bobcat
Posts: 678 +69
Myth 1: With a firewall I am fully secure
A firewall only filters network traffic. DVD and USB drives remain malware entry gates that should not be underestimated, as the worm Conficker proves.
Besides, the firewall is powerless against virus infections – you should definitely also use an anti-virus like the free AntiVir, and round up protection with regular updates of system and web related apps.
Myth 2: Under Stealth Mode I am invisible
The Stealth Mode integrated in some firewalls suggests invisibility and through it full protection from attackers. In reality, the Stealth Mode does keep silent on ping-probing, but if the hacker doesn’t receive the reply “Destination unreachable”, he only needs to put 1 plus 1 together to know that there is a computer there.
Myth 3: By closing ports I achieve full security
In principle, fewer open ports mean smaller target area. But there is a method through which hackers can bypass closed ports. By using the so-called “tunnelling”, attackers can send through an open port data which are foreign to the service operating there. To trick the network service, they have converted the data in its format. For example, through a HTTP tunnel (port 80), FTP data are exchanged, though the FTP port (21) is closed. For this, the FTP data were previously embedded in a HTTP protocol.
A firewall only filters network traffic. DVD and USB drives remain malware entry gates that should not be underestimated, as the worm Conficker proves.
Besides, the firewall is powerless against virus infections – you should definitely also use an anti-virus like the free AntiVir, and round up protection with regular updates of system and web related apps.
Myth 2: Under Stealth Mode I am invisible
The Stealth Mode integrated in some firewalls suggests invisibility and through it full protection from attackers. In reality, the Stealth Mode does keep silent on ping-probing, but if the hacker doesn’t receive the reply “Destination unreachable”, he only needs to put 1 plus 1 together to know that there is a computer there.
Myth 3: By closing ports I achieve full security
In principle, fewer open ports mean smaller target area. But there is a method through which hackers can bypass closed ports. By using the so-called “tunnelling”, attackers can send through an open port data which are foreign to the service operating there. To trick the network service, they have converted the data in its format. For example, through a HTTP tunnel (port 80), FTP data are exchanged, though the FTP port (21) is closed. For this, the FTP data were previously embedded in a HTTP protocol.
