Loading ...
Sorry, an error occurred while loading the content.

Re: Hackers Computer Outlaws on TLC

Expand Messages
  • Terry Smith
    Yes, and thanks for the post. After reading your post I looked at my advanced settings and then turned on Stealth Mode. So, is stealth mode a good idea or will
    Message 1 of 8 , Apr 1, 2012
    • 0 Attachment
      Yes, and thanks for the post.

      After reading your post I looked at my advanced settings and then turned on Stealth Mode.

      So, is stealth mode a good idea or will it interfere with normal ops. So far everything seems to work OK..

      I opened the console utility and set it to watch all messages. It shows that the stealth mode is turning away a lot of connection attempts.

      Terry in Sunnyvale

      Out of Curiosity is your Apple Firewall turned on?
      http://support. apple.com/ kb/HT1810

      Jose :)

    • Len
      Terry, I m not an expert in this area. However, I just read an article on this. It appears to be a problem if you are running Windows XP or earlier.
      Message 2 of 8 , Apr 1, 2012
      • 0 Attachment
        Terry, I'm not an expert in this area. However, I just read an article on this. It appears to be a problem if you are running Windows XP or earlier.

        http://blogs.technet.com/b/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx

        Good luck!
        Len

        --- In svmug@yahoogroups.com, Terry Smith <tsmith8605@...> wrote:
        >
        > Yes, and thanks for the post.
        >
        > After reading your post I looked at my advanced settings and then turned on Stealth Mode.
        >
        > So, is stealth mode a good idea or will it interfere with normal ops. So far everything seems to work OK..
        >
        > I opened the console utility and set it to watch all messages. It shows that the stealth mode is turning away a lot of connection attempts.
        >
        > Terry in Sunnyvale
        >
        > > Out of Curiosity is your Apple Firewall turned on?
        > > http://support.apple.com/kb/HT1810
        > >
        > > Jose :)
        >
      • Irish
        Somehow I missed Jose s posting where it was mentioned if your Apple firewall was turned on. Certainly a good question, but there is more to securing your home
        Message 3 of 8 , Apr 1, 2012
        • 0 Attachment
          Somehow I missed Jose's posting where it was mentioned if your Apple firewall was turned on. Certainly a good question, but there is more to securing your home systems & networks than just turning on your firewall. Do you have a hardware firewall between your internet connection and your systems? Is there antivirus on each system, is it up to date, and do you have it scanning your system & alerting you of issues found? Are you browsing the internet safely, using a locked down browser? Is your system fully updated and patched - both the OS, applications, and other software (like Java & Flash)?

          Some other helpful links for more hints & best/common practices:

          CERT® Coordination Center Home Network Security - https://www.cert.org/tech_tips/home_networks.html

          CERT® Coordination Center Home Computer Security - https://www.cert.org/homeusers/HomeComputerSecurity/

          Best Practices for Keeping Your Home Network Secure - PDF from the NSA: http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf

          Recommended Resources for System Hardening - https://security.berkeley.edu/node/143?destination=node/143


          And since this is a MUG list:

          Checklist Details for CIS Mac OSX 10.5 (Leopard) Benchmark Version v1.0.0 - http://web.nvd.nist.gov/view/ncp/repository/checklistDetail?id=46

          NSA - Apple Mac- Apple Mac OS X 10.6 'Snow Leopard' & Apple Mac OS X 10.5 'Leopard' - http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml#AppleMac

          UT of A - Securing Departmental Systems Mac OS X Server Hardening Checklist - http://security.utexas.edu/admin/macosx.html

          The Ultimate OS X Hardening Guide Collection post from ISC.SANS.ORG - https://isc.sans.edu/diary.html?storyid=12616






          Hmm, sounds like this could be a good meeting topic...



          ----------------------------------------------
          A: No.
          Q: Should I include e-mail quotations after my reply?
          =====================================================
          An often repeated quote on news.admin.net-abuse.email:
          <I>"Spam is not about content, it is about consent".</i>

        • Irish
          ... Enable Stealth Mode - will ensure that traffic that you didn t allow won t receive a response, not even an acknowledgment. The Firewall may be set to
          Message 4 of 8 , Apr 1, 2012
          • 0 Attachment
            >> --- In svmug@yahoogroups.com, Terry Smith <tsmith8605@...> wrote:
            >>
            >> Yes, and thanks for the post.
            >>
            >> After reading your post I looked at my advanced settings and then turned on Stealth Mode.
            >>
            >> So, is stealth mode a good idea or will it interfere with normal ops. So far everything seems to work OK..
            >>
            >> I opened the console utility and set it to watch all messages. It shows that the stealth mode is turning away a lot of connection attempts.
            >>
            >> Terry in Sunnyvale

            "Enable Stealth Mode" - will ensure that traffic that you didn't allow
            won't receive a response, not even an acknowledgment.

            The Firewall may be set to block incoming ICMP "pings" by enabling
            Stealth Mode in the Advanced settings.
            Found at: https://support.apple.com/kb/HT1810


            Also found at: http://docs.info.apple.com/article.html?path=Mac/10.5/en/17133.html
            Mac OS X 10.5 Help

            Home
            Index
            System Prefs Icon
            Preventing others from discovering your computer

            Some sophisticated computer hackers scan networks attempting to
            identify computers to attack. If you’re concerned about security, you
            can use the stealth mode in Mac OS X to make it more difficult for
            attackers to find your computer. When stealth mode is enabled, your
            computer will not respond to “ping” requests and does not answer to
            connection attempts from a closed TCP or UDP.
            To enable stealth mode:
            Step 1

            Choose Apple menu > System Preferences, click Security, and then click Firewall.
            Open the Firewall pane of Security preferences
            Step 2

            If some settings are dimmed, click the lock icon and type an
            administrator name and password.
            Step 3

            Click Advanced.
            Step 4

            Select the Enable Stealth Mode checkbox.

            Stealth mode prevents outgoing traffic like ARP, Bonjour and
            connections to the Internet from giving away of the presence of your
            computer on the network.



            IMHO - yes, it is a good thing to enable "Stealth" mode, unless you
            have another way of monitoring ICMP communications, and managing
            nefarious or outright malicious ICMP traffic.
            IANAL, YMMV, etc...

            ----------------------------------------------
            A: No.
            Q: Should I include e-mail quotations after my reply?
            =====================================================
            An often repeated quote on news.admin.net-abuse.email:
            <I>"Spam is not about content, it is about consent".</i>
          • Jose F. Medeiros
            Hi Terry, Leave it on stealth mode, unless you need to share files on your Mac with other Macs or PC s over a Network, however leaving your firewall on will
            Message 5 of 8 , Apr 1, 2012
            • 0 Attachment
              Hi Terry,

              Leave it on stealth mode, unless you need to share files on your Mac with other Macs or PC 's over a Network, however leaving your firewall on will not prevent you from connecting to a Microsoft server using SMB or an Apple server using AFP.
              http://support.apple.com/kb/HT1568

              If you need to share files with other computers in a home network, it's probably safer just to use
              a USB flash drive to transfer files and leave your firewall on, especially if you use a Wireless router,and do not have WPA2 enabled.

              Jose :-)






              From: Terry Smith <tsmith8605@...>
              To: svmug@yahoogroups.com
              Sent: Sunday, April 1, 2012 10:49 AM
              Subject: [svmug] Re: Hackers Computer Outlaws on TLC

               
              Yes, and thanks for the post.

              After reading your post I looked at my advanced settings and then turned on Stealth Mode.

              So, is stealth mode a good idea or will it interfere with normal ops. So far everything seems to work OK..

              I opened the console utility and set it to watch all messages. It shows that the stealth mode is turning away a lot of connection attempts.

              Terry in Sunnyvale

              Out of Curiosity is your Apple Firewall turned on?
              http://support. apple.com/ kb/HT1810

              Jose :)



            • Terry Smith
              I use an Airport Extreme connected directly to a Comcast Xfinity modem. In the Airport setup utility, I don t see any firewall configuration options or any
              Message 6 of 8 , Apr 2, 2012
              • 0 Attachment
                I use an Airport Extreme connected directly to a Comcast Xfinity modem. In the Airport setup utility, I don't see any firewall configuration options or any mention of the firewall but I do see these assuring words on the Apple web site:

                "Barring the network door.

                AirPort Extreme includes a built-in firewall that creates a barrier between your network and the Internet, protecting your data from malicious Internet attacks. When you set up the base station, the firewall is automatically turned on to keep the bad guys out. For computers with a cable or DSL modem, using AirPort is actually safer than being directly connected to the modem."


                Terry in Sunnyvale



                Re: Hackers Computer Outlaws on TLC
                Posted by: "Irish" irish.masms@...   irishmasms
                Sun Apr 1, 2012 2:10 pm (PDT)


                Somehow I missed Jose's posting where it was mentioned if your Apple
                firewall was turned on. Certainly a good question, but there is more to
                securing your home systems & networks than just turning on your firewall.
                Do you have a hardware firewall between your internet connection and your
                systems?  . . .


              • Jose Francisco Medeiros
                Hi Terry, Base stations, and most all wireless routers have a very basic firewall and use NAT - Network Address Translation, however if you have a laptop, you
                Message 7 of 8 , Apr 3, 2012
                • 0 Attachment
                  Hi Terry,

                  Base stations, and most all wireless routers have a very basic
                  firewall and use NAT - Network Address Translation, however if you
                  have a laptop, you should enable the software firewall built in,
                  especially if you use a Public WIFI such as Starbucks, McDonalds, Etc.

                  If you don''t have WPA2 enabled and some one cracks the WEP or WPA
                  pass phrase http://www.aircrack-ng.org/ or worse you just leave it
                  open, all your TCP/IP packets can be sniffed easily using a tool such
                  as Wireshark, Snort, or any other packet sniffer.

                  Honestly, the more protection the better, having the OS X firewall on
                  only prevents you from sharing out your files to other computers on
                  the home or public network your connected to.

                  Jose :-)
                Your message has been successfully submitted and would be delivered to recipients shortly.