Help, anyone.
 

As I've stated many times before, I don't know much about computers and software, but I've been trying to use my spyware, virus and firewall stuff and have no idea what the hell I'm doing. I try to use the HELP stuff, but that usually leads to more questions, which eventually leads to frustration and eventual disgust. Actually, I think I've totally muffed up my computer, but none the less I still have some questions for any computer expert who will offer any advice (preferably in layman's terms). BYT, I thank you in advance for any help offered.:)

My first question is......IP address. What is it, what does it do, what can bad people do if they get it?

I thought every computer has an IP address that identifies it, kinda like a license plate on your car. And, if someone gets your "plate number" they can use that to find out other info. on you, or your computer rather.

Now, I started this firewall thing (McAfee) and every two seconds it's giving me some warning about what I have no idea, but I'll get to that later (depending on if I have any takers in the advice department).

Anyhoo, I was looking at the Activity Log and noticed that it tells me what my *current* IP add. is, but a few lines later gives a *different* IP add. What's with that? I thought every computer has *one* IP address.

Then, I look further to see that a "previous IP add." had been "released". When and Why does this info get "released"?

So, does my computer, or the software give me a new IP if one is released?

An IP address is sort of like a phone number or street address. It's your address on the 'net.

Since you access the internet via a modem, you get a different IP address every time you connect to the internet.

All internet communications are done by IP addresses. Even when you type in a website name, your computer checks a list to see what that website's IP address is before it tries to go to it.

I don't know about the firewall thing, except that most file-sharing programs, like Kazza, Gnutella, and WinMX will generate false alerts on firewalls unless you configure your firewall correctly.

Paranoia about people "knowing your IP address" is sort of absurd. It's not a big secret, at all, and security through obscurity isn't a reasonable practice. There's very little an embittered individual could do knowing solely your IP, and even if they /did/ do something, you could sue their ass.

The same goes for "Evil people might know your IP! Click here to be super-safe!" ads: not unlike contemporary phone numbers, your IP is everywhere, attached to everything going in or out of your computer. In terms of "stalker information", an IP is up there with what shirt you wore last. It's mundane, it's easy to know, and it really doesn't mean anything to "bad people" on its own.


I feel like I should edit this, or just magically make it more coherent, but I can't be bothered.

Thank you Juju and Shunks.:)

Do you know what NetBIOS is? What does it do? My firewall said it "intercepted and blocked" NetBIOS. Is this good or bad?

Back to the Activity Log...
It shows that it has "blocked incoming and outgoing TCP", "blocked outgoing UDP", and "blocked incoming ICMP". What are these things and is it good that this stuff is being "blocked" by my computer, or should my settings be changed?

First things first, in order to send/recieve information over the internet or a network your computer must know what type of information/command it is. This is where ports come into play. All information send and recieved by your computer has a specific port ID number associated with it. One example would be HTTP traffic (web surfing) which uses port number 80. The ports identify what type of information is being sent or recieved. That being said, below I put some rough definitions of the technical terms you mentioned. Its not too important that you know what the abbriviations mean, just as long as you know what they relate to.

[list=1][*] Netbios: This is a commonly used network protocol. It allows other computers to give your computer commands or messages. Your firewall probably blocked it as a safety precaution.[*] TCP: This is an information exchange protocol. Most forms of internet traffic use this. When it says TCP traffic was blocked it probably means your firewall has a built in pop-up blocker. You can disable this in your firewall options menu.[*] UDP: (outgoing): This refers to information being downloaded from your computer by another person. This is common in filesharing programs such as Kazaa or WinMX. The firewall blocked it as a precaution (it doesn't know if the person downloading stuff from you is a hacker or not).[*] ICMP: Mostly known for the Ping command. Some ISPs and websites will ping you to see if your still there. The firewall blocked this because pings, while mostly harmless, can be used in attacks on you computer. [/list=1]

As for whether or not this is bad or good: it depends on what your doing. If you are using programs that make use of the internet (ex. Kazaa, AIM, or certain games) then you want to look up in the manual or help section of your firewall on how to give these programs unrestricted access. Its usually a list you simply add the programs to.You might also want to check the security level setting of your firewall. This is usually high, medium, or low security level. Its best to set it at the medium level. This will block most malicious traffic while not being a pain in the butt. Last thing, those messages you recieve about whats being blocked, can usually be disabled in the options menu. The firewall will still work, it will just do everything in the background instead. I hope this is of help to you.

Info. much appreciated Razorfish.:)

So are these port numbers universal? Meaning all computers use the same ports to send the different "types" of info.? I also saw something about port 1030 (ephemeral), what is that used for?

So is it OK to unblock Net BIOS? If I leave it blocked, what am I restricting myself from?

What other kind of info. is exchanged through TCP? I don't mind not getting pop-ups, but is there anything else I'm blocking that I might want to see?

TCP/IP is the underlying protocol of the internet. It dates to the 1970s, and most communications on the internet use it.

I tried to run a firewall for a brief time, but then I realized that I was only using a firewall to make myself feel cool, and to create an irritance for me to endure. I couldn't really think of a good reason to keep running it, so I stopped.

Why are you using a firewall?

If you on a network you want to keep NetBIOS open. If your using dial-up or a cable modem there is no real purpose to having it open (or closed for that matter). The easiest way to enable all useful and good TCP traffic to come through is to put your internet browser program (Internet Explorer, AOL, or whatever) on the list of programs with unrestricted access. Its in the options menu on most browsers.
If your worried about hackers, don't. The odds that your computer, out of the millions on the internet right now, will get hacked is really low. Most hackers go after the big fish (major websites and coporate servers) and hacking someone's personal computer wouldn't be too useful. Most viruses come from people opening email with clever titles like "I love you" . I had Zone Alarm (another firewall program) on my computer for a while but all it did was slow my system down and give me email problems. While firewalls can be good, their not always neccessary.

Wrong, wrong, wrong. There are viruses out there now that will guess your IP address and install themselves onto your computer if you don't have the right ports blocked. You don't even have to download anything. It finds you. You <i>need</i> a firewall if you want to avoid viruses.

I have been told that the most commonly used Windows exploits are done via NetBIOS. I wouldn't recommend unblocking it. If you do, you'll probably just get hacked. But at least people will be able to browse all the files on your computer.

Anyway, yes, all ports numbers route traffic to the same programs on all computers. Usually. Here are a few example lists.

http://www.chebucto.ns.ca/~rakerman/port-table.html

http://www.iana.org/assignments/port-numbers

No. Yes its possible for hackers to take advantage of an unprotected system but the odds are still quite low. NetBIOS is a common entrance point but if your running XP and you patch when neccessary the threat level is really low. I never said having a firewall is a bad thing, its more good than bad, but major worry about hackers obsessively is not warranted. If you use a dial-up connection the risk is very low. If you have a broadband connection (cable modem or DSL) its recommended you maintain a firewall (as broadband is online always). I personally use a router, but thats just my preference. Software routers such as Zone Alarm and Norton Shield gave my system problems so I made the switch.

Firewalls are important to your computers security, but they shouldn't cause more problems than they prevent. If I had to make a recommandation, I would say keep the firewall and remember to properly configure it. Most firewalls have a built in list that you can add programs to, giving them access, and not setting off the firewall.

My apologizes. I should have made that more clear in my last post.

At this point I'm not really sure why. I thought they were good to have for security purposes. I realize I don't have any info that anyone would really want on my computer, but I don't want some virus or worm or something getting in and f-ing up my computer worse than I have f-ed it up. If something got in I would have no clue how to fix it. I can't get the damn thing to work properly without any other outside problems getting in. I have Win 98 so the stuff that attacks XP doesn't apply to me (I guess). I have SpyBots, AdAware, and McAfee Virus Scan. So, if I use these progs. maybe I don't need a firewall, as it is seeming to cause more probs. than it's worth. Comments anyone, should I disable my firewall?

I'm not paranoid about hackers, I just don't want personal info. like credit card numbers, bank acct. info., and passwords floating around for anyone get access to.

PS...thanks again for everybody's input and info.:)

So which ports should I block and how do I do it?

So, blocking NetBIOS is good for me since I use dial-up and I won't be missing out on anything?

Thanks for the links:) .

I use dial-up because that is the only thing available to me where I live, but I have Juno Speedband. Is that a form of "broadband"? Actually, a better question is what is "broadband"?

On the topic of JSpeedband, I think e-mail and internet stuff downloads (uploads?) quicker except for pics they are "fuzzy" so if I want to see a "clearer" pic I have to click on "show original image" and then it redownloads the pic. This is rather annoying because I end up spending just as much time, if not more doing this everytime I want to get a clear image. There is a settings thing where I can adjust this, but it seems if I set it to show the original image then it is much slower, so what is the point of having it in the first place. Is JSpeedband a waste of time and money?

What's a router?

I guess that's my main problem, I don't know the best way to configure the thing. Not sure which programs to add or remove.

Re: Help, anyone.
 

WHYY and the Inky used to carry commentary from the CompuDudes. They have since move on. But their Philadelphia discussion group continues as www.bitzenbytes.com .

The Arcanum section archives technical dicussions that include many on IP addresses, etc. I recommend that you read many of these at:
http://www.bitzenbytes.com/101/101.htm

Then follow up here (or there) with questions.

The good technical discussions can never be understood on first read. With second and maybe third read, then even more is learned.
1) It is a good set of detailed and rather informative topics.
2) It proves there are people in Philadelphia that do know technology.

Rather than post a long answer, instead, I posted a long list of posts. Easy for me. Too much reading for you.

tw thank you for the links.:) I will spend some time reading those. And, maybe post in a new forum. (scary:eek: )

NOTE: Following question is sarcasm:rolleyes:, joke:p, funny:biggrin:, haha:haha:, not ment to incite a riot:angel:, etc. You get my point, I hope?:confused:

So, tw, is this a nice way of telling me to stop wasting space in the Cellar and ask my stupid questions in another forum, hence waste space elsewhere?;)

Ask away, BUGZ. Nobody is forced to answer. I'll bet there are plenty of us non techies that can learn much from these discussions. I certainly have. :)

I was kinda wondering if *I* was the only one who didn't know this stuff. I've been a little hesitent to ask since I know that the regulars pretty much know their shit (computerwise anyway;) ). I really appreciate everybody's help and info so as long as they are nice enough to answer I'll keep asking. BTY, Bruce those links tw posted look like they will be really helpful, you might want to check um out too.:)

Sorry about making things so confusing. Im not the most eloquent speaker (or poster for that matter).

Dial-up internet means you sign in with a user name, dial into some telephone number, computer makes a bunch of funny noises, and your on the internet. Broadband comes as DSL line or a cable modem. This means no dialing in; you just click the Internet Explorer icon and your on the Web.

You mentioned something about images being blurry when you use your internet service. This is probably your ISP (Juno) compressing (making smaller in file size) the images so they download to your computer faster. This is common with dial-up service as pages with a lot of images can take a long time to load.

As for configuring your firewall: Im not too familiar with Macafee firewall but the link below might help.

http://ts.mcafeehelp.com/

Also, if your firewall came with a user manual, it might have a walkthrough on how to configure it.

[quote]Originally posted by Razorfish
Sorry about making things so confusing. Im not the most eloquent speaker (or poster for that matter).

No worries. You haven't confused me I just don't know much so I keep asking questions as terms or whatever come up when I don't know what they are or mean. I appreciate your help.

You mentioned something about images being blurry when you use your internet service. This is probably your ISP (Juno) compressing (making smaller in file size) the images so they download to your computer faster. This is common with dial-up service as pages with a lot of images can take a long time to load.

Yes, I think that is what the "Juno Speedband" does. The images aren't really blurry, it just looks like their resolution has been compromised in order to speed up the download. Like I said I can change this, but it leads me to wonder what the purpose of even having speedband would be. I originally upgraded my service to get it because I thought everything would download faster and it does, it's just that I have to click that "show original image" then wait for it to redownload, so I'm wondering what the advantage is now? Doesn't seem to be one :(.

As for configuring your firewall: Im not too familiar with Macafee firewall but the link below might help.

http://ts.mcafeehelp.com/

Also, if your firewall came with a user manual, it might have a walkthrough on how to configure it.

Yes, I'm sure that link will help, thanks. Unfortunately no manual, that's what I get for "borrowing" the program from a friend.;)

PS...you missed one, what's a router?:)

It allows multiple computers to talk to each other and allows them to share the same internet connection. It doesn't work with dial-up, though.

For example, there are three computers in my house. Two for me, and one for my wife. They are all plugged into my router, and my router is plugged in to my DSL modem. And so, all three computers can be on the internet at the same time.

Thanks, Juju.:) Since I only have one computer and have to use dial up that's one less thing to worry about. Did you read my other post to you in here, well anybody can answer, but it refered to stuff you posted that I had questions about.

Ya know, I used to think this too. "Little fish in a big pond, no one is interested in me". Then, my router died. To access my DSL , I had to hook the computer up directly to the modem. I had it like that for about 4 hours (one Sunday evening, until I could get a replacment on Monday).

Shortly after I replaced the router and powered up the system, I noticed the network activity light was getting HAMMERED on the DSL modem, and I wasn't doing anything.. I disconnected the network cable from the desktop and the activity went away.

Too make a long story short(er), my investigation showed that in the 4 hours my system was on the web without any protection, I'd been hit with 6 different types of attacks, which resulted in 6 trojan or back-door programs being installed.

It took me about 3 days to recover that machine.

Just a bit of news here - do you know HOW they "go after the big fish?". They either get a zillion "drones" (otherwise known as unsuspecting desktops) to participate in one of the many types of concerted attack known as "Distributed Denial of Service" OR they can use your little fish system as one of a series of machines they use to acces and attack OTHER machines - hoping to direct attention to YOU in case someone gets on to them.

Interesting, so LITTLE fish need BIG guns after all.:rattat:

Man, that sucks. It must have been someone trolling for unguarded IPs (using Nmap or one of the other various hacker tools) to test viruses. Or it could have been other infected machines getting into yours.

Yes im familiar with denial of service attacks and bug exploits (i.e. the SQL slammer) used by hackers. Your right about being totally relaxed about security, it can pay bad. I know the odds my machine will be attaked are low but if it was, my router would be worth every penny i spent on it.

If a router just connects multiple computers to the internet, how would it fend off outside "attacks"?

I don't know all that much about this; I just pretend to.

For firewalls, I think that the idea is to block ports that software you run doesn't use.

I suppose that I had considered a router to be a hardware-firewall, with the computers connecting to the hub/switch which connected to the modem which connected to the router. I haven't tinkered with them though, so I don't really know.

I've traditionally had the 'little fish, big pond' variant of: "I'm a little fish on a 56k modem and I usually don't receive email attachments."

Lovebugz; I imagine that there are probably a lot of us here that don't know much of this.

Routers
 

A router is a small box that sits outside your computer. It serves a dual purpose: to allow multiple computers in your house to use the same internet connection (as oppose to paying extra money for each computer to have its own internet service) and it contains special software (known as firmware) that scans incoming and outgoing internet traffic for potentially malicious activity (i.e. someone attepting to hack your computer). You would connect your computer(s) to the router and connect the router to your modem (most likely a cable or DSL modem if your using a router). I find that my router works better than any internal software (such as Macafee). The router doesn't slow my system down (because it runs as its own separate device) and it automatically recognizes good traffic from bad traffic (I had some configuring to do but not much). The router also allows me to add computers to my internet connection, should I choose to do so. Personal routers generally cost between $50 and $150 depending on your needs (IMPORTANT: these prices are more if you want to use a wireless router, meaning a router where you woulnd't need to run cable through your house, which can be a huge pain)

In your case LUVBUGZ, I would stick with the Macafee software. Protection is always a good thing. You might also want to ask the person you borrowed the software from on how to configure it properly. This way the firewall is working at its best efficiency while not getting in the way of your internet activity.

This post was edited to include the price thing.

Thanks for router info Razorfish.:)
I'd ask the dork I "borrowed" it from, but he "borrowed" it from his friend and has no clue either. I think the McAfee help site is where I'll figure it out, thanks again for that link.:biggrin:

No reason to deny either board the amusement of your questions.

Windows programs came/come with some ports open that really should not have been. Two easy ways to get malware into your system is via NETBIOS and port 135. Both should be closed.

What ports are open? Shields Up at www.grc.com is a excellent report. But so often used that best to access it at weird times. Also in his freeware are some programs to close those 'should not be open' ports. Noshare.exe, Shotthemessenger and DCOMbob are three programs that would make the computer more malware resistant by closing those ports for you.

tw, I'm glad to provide the amusement and grateful for the advice I'm getting here. Haven't been able to access my computer lately, trying not to get burnt alive here in San Diego, no power for about 5 days and won't be back up for another 5 or so. On a generator for now. Thought hard about taking the computer when I evacuated, but considering all my problems with it I decided if it burned up I would be ahead of the game. Anyhoo, just wanted to thank you again for the latest info. you have provided.

LB:)