[Dshield] Re: A few followup points

Susan pobox2 at pinn.net
Wed Mar 20 19:03:42 GMT 2002


Very similiar to what I've got here, we really are invisiblle to the 
outside. soho expensive but worth it. plus also got the addon software 
on each machine. Plus heavy traffic sniffing and real time stats.

 >Having run numerous corporate firewalls for a living, when it came 
time >to get my DSL connection live, I never considered anything but 
putting >up the firewall first before ANY connection.  I use a SonicWall 
SOHO, >and although pricey (about $500), my systems are completely 
invisible >from the outside.    However, I still run Norton AntiVirus, 
McAfee Anti >Virus (Depending on the machine, some are corporate, and so 
run the >software specified by my employer), and Zone Alarm.

However the problem still remains, what's coming in via email that 
causes the machine to try to connect out to unknown addresses? And that 
still leaves me with an unanswered question about what's being shipped 
out... passwords? Mac addresses? home net ip's? available 
software/ports/useraccounts? Sure they may be interested in the mail but 
if they can manage a connection at all then they can manage the rest I 
am real sure having just a bit of info to start with. One little 
unnoticed shellscript download can open a major hole.

Does anyone know if linux RH 7.2 requires netfs to load the xwindows 
graphical interface? It would seem the machine wouldn't need it but it 
doesn't seem to want to go away. I don't mount any network drives so why 
would the machine be requiring it. I can still start it at the text 
login from startx so obviously it's not truly required... also how do I 
resolve that .va.comcast.net address and the dallas.net address I picked 
up last night does anyone know? I called my ISP and they said that that 
account number doesn't exist. Still I was obviously connected to 
aux-209-whatever.dallass.net:http so that should resolve. Is that the ip 
address in there just funny with the - - like that do you know? I did 
block the number address just hoping by chance it was the right one.

Also I got ISDN installed in here and don't want it either is that 
required? I already took out ppp so it shouldn't be working anyway.

Thanks
Susan








More information about the list mailing list