Re: Virus Dowloader.Small.54.2

I've always heard blackICE was a problem. I dont even use a software firewall anymore. I was a fan of AVG, then I used trend micro and liked it more. Now I am using Avast and it found all kinds of crap in my downloaded files that both AVG and Trend missed.

Re: Virus Dowloader.Small.54.2

blackice has some issues for instance if win2k is connecting to samba server, i had to add the server ip to trusted otherwise problems would occur. (have to figure out the ports sometime)

Yesterday i found our accounting software Sage Line 50 gives slow performance when blackice is enabled. I had been troubleshooting that for a while. that is from a win2k pc with the data hosted on samba. i am guessing that the accounts software makes many small packets and blackice inspecting them slows it down. it also occasionally doesnt enable itself on boot, i find that on some client pcs.

i would say that if the router has a good firewall then a local firewall is not really needed anymore. however on dial up at major ISPs here in Greece a firewall is a must, trojans trying to connect every few seconds. It was an eye opener for many clients when i first installed blackice on their pcs.


here is my office pc's log from blackice. doesnt look bad.

Re: Virus Dowloader.Small.54.2

Software firewalls are junk anymore get a good router with NAT/Packet inspection.

Re: Virus Dowloader.Small.54.2

I found the best way to protect computers these days is with a linux box and good internet habbits (avoid using Internet Explorer-err Exploder, or Outlook, err LookOut!. The linux box will take care of the direct port attacks, and I suggest something like Symantec Corperate Antivirus to take care of virus issues. Where dlinks have smoked up after overheating, belkins had given out, linksys's have been bypassed and hacked through/rebooted, and my trusty cisco 5000 was made into a mash and required a complete nvram reset more than once, my linux box prevailed.

The easiest way I've found to do that is smoothwall htt://www.smoothwall.org loaded on a junk comp loaded with a few network cards. It'll install in about 10 mins if you can cd boot, longer if you cannot.(you can use smoothwall's boot floppies or Smart Boot Manager if you have a computer which cannot cd boot and have an ATAPI drive) has a great manual to go with it, a good community, is extremely easy to use/configure/modify, and is free.

I personally like to use P3 450's or equivilent for that purpose with at least 32mb of ram (I overdid mine and made it 192mb, although mine runs folding@home too) and 3 old DECnet cards.

If you have a good board with good caps, a power supply to match, a small hdd (mine is only 450 megs), then network troubles for you will dissapear. just to give you an idea, my smoothwall's uptime is now 167 days, and that's only because we had a power outage which lasted 8 hours (my UPS is only good for 3 hours on that box) 167 days ago.

since 3.0 is currently unfinished and has some major flaws, for the moment I would reccomend sticking with 2.0 express.

Re: Virus Dowloader.Small.54.2

I use 486 box for that:
UMC GreenCPU U5S/33 (486SX class, 5V, no need for heatsink), TD-4IP-UMC-AIO board (probably made by ECS, UMC chipset), 32MB EDO RAM (yes, the board supports EDO), WD 4.3GB HDD (that's a little too big but I used it because it's quiet), two ISA network cards (one is HP, one is Genius NE2000 compatible) and PCI wifi card (LG LW1100P).
It runs slackware-current.

Re: Virus Dowloader.Small.54.2

I use a P200/MMX on a BCM 430VX board, two NICs, 16 MB of RAM and a 120 MB HD (no typo) to run Routerlinux (http://www.routerlinux.com). It only requires 4 MB of RAM and about 12 MB of disk space, but not many 20 MB IDE hard disks have survived to this day. It will also run on a GCT/Allwell 1030N or similar, where it will run entirely from flash - there are no moving parts on that machine except the CPU fan, and I've replaced that with fully-passive cooling. I've contributed some scripts and packages to Routerlinux - it's basically a very minimal Slackware-like distro based on Busybox/uClibc. It has netfilter/iptables, rp-pppoe, sshd, freeswan/pluto, zebra and lots of other stuff in 12 MB
installed.

I also have a Linksys WRT54G running OpenWRT, but I haven't played around much with that distro.

Re: Virus Dowloader.Small.54.2

I like having full distribution so I can run anything there when needed.

Re: Virus Dowloader.Small.54.2

LOL
I put a 3.5" 25 meg Conner IDE hdd into my 286 when I built it up, and I creep out computer teachers every year with it too . (yes it still works too)

Re: Virus Dowloader.Small.54.2

i think i have enough hardware for a firewall box. i played with smoothwall sometime in the past and it was quite easy. i have been recommended Ipcop though.

http://www.ipcop.org/

Re: Virus Dowloader.Small.54.2

I use Suse right now as my Linux desktop/ router on my AMD slot A system right now, but in the past, I always used Coyote Linux on a single floppy with nothing but 16mb ram and 2 nics, no hard drives. Can't hack root with no hard drive and floppy locked.

Re: Virus Dowloader.Small.54.2





maybe I should take that internetworking class.........

Re: Virus Dowloader.Small.54.2

its like the wild west on the net these days.

anyway i got nowhere and did a repair with the win2k disk which worked fine. installed mcafee this time.