Install Firewall software BEFORE connecting to the Internet

[Phantasm66]

I've recently been reinstalling some of the installed operating systems on my server, and rebuilding its RAID array, etc.

One thing I have noticed is this:

If I connect a virgin, clean install Windows XP (even with service pack 1 integrated) UNLESS I install Zone Alarm and anti-virus software first, MS Blaster fix, etc I instantly get:

POP UP windows wanting to sell me things.

POP UP windows wanting to sell me software to get rid of pop up windows.

Infected trojans and worms.

Porno internet browser pop ups.

Someone else's BLASTER infected machine shutting me down.

Particularly distressing was the infection of teekids, which by the looks of it happens almost as soon as an unpatched XP connected to the net at all. AND WITHOUT ME HAVING TO DO A THING!

Then there was the multiple infected instances of svchosts, etc.

The Internet just isn't the safe place to be it was when I first started using it in 1995/6.

What I think now is that one has to install zone alarm, or something similar, patch with a good amount of the available fixes, and install anti-virus software (latest definitions) BEFORE CONNECTING TO THE INTERNET AT ALL?!?!?!?!

Do you all experience this, or was I just unlucky? Has anyone with broadband installed their machine fresh with XP, 2000, etc just recently and had a similar experience?

 

[StormBringer]

heh Phant, that is terrible yet funny. though I have to agree. I often look at my logs several times a day and I would be afraid to be connected without my firewall software, several of my ports get almost constant hammering, blaster infected machines still being a big part of the ones doing the hammering.

I did take my firewall down for a bit a few days ago, as I can't view TS gallery with it up, and NAV went crazy shortly after that.

 

[Nic]

Yeah, I got that too when I first got broadband. I even managed to get a couple of trojans deposited on my machine within only a few minutes of being connected. Scary stuff.

I now have a router with built-in firewall that is always on, so I am always protected, even when reinstalling my OS. If you don't have a hardware firewall then you should disconnect your network cable before installing your OS. Make sure you have a firewall active, together with anti-virus software, before you reconnect.

 

[Phantasm66]

As soon as I turned zone alarm on it instantly logged 1 - 129 intrusions...! The software has only been on a few hours and now we are up at 3218, of which 73 have been serious!

 

[conradguerrero]

lol when i first got cable i forgot to turn on my firewall, luckily blaster came out the week next. similar things happened to me though: messenger crap, port scans, intrusions..

btw that link is to a members only page

 

[poertner_1274]

Yes, I have experienced this problem. It's a damn shame how bad everything has gotten now. It is very unfortunate how unsafe the net actually is now. So much BS out there it is ridiculous. Whenever I turn on my machine, the first thing I look for is my firewall, and it is the first thing I install once I get back up and running.

 

[Phantasm66]

try this link : http://216.239.59.104/search?q=cach...sage?topicID=853.topic+teekids&hl=en&ie=UTF-8

 

[Phantasm66]

i've given everything a good clean out with a virus scanner, but what I think I'll do next time is install virus, patches and zonealarm first, before I connect to the net.

I am not kidding when I say that I was connected about 10 mins and already had the pop up annoyance and the infestation of the first of several worms / virus things.

I wonder why someone writes something like a virus.

I am interesting in computers, programming, networking... client server network programming even, like itwould be pretty helpful to know if you are wanting to write a virus... but I would never have the inclination. Its just evil. Its like spoiling the internet for everyone just because you haven't maybe had the rewards in life you think you should have had according to your intelligence. I hope I never become like that.

 

[alphnumeric]

My anti-virus is probably the last thing I install. I find that my software installs allot faster since the files don't have to be scanned. After I install my anti-virus I connect my PC to my router. I have all my drivers, service packs and patches burned to cd's and all the cd's have been scanned for viruses. I don't run a software firewall, but I do scan for ad-ware quit regularly.

 

[SNGX1275]

I guess I'm just incredibly lucky, I sometimes have my built in XP firewall turned on, but a lot of times I don't. I do have NAV loaded so it just sits in the background. And I do visit windowupdate on a regular basis, but I have yet to get infected by any of these blaster things, and since I turned off that messenger service I don't get those popups anymore.

 

[Phantasm66]

the problem with turning off the messanger service is that its actually a very useful service, and lots of other server applications (like MS SQL seriver, for example) use it. I should NOT HAVE to turn it off.

 

[XtR-X]

Phantasm, to be sure, you could just unlpug the ethernet cable or the phone line when you do it. That way you know that it won't connect to the internet solo... such as cable... or DSL hooked up to a server already logged in.... etc... well you should know.... the OSI model ^_^ (learned that yesterday).

 

[Phantasm66]

thanks for your comments

You are right, unplugging a cable can be an effective solution