PC Pals Forum
Technical Help & Discussion => Broadband, Networking, PC Security, Internet & ISPs => Topic started by: mistybear on June 26, 2006, 08:42
-
http://www.pcworld.com/reviews/article/0,aid,126083,00.asp
Maybe it's time I installed a Firewall. :?
-
sounds like a plan :-)
-
I installed a Firewall on the PB and it drove me nuts for ages. This wanted permission for whatever and something else wanted access to a certain port.
And I found that some when you deny permission they just keep on asking, then I just gave in. A little like having a toddler.
So what's the point of a Firewall when you end up giving permission to the very thing you are trying to keep out.
Somethings were obvious, but there were a few I wasn't sure about, well more than a few. :blush: :laugh:
-
umm....
-
Very interesting, especially the rootkit section. I downloaded and ran RootkitRevealer and it produced a couple of entries that I'm suspicious of
HKLM\S-1-5-21-1292428093-1060284298-839522115-1003\RemoteAccess\InternetProfile 21/06/2006 15:22 11 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Classes\webcal\URL Protocol 10/06/2006 16:05 13 bytes Data mismatch between Windows API and raw hive data.
Should I be worried, and how do you deal with such discrepancies?
It also highlighted a file on the hard drive that I can't access. I think this may be because I stupidly gave the file a name ending in "..." and now I get an error message that this location is unavailable whenever I click on it. Any ideas about how to deal with this rogue?
Gill
-
you could deal with the rogue via using the msdos prompt...
-
Don't know if this is of any help, but they have a forum.
http://www.sysinternals.com/Forum/forum_topics.asp?FID=15
-
That forum seems to be rather high on analysis, rather low on practical implementation.
Sam, I've tried the MS DOS route and it tells me that I've deleted the directory containing the rogue file. Then I ask it list the directory and everything's still there.
Gill
-
umm....
That's exactly what I did when the Firewall asked for access. You've had the same experience. :laugh:
-
Hang on; the folder that contained the rogue file has gone according to MS DOS but it's still there according to Windows Explorer. Curious.
Gill
-
umm thats odd.. though i guess it is worth pointing out that msdos is only an emulator on xp, so it might not delete it directly. is this file in any particularly sensitive location?
-
That's exactly what I did when the Firewall asked for access. You've had the same experience.
lol
-
Hi Sam
No, it's not in a sensitive location as such. It's just an irritation. I suppose noses aren't particularly sensitive locations either, but when you get a pimple on them they suddenly become sensitive.
This file is a pimple on the backside of my HDD.
:)
Gill
-
lol.. i was just wondering if for some reason windows was "restoring it" or not letting you delete it for the reason of the location
-
You should maybe try deleting it with system restore off, Gill.
-
http://www.pcworld.com/reviews/article/0,aid,126083,00.asp
Maybe it's time I installed a Firewall. :?
Are you saying you haven't got one, MB? After all we went through with Michael's machine? :ooo: I thought you were going to get it all sorted!
Not sure if it's still the only one which does so, but F-Secure (http://www.f-secure.com/) claims to 'root out' rootkits.
A new firewall can be incredibly irritating at first, but after a few days, it will settle down. There is always a box to tick, when it asks permission for an application to access the internet, to repeat the same answer each time, or not to ask again, so it shouldn't keep asking the same question. My only gripe with most firewalls is that it can be difficult to work out which program they are referring to, but some simplify things better than others, and F-Secure usually tells you exactly what the program is, which is asking for online access.
-
You should maybe try deleting it with system restore off, Gill.
It won't let me delete it, Lona. When I click on the icon I get an error message saying the address refers to a location that is unavailable.
Gill
-
Have you tried a search to see if it finds the location in the search box?
-
Good idea, Lona :) .
It does identify the folder and you can right-click on it. According to its properties, it doesn't have any size! I've tried moving it, deleting it, renaming it... all the right-click options but to no avail. Can you think of anything I've missed?
Gill
-
Have you tried removing it in safe mode Gill ?
-
I've just tried using safe mode. There's no difference :( .
Thanks for the suggestion, though.
Gill
-
how about just booting from a boot disk into msdos? so proper msdos.
-
http://www.pcworld.com/reviews/article/0,aid,126083,00.asp
Maybe it's time I installed a Firewall. :?
Are you saying you haven't got one, MB? After all we went through with Michael's machine? :ooo: I thought you were going to get it all sorted!
Not sure if it's still the only one which does so, but F-Secure (http://www.f-secure.com/) claims to 'root out' rootkits.
A new firewall can be incredibly irritating at first, but after a few days, it will settle down. There is always a box to tick, when it asks permission for an application to access the internet, to repeat the same answer each time, or not to ask again, so it shouldn't keep asking the same question. My only gripe with most firewalls is that it can be difficult to work out which program they are referring to, but some simplify things better than others, and F-Secure usually tells you exactly what the program is, which is asking for online access.
Yes Simon I know I'm very naughty for not installing one, but in my defence I remembered what a problem it was just trying to download a firewall onto Michael's computer so I could burn it to CD for the PB. There was a compatability problem with the XP Firewall, from memory I think I had to uninstall the XP one first. I'm a little cautous about deleting parts of XP.
Also I don't visit the same types of sites that Michael does. :laugh:
Michael used my computer one night to show a friend of ours, sites that he gets still shots from. PC games and such. I ran a couple of scans a few days later and there were lots of adware and malware. :roll:
Will F-Secure play nicely with others?
-
If you get the F-Secure Internet Security Suite, you don't really need any other ones, as it has Anti Virus, Firewall, Anti Spyware and Anti Spam all in one. That said, in my opinion, you can't have too many spyware scanners (within reason) as they all find different things. If you have something installed which is likely to conflict with F-Secure, it will tell you to uninstall it, before F-Secure will complete it's installation.
Another one worth considering, is Bit Defender Internet Security (http://www.bitdefender.com/PRODUCT-72-en--BitDefender-9-Internet-Security.html), which is another all-in-one, but uses less system resources than F-Secure. BD has advantages and disadvantages. One advantage is that you can (apparently) find it on something called 'torrents' :whistle: but one disadvantage is that it's quite a bit more complicated to configure than F-Secure, and tends to shout warnings at you a lot. That said, it doesn't seem to be so fussy as to what else you have on your machine, so it's swings and roundabouts.
If you don't use any of these, you should at least enable your Windows Firewall. You don't need to visit dodgy sites to pick up nasties from the net.
-
When I ran Hijack This on the weekend its desciption of my Firewall wasn't very flattering. Either I don't have one or I have XP's.
Which is turned on btw. I have heard people say that it's better than nothing......just.
Ok I'll give F-Security a try.
I think certain sites do have more adware and such attached to them. Especially sites that teenagers would visit.
-
Especially sites that teenagers would visit.
says it all :-)
-
I recieved an email from F-Security 2006 offering me a 20% discount if I purchase it within 48 hours. They also asked me to provide feedback.
I won't be bothering with either.
But I am interested in any suggestions for a plain, basic Firewall.
That is easy to understand and one that doesn't require me to think. (Too much) :?
-
zonealarm is pretty good, if you just use the basic version for this.
-
I'm saying nothing! :mmm:
-
zonealarm is pretty good, if you just use the basic version for this.
Is it easy to understand, as in what wants access to the internet. The problem I had with Kerio is that I didn't know what some of them were for.
-
I'm saying nothing! :mmm:
Chicken.
http://www.funpages.com/chickendance/
-
:lol: The trouble with all Firewalls is that they do need some 'training', and will ask you when applications attempt to access the internet, particularly when you first install one. I believe ZA is fairly straighforward, but you will no doubt still get a few where you don't know what it is, although some will be more obvious. One method is to Google the name of an application, or ***.exe file, when it applies for access, which will usually give you a reasonable idea as to whether it's safe or not.
-
"Training", you mean I'll have to use my brain more than normal. :argh:
Using Google is a good idea.
I know you have suggested Zone Alarm and I probably will go with that one, but here is the selection I am looking at.
http://www.filehippo.com/software/firewalls/
-
Of those, I have used Outpost, which was fine, except it didn't allow the use of some P2P applications, such as WinMX, Zone Alarm, which didn't cope well with Mail Washer, and Sygate, which was great, but it's now part of Norton, and I'm not sure how much of it has changed. I think you take a bit of a chance with all of them, and it's a question of finding the right one to suit your needs, but as most of those are free, you don't lose anything by trying them, and it's better to have some protection than none at all. ;)
-
The Sygate one is an older version before that occurred I think.
Note that from November 30th, 2005 all Sygate consumer firewall products have been discontinued but this versions is available here for free use.
I had a look at the Outpost site and with the free trial version it is suggested that any firewall applications should be uninstalled before downloading as it could cause instability (crashes). I really don't want to go there again, but I also don't wish to tamper with XP's firewall. Is turning it off enough as I don't think I can uninstall it, not sure.
Earlier this year I tried downloading Kerio onto Michael's computer, it was to be burn to CD for the PB, but it wouldn't download until I uninstalled the XP's firewall. I ended up downloading it as a zip file.
-
Switching off the Windows Firewall should be enough to avoid conflicts with other software.
-
With much deliberation I decided on Zone Alarm basic, thankyou Sam and Simon for your advice.
The first thing it did was block itself. :laugh: Michael, who fixed it for me, found that very funny. :laugh:
-
The first thing it did was block itself.
:wtf: Your PC certainly seems to have some unique characteristics, Kate!
-
You can say that again.(https://www.pc-pals.com/smf/proxy.php?request=http%3A%2F%2Fwww.netpond.com%2Fimages%2Fsmilies%2Fpcfite.gif&hash=b535edbc17d4c5c06889311a959dc38b2fb390f9)