On Installing Windows

[Art]

Home users not behind a external firewall/router ... or who shun the
Win XP firewall ... can get easily get into deep doodoo if they're not
careful.

For a project I'm working on, I installed Win 98SE on a spare 2 gig
drive. Since my LinkSys wireless PCI adapter doesn't work with Win
98/ME (don't believe what it says on the package) I bypassed my
router/fw and conneted my DSL modem directly to the Ethernet card.
I then disabled services and made sure that only TCP/IP was bound
to the internet adapter. The netstat -an result was empty as usual.

I then downloaded/installed IE 6 and did Windows Update (WU).
When I rebooted, Windows logon appeared! Sure enough, the WU
Trojan had undone my work. All the NETBIOS file/printer sharing ports
had been opened. I was lucky to not take any hits.

One way to handle fresh installs is to keep a copy of the install file
of your favorite software firewall on CD. Install it immediatley after
Installing Windows, making sure to be disconnected from the internet
during the process. Do your hardening (disabling of unwanted/uneeded
services) only after running the WU Trojan It's a good idea to do
this in any event. And keep an eye on netstat -an after every WU.

Win 2K isn't quite as bad in this regard, though I think the WU Trojan
did open at least one high numbered port. Dunno about XP but I'd be
surprised if WU doesn't destroy some hardening on it as well.

The best bet is to getcherself a external fw/router.

Art

http://home.epix.net/~artnpeg

 

[Heather]

Home users not behind a external firewall/router ... or who shun the
Win XP firewall ... can get easily get into deep doodoo if they're not
careful.

The best bet is to getcherself a external fw/router.

Timely posting, Art. I have ZAPro on here now, but ran with the WinXP
firewall for 3 days. Have been seriously debating a router and was just
about to hit Google and read up on them when I saw this.

Thanks.....Heather

 

[YoKenny]

Timely posting, Art. I have ZAPro on here now, but ran with the WinXP
firewall for 3 days. Have been seriously debating a router and was
just about to hit Google and read up on them when I saw this.

Thanks.....Heather

For $20.00 or so after mail-in rebates it is the best thing you can install.

It offloads all of the junk Internet traffic so that ZAPro does not have to
work hardly at all only checking outbound junk.

 

[Art]

Timely posting, Art. I have ZAPro on here now, but ran with the WinXP
firewall for 3 days. Have been seriously debating a router and was just
about to hit Google and read up on them when I saw this.

Thanks.....Heather

I'm really happy with my LinkSys wireless router/fw which allows us to
share our internet connection on two PCs.

Art

http://home.epix.net/~artnpeg

 

[Heather]

I'm really happy with my LinkSys wireless router/fw which allows us to
share our internet connection on two PCs.

Is there any advantage/disadvantage to wired vs wireless?? I was told that
wireless HAS to be configured just so and that wired might be safer for
someone like myself who has never used one.

I was considering it for safety, but more so for linking up to my old WinME
coz there is a lot of stuff that could then stay on that one and I could
just access it via XP. No matter how much you back up.....there are always
silly little things you forget and I am constantly copying via floppy for
most of it.

95% of the old one is backed up on CD's. But there are a lot of emails with
genealogy data on them......Peg would understand how we collect them up for
possible future use. (G)

Heather

 

[David H. Lipman]

From: "Heather" <[email protected]>


| Is there any advantage/disadvantage to wired vs wireless?? I was told that
| wireless HAS to be configured just so and that wired might be safer for
| someone like myself who has never used one.
|
| I was considering it for safety, but more so for linking up to my old WinME
| coz there is a lot of stuff that could then stay on that one and I could
| just access it via XP. No matter how much you back up.....there are always
| silly little things you forget and I am constantly copying via floppy for
| most of it.
|
| 95% of the old one is backed up on CD's. But there are a lot of emails with
| genealogy data on them......Peg would understand how we collect them up for
| possible future use. (G)
|
| Heather
|

Figgs:

Look up the term...
"War Driving"

 

[Heather]

Look up the term...
"War Driving"

OK.....forgot about that, but I am on a rather secluded dead-end court in
the north end of a city above Toronto. Don't think that would apply much up
here. But a friend of mine in Latin America did "tune in" on a neighbour's
broadband at times. (apartment bldg)

Anyway, saw a wired (and wireless) one in the paper this AM for about $20
Cdn.....mail-in rebate of $50 or so....hate MIR's. Did you know they are
illegal in the UK?? Smart country!!

Heather

 

[Art]

Is there any advantage/disadvantage to wired vs wireless??

Soytenly cable is more secure. But some people can't install the
cables easily. With wireless you have to understand that hackers can
pick up the signals up to four miles away with special antennas.

I was told that
wireless HAS to be configured just so and that wired might be safer for
someone like myself who has never used one.

With Win XP I think there are ways to make wireless security much
stronger. I dunno much about it. But there's endless stuff you can
Google up about the weaknesses even using 128 encryption.

I was considering it for safety, but more so for linking up to my old WinME
coz there is a lot of stuff that could then stay on that one and I could
just access it via XP. No matter how much you back up.....there are always
silly little things you forget and I am constantly copying via floppy for
most of it.

Be careful. With my LinkSys, Win ME has to be where the router is
since the PCI adapter doesn't work with 98/ME no matter what the
box and the salesman says

Art

 

[Heather]

something or other, I deleted it, lol.

Soytenly cable is more secure. But some people can't install the
cables easily. With wireless you have to understand that hackers can
pick up the signals up to four miles away with special antennas.


With Win XP I think there are ways to make wireless security much
stronger. I dunno much about it. But there's endless stuff you can
Google up about the weaknesses even using 128 encryption.


Be careful. With my LinkSys, Win ME has to be where the router is
since the PCI adapter doesn't work with 98/ME no matter what the
box and the salesman says

Thanks again. Just remembered that my network card got fried in the
lightning hit on my WinME a month ago, which I think could cause a problem.
Had to hook the cable modem up via USB port.

Must read up on all of this as you say. Willy said to hold off until I
decided whether or not I needed one. Certainly doesn't want to spend my
money!! )

Heather

 

[Sugien]

Home users not behind a external firewall/router ... or who shun the
Win XP firewall ... can get easily get into deep doodoo if they're not
careful.

For a project I'm working on, I installed Win 98SE on a spare 2 gig
drive. Since my LinkSys wireless PCI adapter doesn't work with Win
98/ME (don't believe what it says on the package) I bypassed my
router/fw and conneted my DSL modem directly to the Ethernet card.
I then disabled services and made sure that only TCP/IP was bound
to the internet adapter. The netstat -an result was empty as usual.

I then downloaded/installed IE 6 and did Windows Update (WU).
When I rebooted, Windows logon appeared! Sure enough, the WU
Trojan had undone my work. All the NETBIOS file/printer sharing ports
had been opened. I was lucky to not take any hits.

One way to handle fresh installs is to keep a copy of the install file
of your favorite software firewall on CD. Install it immediatley after
Installing Windows, making sure to be disconnected from the internet
during the process. Do your hardening (disabling of unwanted/uneeded
services) only after running the WU Trojan It's a good idea to do
this in any event. And keep an eye on netstat -an after every WU.

Win 2K isn't quite as bad in this regard, though I think the WU Trojan
did open at least one high numbered port. Dunno about XP but I'd be
surprised if WU doesn't destroy some hardening on it as well.

The best bet is to getcherself a external fw/router.

I just gave the same advice about using a router not 2 hours ago to another
poster in another thread. Now days a router especialy one with NAT and a
firewall that *comes with the router* is necessary for any broadband always
on net access.

 

[Sugien]

OK.....forgot about that, but I am on a rather secluded dead-end court in
the north end of a city above Toronto. Don't think that would apply much
up here. But a friend of mine in Latin America did "tune in" on a
neighbour's broadband at times. (apartment bldg)

Anyway, saw a wired (and wireless) one in the paper this AM for about $20
Cdn.....mail-in rebate of $50 or so....hate MIR's. Did you know they are
illegal in the UK?? Smart country!!

at the electronic web version of the "burning man" this year they tuned in
and accessed a wireless router from over 125 miles away, so you being in an
out of the way place is non-securer to use a star trek fusionism

 

[Laura Fredericks]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I just gave the same advice about using a router not 2 hours
ago to another poster in another thread.

Who gives a shit what you did? You have no credentials, here,
coderipper. Why don't you go back to alt.hackers.malicious, ya
big dimbulb!
http://snipurl.com/hrdq

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQyyREKRseRzHUwOaEQIcTwCdE3OeOC8FA0GdRXja4S1hPY97NUsAn33h
2U2Shdeuvmvgl7UJ4IYzR3ut
=0fk6
-----END PGP SIGNATURE-----

--
Laura Fredericks
PGP key ID - DH/DSS 2048/1024: 0xC753039A

alt.comp.virus photo gallery:
http://www.queenofcyberspace.com/acvgallery/

usenet flamewars:
http://www.queenofcyberspace.com/usenet/

Remove CLOTHES to reply.

 

[Sugien]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Who gives a shit what you did? You have no credentials, here,

My credentials are EXP *experience* which is far superior to book learning;
because those that wrote the book had to first learn the same way I did by
trial and error

coderipper. Why don't you go back to alt.hackers.malicious, ya
big dimbulb!

dimbulb = Dynamic Individual Making Brilliant Usenet Litanies Bellow

The only *credentials* I need, is that people already *do know* that what I
tell them works, and it doesn't mater a hill of beans whether I learned it
at university or by trial and error; because guess what? when it works, the
people wanting the information don't care if you have letters after you name
or not so there buckwheat

btw, just remember
when people see that what I say works and see you calling me names for it
just makes you look more like the fool you are already

one more thing, you say coderipper, I say code library, oiow, you say po tae
toe , I say po tah toe
so bite me, but on second thought don't; because I haven't had a rabies shot
since I was a child.

 

[David H. Lipman]

From: "Heather" <[email protected]>


|
| OK.....forgot about that, but I am on a rather secluded dead-end court in
| the north end of a city above Toronto. Don't think that would apply much up
| here. But a friend of mine in Latin America did "tune in" on a neighbour's
| broadband at times. (apartment bldg)
|
| Anyway, saw a wired (and wireless) one in the paper this AM for about $20
| Cdn.....mail-in rebate of $50 or so....hate MIR's. Did you know they are
| illegal in the UK?? Smart country!!
|
| Heather


Start wired. Seup File and Print Services. Share data and learn about networking and
wireless security. Then when all has been setup and you understand how to secure wireless
access points, you can move over to wireless technology.

 

[David Segall]

Is there any advantage/disadvantage to wired vs wireless??

The only advantage of wireless is that it is wireless. If cables are
not a problem for you then use them. They will probably be a little
faster as well.

I was told that
wireless HAS to be configured just so and that wired might be safer for
someone like myself who has never used one.

Configuring wireless is straightforward unless you insist on
understanding what you are doing! As you long as you select a secure
connection with an ordinary password from the configuration options
you do not need to know whether it is WEP, WPA or any other TLA. If
you fail to secure it you will be told as soon as you try to connect a
client to the network.

 

[Laura Fredericks]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

...it doesn't mater a hill of beans whether I learned it at
university

Here's the only "university" you attended, Dimbulb.
http://snipurl.com/hrdq

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQy25WKRseRzHUwOaEQKh5QCg67LgMQKhwRCsFddskJszJBcmK1wAnjm3
KKU+piqaFnCylX5EM5++qonJ
=M/Hw
-----END PGP SIGNATURE-----

--
Laura Fredericks
PGP key ID - DH/DSS 2048/1024: 0xC753039A

alt.comp.virus photo gallery:
http://www.queenofcyberspace.com/acvgallery/

usenet flamewars:
http://www.queenofcyberspace.com/usenet/

Remove CLOTHES to reply.

 

[Sugien]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Here's the only "university" you attended, Dimbulb.
http://snipurl.com/hrdq

Knowing you as I do , I know that has to point to some sort of asinine crap.
I attended OSU; if you don't believe it so what? I also attended OIT for
the BEET or Bachelors of Electrical Engendering Technology; but of course
you don't believe that either. Now as to whether or not I graduated or not
is not the point, the point is that I passed the entrance exams and had good
enough grades from high school to even enter. OIT 1975 OSU 1980

 

[kurt wismer]

Heather wrote:
[snip]

Is there any advantage/disadvantage to wired vs wireless?? I was told that
wireless HAS to be configured just so and that wired might be safer for
someone like myself who has never used one.

look at it this way... wireless, by its very nature, broadcasts your
traffic... you have to have things configured carefully to avoid people
being able to do anything with traffic they intercept and to avoid
people being able to access your network resources (shared folders,
internet connection, etc)...

wired, by comparison, would require someone to have physical access to a
wire in order to do any of that... physical security is sometimes a
simpler/easier concept than logical security...

 

[kurt wismer]

Soytenly cable is more secure. But some people can't install the
cables easily. With wireless you have to understand that hackers can
pick up the signals up to four miles away with special antennas.

4 miles? try 125 miles...
http://www.wifi-shootout.com/

With Win XP I think there are ways to make wireless security much
stronger. I dunno much about it. But there's endless stuff you can
Google up about the weaknesses even using 128 encryption.

they keep making new wireless protocols in part because they keep
screwing up the security... i understand that sometimes these standards
committees are more concerned with consensus than they are with
correctness...

 

[Sugien]

Heather wrote:
[snip]

Is there any advantage/disadvantage to wired vs wireless?? I was told
that wireless HAS to be configured just so and that wired might be safer
for someone like myself who has never used one.

look at it this way... wireless, by its very nature, broadcasts your
traffic... you have to have things configured carefully to avoid people
being able to do anything with traffic they intercept and to avoid
people being able to access your network resources (shared folders,
internet connection, etc)...

wired, by comparison, would require someone to have physical access to a
wire in order to do any of that... physical security is sometimes a
simpler/easier concept than logical security...

You do know that all wires transmit EMF (electro magnetic frequencies)
information and are in effect a mini sort of radio transmitting station
right? Even the 60Hz electrical wires give off a 60 cycle hum into radio
land. Are you aware that someone with the right equipment one can sit out
side of your house and even if you network is wired they can pull in what is
sent along the wires or across your screen. True it takes some specialized
equipment and anyone other then the government most likely won't have the
equipment and anyone that does have the equipment to do so are also just as
likely to not be interested in what is on most all home networks.
They even have a portable faraday cage which looks like a pup tent
stood on end for the traveling business man to sit in and use their laptop;
because of this ability to pull in signals of computer monitors from a
distance even if it is a single laptop not connected to anything and not
even on the web.
That reminds me that not so long ago business started pointing the
flashing little led's from modems away from outside windows because of the
ability to decipher it.