentium, Linux, and some free software. You'll never have to worry again.
posted by Succa at 7:26 AM on April 20, 2000

I have a cable modem and I completely agree with the recommendation about Norton Internet Security 2000. I used it when it was "AtGuard", before Symantec purchased it, and I upgraded recently.

One of the morel surprising things is just how often people try to taste my system looking for various trojans. I would say that I typically get a crack attempt about five times per week, and about a month ago I got hit seven times in one day -- by seven different people.

NIS2K is superb. You definitely don't need a second computer to act as a firewall.
posted by Steven Den Beste at 7:32 AM on April 20, 2000

A lot of times these programs open up ports on your machine in order to scan them. These ports normally would be shut off, but these programs open them up...

posted by jbeaumont at 8:05 AM on April 20, 2000

Oh one more thing - the best thing you can do for your home security on your machine is (if you're running windows) to turn off file and print sharing.
posted by jbeaumont at 8:06 AM on April 20, 2000

jbeaumont is right, it depends on which M$ product you are running, but these ports are closed by default with a few exceptions. I personally don't use anything commercial, I use a freeware port scanner that keeps an eye on the ports I tell it to, but preforms no actions.

If I saw someone tapping on those ports, and my hard drive was spinnig wildly, I'd probably just yank the PC off the network! Sure is hard to hack then... To find out which ports to be wary of, check out Infosyssec, Security Focus, or Infowar.com. Finally, the Sans Institute has a wonderful resource on intrusion detection.
posted by Dean_Paxton at 8:26 AM on April 20, 2000

I'm surprised no one's mentioned Gibson Research's scanner page. Go to Shields Up, and it will scan your machine for the most common vulnerabilities.

Note: if, as Succa suggests, you run a small, cheap Linux box (a 386/40 will do wuite handily) as a masquerade router, not only will the outside world be almost completely unable to hurt you (assuming you lock the router down correctly), but you'll be able to run multiple client behind your cable modem without the carrier noticing.

One other scanner I've recently run across is The Whitehats Distributed Denial of Service scanner. I must admit to being unfamiliar with them; Jerry Pournelle mentioned them in his mail column.

(I'd observe that Jerry Pournelle is an ex-Byte columnist and science fiction writer, for those who didn't know that, but I'm sure some snide bastard^W^Wkind soul would say "no shit"... so I won't. :-)
posted by baylink at 8:51 AM on April 20, 2000

When i started this post, i forgot to ask -- benefits or downsides to using NT with all of this crazyness.
posted by milhous at 10:39 AM on April 20, 2000

If anyone is interested in finding out just how secure their particular system is, there are couple of sites which will make a benign attempt on your system (at your request and with your permission) to see just how much you are revealing. No matter what, they cause no harm. The testing process is completely safe.

This is the better one but you go into a queue and it may take a couple of hours for them to get to you. They send you email when they're done. You have to leave your computer online until they get to you.

This one is less comprehensive but it runs interactively and reports to you as it finishes individual steps of the process. Click the "Shields Up!" link.

My Win 98 system running "Norton Internet Security 2000" passed both tests with flying colors; I got top marks.
posted by Steven Den Beste at 11:11 AM on April 20, 2000

Re: Succa's post

Proxy/Firewall solutions are definetely the best, but rather than a Linux distro, consider OpenBSD (www.openbsd.org). It's quite probably the least hackable system out there, and unlike most Linux distros, it comes with everything locked down, so if you've never used a Unix-like OS, you're secure-by-defualt. If you want to open a specific port, you have to do it manually.

re: NT

I don't know how well NT works with the various security utils out there, but if NT or Win2000 are an option for you, set your filesystem to NTFS, dedicate a specific directory that can be open to the world, and modify the permissions for the rest of your computer. It'll be difficult enough for crackers to get in that you'll avoid most of the script-kiddie cracking software out there, and it takes very little time to do. Anyone wanting to get into your box is going to have to do some research, and if they're willing to research, they'll already know about any bugs and exploitations in any software out there.

No matter what security solution you use, make sure you've got a good virus scanner, one that checks all data coming in (Norton VirusShield readily comes to mind) and keep it updated.
posted by cCranium at 2:46 PM on April 20, 2000

I believe they're essential. Either run something like BlackICE, Norton, or the free ZoneAlarm (new version 2.1 out, now it makes a text log), or have a firewall in your router/bridge/gateway depending on how your broadband access is configured (sometimes you don't have any choice).

I'm using ZoneAlarm at home, and the only problem is too many false positives. I hope 2.1 is a tad better behaved. At a customer, I have a Netopia router (DSL modem) with firewall capabilities, and I've got it locked down pretty good. You can also buy boxes that will do this (say, if you want to share that DSL connection).
posted by dhartung at 6:46 PM on April 20, 2000

If you have DSL or Cable in an always on configuration, you mighr consider Linksys' Router. It's about $160(US) has 4 ports and is configurable through a web browser. It's about as cheap, much smaller, and much easier to maintain than a dedicated 486 box to do the same thing.
posted by plinth at 5:51 AM on April 21, 2000

Um, duh. Oops; someone *had* mentioned Shields UP before I did. I guess I'm blind this week.

Thanks for not jumping my crap, folks.
posted by baylink at 7:43 AM on April 21, 2000

GNIT is what I use for Windows NT, they just released the new version a week or so ago. It's free, it's all set for the "danger" ports, and it's cool. That's my advise for ANY WinNT/2000 box.
posted by Dean_Paxton at 11:31 AM on April 21, 2000