Quote:
Originally Posted by supernova1965
I wish you luck if that is all you use but the people who want in will not be stopped by a hardware firewall they eat them for breakfast.  |
I have had a system up and running for over 3 years with just a hardware firewall, it hasn't had a single malware/virus/worm infection in that time.
If you understand this stuff, it is easy to keep the script kiddies with their port scanners at bay.
If someone somewhere decided for some unknown reason to target hacking just your particular computer, then sure, someone could possibly get in, but it isn't going to happen. Infections that come from just leaving the Windows machine connected to the internet are pretty basic ones, and easily stopped.
The middle attacks mentioned still requires you to have your hosts file unlocked (not recommended) click on a dodgy link in an email, or open a dodgy file i.e. have *you* deliver the payload. Using OpenDNS protects you from this sort of attack too and is easy to set up and great if you take your laptop on the road for example.
People get either too worried about this stuff, or not enough.
If you don't open odd attachments, do not download pirate software or dodgy videos and are clever enough not to click on links from dodgy emails, then a decent firewall and a once a week/month boot scan will keep you well and truly clean. Quite possibly in better shape than those who have their machine bogged down with permanently running AV suites.
Be sensible, have a decent firewall, use openDNS instead of your ISP DNS, do your backups and scan once a week or so from a boot CD/USB stick and you will be fine.
If you do end up doing something silly, your weekly bootscan will pick it up (whereas a full-time AV program might be compromised, the bootscanner won't be) and you can remove it quickly.