i need some help.
i'd like to be secure, but...
i'd also like to avoid any hassles. <more on this later>
1st, my config...

cable modem>
SMC Barricade router>
2 computers>
running WinME

the issue i have concern for is a firewall.
with the hardware router, would you say it's required?
i can get Black Ice or Zone Alarm Pro...

or Norton's version, but i hate the way Norton progs take over the system.

IF i implement firewall software, will i have all sorts of problems with FTP D/L's, file sharing, ICQ, IRC, etc...???

if i have to disable the firewall to do the downloads, whatnot...
where is the sense in having it?

Please shed some light on this for me!!
i've found some great ppl in this forum, who've helped me max my connection.... now i need to secure it. or at least know i'm set.
thanks!! :) :D :) :D :)

actually, i just found this... with "The Cleaner" trojan scanner

Aristotles
* c:\WINDOWS\SYSTEM\BPCPOST.EXE


i did a NAV scan after, that was negative.

Thanks alot. i should pay more attention.

Originally posted by N2~O/C
i need some help.
i'd like to be secure, but...
i'd also like to avoid any hassles. <more on this later>
1st, my config...

cable modem>
SMC Barricade router>
2 computers>
running WinME

the issue i have concern for is a firewall.
with the hardware router, would you say it's required?
i can get Black Ice or Zone Alarm Pro...

or Norton's version, but i hate the way Norton progs take over the system.

IF i implement firewall software, will i have all sorts of problems with FTP D/L's, file sharing, ICQ, IRC, etc...???

if i have to disable the firewall to do the downloads, whatnot...
where is the sense in having it?

Please shed some light on this for me!!
i've found some great ppl in this forum, who've helped me max my connection.... now i need to secure it. or at least know i'm set.
thanks!! :) :D :) :D :)

Hi There N2~O/C
What firewall you decide to go with is totally upto you..
In this forum Some say go with Z.A.PRO Some say Go with Tiny..
I Take it that you have no experiance with firewalls and or rulesetting one so i say go for Z.A...Cause with tiny personal firewall you have to know how to set up Rules for it and so on..
Not to mention Zone Alarm Or Zone Alarm pro (they are both the saught of firewall that you download::Install::Set to High Safety::And the jobs done....
(*My suggestion would be to download zonealarm *Free edition* and get the feel of it...then get Z.A.Pro and worry no more..~*)
-You can get the Firewall at-
www.zonealarm.com

_You Said_
If i implement fIrewall Software , Will i have all saughts of problems with FTP , D/L's , File Sharing ,ICQ , IRC , eTc

Let me tell you that you will have no problems with downloading whatso ever....that will be just as it was...
ICQ-Lets say you choose to go with ZA , or , ZAPro...When you open up I.C.Q The firewall will say something like

I.C.Q PRogram
is trying to connect out to ip *********
using port ***
Do you give permission for this program to access the internet.
All you do is click on the little box in the bottom right hand corner of the allert whitch says *yes i do* and remember this*

Youv'e now given I.CQ Permission to access the internet whenever the program needs to...so it will run as normal..

The same concept apply's to IRC..You will recieve the same Kind of allert though it will be IRC Trying to access the internet..and do as above and it will be as normal..

And No...There is no reason to disable or shutdown the firewall whilst downloading...

Basically the firewall should run at StrartUp and should protect you until you disconect from the net and or shut down your pc....

Hope I HeLped...anything else you whanto know feel free to ask us all.
till then
CyA;) :D :)

Tiny Personal if you are comfortable with rulesetting. It is totally configurable to what you want.
ZoneAlarm if you want an application based up and running firewall with some configuring for network.
Sygate is a third option. Same deal as ZoneAlarm.

All of these will only report outbound connections so BlackIce would be out of the race because it only reports inbound.

There were AOL issues with ZoneAlarm. May be fixed in ver.2.6.88 (free) and the Pro version. Trial and error in most cases. Haven't used ICQ or AOL ever.

My setup is a 2 system network with Winroute Pro through a network card on the connected box. It has tested unpingable (but not claiming that as 100%. Not that silly;) ). WinME on the connected box and W2000 on the other. No firewall on either box yet but we are very carefull what we do/download or activate on either system. Hard to talk my son into using a firewall but I try.

Croc

ok, so Black Ice is no good?
what exactly does it do? i have it on now...
but, i will install ZApro

thanks for the help!

No One is saying that Black Ice is no good...
I Have it running on my pc right now...
Black ice will not protect your pc PROPERLLY is it is a stand alona application..(if it is the only security program youir running)..
thats why im running Black Ice With ZoneAlarmPro...
ZoneAlarm is acting as my firewall and Black ive is my intrusion detection system...Both work great for me..though im going to create a thread and ask for some expertice from the members in reguards to a few settings..~

My Advice....

Let me start a thread about black ice and zonealarm and see what all the members have to say about the 2 working together~2

BID is an "Intrusion Detection Program and a good one at that.

It will not detect any outgoings from your system, therefore (and at the risk of being hung,drawn and quartered;) ) is only half a firewall.

If you run any program with an autoupdate feature or any spyware type program BID cannot stop the connection or the reportback. When it is behind a hardware firewall all incoming is stopped before BID gets a look in. I am assuming SMC Barricade is a firewall as well as a router?

Croc

what i would like to accomplish as the ultimate goal...

is an FTP server.
for this, ppl address you by IP#
we would upload and download skins and maps etc...
but it would mean my IP becoming somewhat private.

i need to know that i'm secure against file deletion
before i create this... and any other "attacks" i could be up against... but leaving one port open i assume?? leaves me open for trouble??

Get Tiny Personal Firewall.

Lose ZoneAlarm.

Learn to ruleset in Tiny. It will do what you want.

As far as the rest goes I am sure you will get the responses you need.

Croc

somewhat public^
man... i been up waaaay too long!

ok, why Tiny? because of advanced options right?

i am in NO way an advanced user... and i don't know even what settings it will offer, much less... which ones i need!!!

i'd like to keep this simple... i don't know if thats possible.

i'm not sure how SMC Barricade works as a firewall, but if i had to guess... it's because it creates a IP, and the LAN comps have each thgeir own IP, that's hidden.
this is why i can share a cable modem w/o ISP knowing.
but i don't know if thats sufficient enuff to keep asswipes out.

ideally, i'd have username/password for the FTP site.
i'd like to monitor the IPs while connected, and know who's connected... this requires certain tools i'm sure...
but, self-policing seems necessary.
i need to be able to block individual IPs who cause harm/damage

Hi
The new version of THE CLEANER from www.moosoft.com is finding the trojan "ARISTOTLES" in a lot of files....even within .CAB files. I have informed them about this, as it would appear to be a false/positive.....this trojan (apparently) is a Mirc induced one...and I never had Mirc on that PC.
I used TRUSCAN and it found nothing within the same folder or anywhere else on my HD.....AVG found nothing, neither did InoculateIT find anything.
If anyone else care to check and or elaborate on this "ARISTOTLES" trojan, it would be appreciated.
PEACE!!!!!!

i'd like to keep this simple... i don't know if thats possible

If you keep it simple you wont be secure. MS OS's are not terribly secure at best. You are running the home pc version - basically no security. Have you considered getting a networked OS? You are opening a major hole in both systems by running ftp ftp is not terribly secure either. If someone gains access to one machine, they basically own the other as well.

You router provides NAT. That is not a firewall, but it does offer some protection as a side effect. It is sufficient to keep people out. However you are opening up your machine to the outside, bypassing that protection.

Tiny was recommended because what you are trying to accomplish requires some very specific fine-tuning. ZA does not offer the same degree of control as Tiny. The downside is that if you make a configuration mistake - or don't understand rulesets - you could find yourself in trouble. No offense, but it sounds like you would need to do a lot of reading and experimentation to get Tiny configured correctly:)

You should have the ftp server in a sort of DMZ, blocking access from that box to your primary machine. Make sure you have a backup of anything you care about on both boxes - you are basically leaving your door unlocked at night!

Just my $.02

Skye

Mirc was never installed on this box either.


ok, with the FTP, i understand what you're saying.
<this sucks real bad :( >
i'd like to know i can share some files and be secure, i guess thats truly not the case.

when i log into an FTP site, ppl also can see my IP
so i'm in trouble there too right?

i dont bank on my machine, only use it for non-sensitive materials,
maybe i should just not worry about it, and if someone deletes my files, just re-install my OS and start over.

Hi N2~O/C
Moosoft has issued a new update to the CLEANER....this one doesn't fing any ARISTOTLE trojans...they did not reply to me, but I downloaded the update and tested it on the same file it said last night had that trojan...now it says it is all clean.
PEACE!!!!

thanks for the word Fredra, much appreciated!

guess i did'nt have a trojan, thats good.

Zone Alarm Pro is a pain in the ass.
Black Ice has'nt reported anything at all.
i'm not liking this whole deal.

Hi again N2~O/C
If I understand you correctly here....
Try Tiny and PM a guy in here called jugernaugt...he is our resident expert on TPF..... now please bear in mind that you MUST grasp the concept and implementation of rulesets with Tiny.
BTW...I am also behind a firewall router and still use TPF to prevent "outgoing".
A lot of people in here use ZA or ZAP and swear by it, I am not going to knock ZA or ZAP, it all depends on what you are comfortable with.....they all work very well.
PEACE!!!!!