Best protection has always been a good firewall and keep it turned on.

...plus:

1. Turn off all unnecessary Services. Don't make it super-easy for hackers to take over your machine and do things like screen-share, turn your machine into a web-server, etc., by leaving these things on if you don't absolutely need them.

2. Turn off File and Print Sharing unless you actually use it. It puts out information that makes it much easier to attack your machine, even if it's behind a firewall.

3. Make sure your firewall's firmware is up to date. You can download firmware and upgrade utilities from the manufacturer of your router.

4. Use a hardware firewall, not a software one! Software firewalls, such as Black Ice Defender, etc., have repeatedly been shown to be significantly less effective than a purpose-built router with a firewall...

5. Don't use software that opens ports to constant 'net traffic unless you must. This specifically includes things like Kazaa or Limewire, chat applications like IRC and AIM, etc. All of these programs introduce specific security risks, and a hacker who's actually trying to attack you (more on this in a second) will definately know what ports these applications use and how to recognize the traffic. They can use that information to attack you through those applications in various ways.

Just because some computer in Korea is port-scanning you does not means that the attacker is in Korea... or that you're necessarily being targeted. There are (literally) tens to hundreds of thousands of computers on the Internet which are being used as "zombie slaves" to help hackers figure out who is vulnerable... and they can then use this information to decide who to attack. Unless (in your RL world) you're wealthy, famous, or otherwise an obvious target... the chances are pretty good that you're getting randomly probed by this computer, not being deliberately attacked.

That said... it's always wise to assume that evil people are:

A. Everywhere.
B. Out to get you in particular.

It's like turning your car's alarm on when you exit the vehicle, y'know? Your chances of that alarm actually being either useful or necessary do not detract from the fact that the alarm does deter potential car thieves to some extent.

But unless you are willing to invest the time/energy/brain power to put powerful logging and network management tools onto your machine and configure them properly... and never run your computer without being physically present at the machine... any half-way decent hacker will successfully attack you. The only good way to stop a good hacker is to use the same tools they do, understand how they can attack you, and actively defend yourself. Passive defenses such as firewalls will basically just slow people down, and defeat "script kiddies" and other not-so-hot hackers. They will not defeat anybody who actually knows what they're doing! The good news is that such people are actually pretty rare (hacking is, after all, pretty heavy-duty computer science) and most "hackers" merely use tools that are well-known and fairly easily defeated.

Lastly... if you really think someone's out to get you, personally... you can call your ISP, which will put their security staff on your side. They will take a look at the activity and determine what's appropriate- and let's face it... they usually know a lot more about such things than most people do, and see (literally) thousands of attacks every day, sometimes every hour. If they think you're being deliberately attacked, they will attempt to trace the hacker's route back to the source (which 99% of the time just leads back to a zombie which may or may not be under control by a hacker operating remotely) and then take up the issue with the ISP that is allowing the zombie to operate from their domain. Since ISPs that allow such things without taking action invariably get blacklisted (meaning that the vast majority of ISPs will filter their IP ranges out've their incoming port traffic, effectively ending that ISPs ability to access the Internet) most ISPs are, naturally, quite eager to stop would-be hackers, even in countries like Korea (which has strong anti-hacking regulations on the books, but is notoriously lax about enforcement).

So... um... yeah... that was probably more than you really wanted to know about hacking lol... basically, you should be scared but you are not helpless... you are probably not being attacked, unless you've managed to really annoy somebody or have something worth stealing... and a phone call to your ISP's NOC (Network Operations Center) can usually get things fixed... fast

That was a really good guide there

Self-Evaluation of security can help immensly also.

Gibson Research Corporation
HAve a look at the 'Shields UP!' page there and have a test. i DELIBERATLEY blocked my WLAN router from using IDENT to sompletely seal up the ports.

Updates, patches, and the like are absolute MUSTS! Not having a reverse DNS also helps, But, as Argh said, it is incredibly unlikely that someone is tracking YOU in particular, but it pays to be paranoid.

From experience, i once had two sequential attacks from two DIFFERENT computers in CHINA, to two DIFFERENT destination addresses (Dynamic IP) with the SAME virus, in two minutes (I was playing halo SP at the time). Shut the computer off, made a report, went to sleep, go up the next morning, never happened since. (I ran a virus scan to kill the intruders)

And the Dictum of 'know thine enemy' comes in very handy here. i tend to immerse myself in every single usable hacking program, RAT, antivirus, firewall, protscanner, etc. software i can find to the point that my schools system admin has learnt stuff from me, i have other students that PAY me to secure thier computers.
I am NOT advocating hacking, i am saying that knowing how they work is the best way of adaping yourself. if you know what they are going to do, you can stop it before it happens.

And, if all else fails, there is one thing that always works:
Pull...the...cable...out


Have fun.
Arania

hehe thx guys, pretty elaborate explanations, I humbly thank you

well I just ran a scan, and here are the resolts

---

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice

---

and file sharing test...

---

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

---

WOHOO!! All green and I only have Norton 2002....and not TOO MUCH up to date

but just one thing..uncommon for my Windows based PC to share any information?!? hmm..I guess Doctor from "I, Robot" was right..pockets of code can eventualy evolve even on Windows

where did you find that test thingy?

link Arania posted..

On home page click on ShieldsUp, scroll down under Hot Spots and click ShieldsUp, than proceed and choose the service



Edited by - Leonhart on 8/22/2005 9:18:08 AM

nvm, i found it right after i posted

Sucks to be YOU!!

no it doesent, i got perfect scores on the test

surprisingly...my computer did too....

that is a surpise, Wolfy - that it even booted up to allow you to do the test at all!

WHAT COMPUTER? perfect score

I'm on a network. Helps somewhat, as the server itself is the only thing that gets hacked, and it has about a gajillion security measures. I accidentally left my firewall off for a week without anything happening *checks* oh wait.... its still off... oops. *turns back on*. My point exactly

Nortan antivirus 2005, no matter how bloody annoying, is very helpful too. Although it doesn't seem to understand that FLSERVER SHOULD BE PERMITTED....... *seethes*