Can Firewalls Protect Computers from Hacking?

[liokaiser]

is it possible to hack a computer if it has a firewall?

 

[dduardo]

Simple Answer: Yes

Long Answer: If a hacker knows your ip address they could run a nessus scan to find any vunerabilities that will allow me to gain access to your computer. With this information they would download the hack coresponding to the exploit if they don't already have it on their computer. Once in your system they can use a program to escalate their user previlages. From there they could steal or deface anything they want. Depending on how well you configure your firewall and services (web server, ftp, telnet, ssh), will determine how difficult it would be to gain access.

By the way. I think I hear your boss calling you from Max Online

 

[Greg Bernhardt]

is it possible to hack a computer if it has a firewall?

No system is absolutely safe, that is just a general principle. What type of firewall you have is important. Those client firewalls like zonealarm are better than nothing and keep out the script kiddies, but won't do a thing if a hacker knows what they're doing. Firewalls on a router however are a lot better because it's hardware based and the contact point is away from your computer.

 

[liokaiser]

Thanks for the replies.

dduardo, how do u know?which country are u from?


i like to learn more about internet security and how i can protect my pc.
any pointers on where to start?or perhaps some books?

 

[dduardo]

liokaiser, I'm from the US. Do a google search on traceroute.

The best way to protect yourself and learn about security is to use linux. You would be amazed at how tight you can control your system. You can do everything: encrypted filesystems, low level stateful packet filtering, chroot jails, mandatory access control policies, intrusion dectection, honeypots, security auditing, etc.

I recommend using Gentoo Linux. Although the install is said to be someone complicated (Personally, I don't think it is), the Gentoo group did an excellent job writing step by step instructions. If you follow the instructions you should have minimal problems. When you do install make sure you have plenty of time on your hands. Depending on how fast your computer is, how fast your internet connection is, and how experienced you are, the install can take anywhere from one day to a week. You can stop anytime in the middle of the install and start again anytime.

Here is their site:
http://www.gentoo.org/

You can download a cd image from here:
http://www.linuxiso.org/distro.php?distro=45

The installation manual is here:
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml

If you want the to learn about the adding security features read this:

http://www.gentoo.org/doc/en/gentoo-security.xml

Once you finish the install here are some applications you might want:

http://www.insecure.org/nmap/
http://www.nessus.org/
http://www.snort.org/
http://firehol.sourceforge.net/

To install these applicaitons in gentoo simple do:

emerge nmap
emerge nessus
emerge snrot
emerge firehol

Here are some generic security sites:

http://www.securityfocus.com/
http://www.astalavista.com/
http://www.us-cert.gov/
http://www.sans.org/index.php

 

[liokaiser]

dduardo,thanks for the detailed guide.

i will work on it soon.

 

[The_Professional]

is it possible to hack a computer if it has a firewall?

YES, if the firewall is configured improperly. Disabling unneeded services adds another layer of protection as well.

 

[PRodQuanta]

I am in the process of reading Hacking for Dummies. All of the below has been explained in the book. Very, very interesting.

Paden Roder

P.S.- Of coarse I am an Ethical Hacker.

 

[Anttech]

Hacking is a missused term IMO, a hacker is in the open source community is a person who has a deep knowledge of computers programing networks etc etc, a Cracker is one who trys to break into your computer!

Software based client firewalls are a joke, they serve no purpose but to propogate fear. If you keep your system up to date, and disable unneed services (as mentioned above) then you will be safe for 99.9% of crackers... I have reviewed Zonealarm before and it dialogue box pops up when it hears harmless network chatter and claims that it had just "stoped a hacker from compromising your system" Thus propogating fear!

Zone Alarm etc are not statefull firewalls and thus are useless, they do not analyis packets and drop "funny" ones...

If you are that keen on knowing if people are connecting to you Computer, then download something free like TCP viewer for Windows from sysinternals
http://www.sysinternals.com/ntw2k/utilities.shtml

If you think you need a firewall then buy a proper one like a Cisco PIX that does proper deep scanning of packets NAT (DMZ) VPN etc etc...

To be honest a NAT device is probably all you need as this will wean out most people who are tring to crack your PC... I have been online for a long time and never have had my computer Cracked... At my work we have a LOT of people try to crack our systems, and thus we use proper firewalls IDS etc etc... But that is difference most Black hatter are not after 1 person they are after corporations!

 

[syano]

Software based client firewalls are a joke, they serve no purpose but to propogate fear. If you keep your system up to date, and disable unneed services (as mentioned above) then you will be safe for 99.9% of crackers... I have reviewed Zonealarm before and it dialogue box pops up when it hears harmless network chatter and claims that it had just "stoped a hacker from compromising your system" Thus propogating fear!

Zone Alarm etc are not statefull firewalls and thus are useless, they do not analyis packets and drop "funny" ones...

If you are that keen on knowing if people are connecting to you Computer, then download something free like TCP viewer for Windows from sysinternals
http://www.sysinternals.com/ntw2k/utilities.shtml

If you think you need a firewall then buy a proper one like a Cisco PIX that does proper deep scanning of packets NAT (DMZ) VPN etc etc...

To be honest a NAT device is probably all you need as this will wean out most people who are tring to crack your PC... I have been online for a long time and never have had my computer Cracked... At my work we have a LOT of people try to crack our systems, and thus we use proper firewalls IDS etc etc... But that is difference most Black hatter are not after 1 person they are after corporations!

Agreed, 100%

 

[Dagenais]

i like to learn more about internet security and how i can protect my pc.
any pointers on where to start?or perhaps some books?

Instead of changing your OS, http://www.symantec.com/index.htm has a lot of advice for keeping your PC safe.


They also have an Online Tester.

 

[The_Professional]

Linksys makes those cheap blue/black routers with NAT and other fancy features. A pretty good, adequate protection for the home user. I recommend it. Just don't forget to change the default username and password.

Either that or configure an old box with Linux IPchains. But for that you got to learn linux first ;)

 

[Nec]

I have tried to connect my comp with the old one at the corner using a router, don't know why but blue message is shown up saying "refuse"...
why ?

 

[Concord]

I have tried to connect my comp with the old one at the corner using a router, don't know why but blue message is shown up saying "refuse"...
why ?

(sigh...)

 

[HBar]

I have tried to connect my comp with the old one at the corner using a router, don't know why but blue message is shown up saying "refuse"...
why ?

http://www.catb.org/~esr/faqs/smart-questions.html

 

[Anttech]

lol...

I love that link :-)

STFW... and RTFM :-D

 

[Nec]

(sigh...)

Thanks Senpai for givingme a sigh! :D
Nomikai Ropongi next time ? :D