Help, anyone.

[LUVBUGZ]

As I've stated many times before, I don't know much about computers and software, but I've been trying to use my spyware, virus and firewall stuff and have no idea what the hell I'm doing. I try to use the HELP stuff, but that usually leads to more questions, which eventually leads to frustration and eventual disgust. Actually, I think I've totally muffed up my computer, but none the less I still have some questions for any computer expert who will offer any advice (preferably in layman's terms). BYT, I thank you in advance for any help offered.

My first question is......IP address. What is it, what does it do, what can bad people do if they get it?

I thought every computer has an IP address that identifies it, kinda like a license plate on your car. And, if someone gets your "plate number" they can use that to find out other info. on you, or your computer rather.

Now, I started this firewall thing (McAfee) and every two seconds it's giving me some warning about what I have no idea, but I'll get to that later (depending on if I have any takers in the advice department).

Anyhoo, I was looking at the Activity Log and noticed that it tells me what my *current* IP add. is, but a few lines later gives a *different* IP add. What's with that? I thought every computer has *one* IP address.

Then, I look further to see that a "previous IP add." had been "released". When and Why does this info get "released"?

So, does my computer, or the software give me a new IP if one is released?

[juju]

An IP address is sort of like a phone number or street address. It's your address on the 'net.

Since you access the internet via a modem, you get a different IP address every time you connect to the internet.

All internet communications are done by IP addresses. Even when you type in a website name, your computer checks a list to see what that website's IP address is before it tries to go to it.

I don't know about the firewall thing, except that most file-sharing programs, like Kazza, Gnutella, and WinMX will generate false alerts on firewalls unless you configure your firewall correctly.

[Skunks]

Paranoia about people "knowing your IP address" is sort of absurd. It's not a big secret, at all, and security through obscurity isn't a reasonable practice. There's very little an embittered individual could do knowing solely your IP, and even if they /did/ do something, you could sue their ass.

The same goes for "Evil people might know your IP! Click here to be super-safe!" ads: not unlike contemporary phone numbers, your IP is everywhere, attached to everything going in or out of your computer. In terms of "stalker information", an IP is up there with what shirt you wore last. It's mundane, it's easy to know, and it really doesn't mean anything to "bad people" on its own.


I feel like I should edit this, or just magically make it more coherent, but I can't be bothered.

[LUVBUGZ]

Thank you Juju and Shunks.

Do you know what NetBIOS is? What does it do? My firewall said it "intercepted and blocked" NetBIOS. Is this good or bad?

Back to the Activity Log...
It shows that it has "blocked incoming and outgoing TCP", "blocked outgoing UDP", and "blocked incoming ICMP". What are these things and is it good that this stuff is being "blocked" by my computer, or should my settings be changed?

[Razorfish]

First things first, in order to send/recieve information over the internet or a network your computer must know what type of information/command it is. This is where ports come into play. All information send and recieved by your computer has a specific port ID number associated with it. One example would be HTTP traffic (web surfing) which uses port number 80. The ports identify what type of information is being sent or recieved. That being said, below I put some rough definitions of the technical terms you mentioned. Its not too important that you know what the abbriviations mean, just as long as you know what they relate to.

[list=1][*] Netbios: This is a commonly used network protocol. It allows other computers to give your computer commands or messages. Your firewall probably blocked it as a safety precaution.[*] TCP: This is an information exchange protocol. Most forms of internet traffic use this. When it says TCP traffic was blocked it probably means your firewall has a built in pop-up blocker. You can disable this in your firewall options menu.[*] UDP: (outgoing): This refers to information being downloaded from your computer by another person. This is common in filesharing programs such as Kazaa or WinMX. The firewall blocked it as a precaution (it doesn't know if the person downloading stuff from you is a hacker or not).[*] ICMP: Mostly known for the Ping command. Some ISPs and websites will ping you to see if your still there. The firewall blocked this because pings, while mostly harmless, can be used in attacks on you computer. [/list=1]

As for whether or not this is bad or good: it depends on what your doing. If you are using programs that make use of the internet (ex. Kazaa, AIM, or certain games) then you want to look up in the manual or help section of your firewall on how to give these programs unrestricted access. Its usually a list you simply add the programs to.You might also want to check the security level setting of your firewall. This is usually high, medium, or low security level. Its best to set it at the medium level. This will block most malicious traffic while not being a pain in the butt. Last thing, those messages you recieve about whats being blocked, can usually be disabled in the options menu. The firewall will still work, it will just do everything in the background instead. I hope this is of help to you.

[LUVBUGZ]

Info. much appreciated Razorfish.

So are these port numbers universal? Meaning all computers use the same ports to send the different "types" of info.? I also saw something about port 1030 (ephemeral), what is that used for?

So is it OK to unblock Net BIOS? If I leave it blocked, what am I restricting myself from?

What other kind of info. is exchanged through TCP? I don't mind not getting pop-ups, but is there anything else I'm blocking that I might want to see?

[Torrere]

TCP/IP is the underlying protocol of the internet. It dates to the 1970s, and most communications on the internet use it.

I tried to run a firewall for a brief time, but then I realized that I was only using a firewall to make myself feel cool, and to create an irritance for me to endure. I couldn't really think of a good reason to keep running it, so I stopped.

Why are you using a firewall?

[Razorfish]

If you on a network you want to keep NetBIOS open. If your using dial-up or a cable modem there is no real purpose to having it open (or closed for that matter). The easiest way to enable all useful and good TCP traffic to come through is to put your internet browser program (Internet Explorer, AOL, or whatever) on the list of programs with unrestricted access. Its in the options menu on most browsers.
If your worried about hackers, don't. The odds that your computer, out of the millions on the internet right now, will get hacked is really low. Most hackers go after the big fish (major websites and coporate servers) and hacking someone's personal computer wouldn't be too useful. Most viruses come from people opening email with clever titles like "I love you" . I had Zone Alarm (another firewall program) on my computer for a while but all it did was slow my system down and give me email problems. While firewalls can be good, their not always neccessary.

[juju]

Wrong, wrong, wrong. There are viruses out there now that will guess your IP address and install themselves onto your computer if you don't have the right ports blocked. You don't even have to download anything. It finds you. You <i>need</i> a firewall if you want to avoid viruses.

I have been told that the most commonly used Windows exploits are done via NetBIOS. I wouldn't recommend unblocking it. If you do, you'll probably just get hacked. But at least people will be able to browse all the files on your computer.

Anyway, yes, all ports numbers route traffic to the same programs on all computers. Usually. Here are a few example lists.

http://www.chebucto.ns.ca/~rakerman/port-table.html

http://www.iana.org/assignments/port-numbers

[Razorfish]

Quote:

Originally posted by juju
[b]Wrong, wrong, wrong.

No. Yes its possible for hackers to take advantage of an unprotected system but the odds are still quite low. NetBIOS is a common entrance point but if your running XP and you patch when neccessary the threat level is really low. I never said having a firewall is a bad thing, its more good than bad, but major worry about hackers obsessively is not warranted. If you use a dial-up connection the risk is very low. If you have a broadband connection (cable modem or DSL) its recommended you maintain a firewall (as broadband is online always). I personally use a router, but thats just my preference. Software routers such as Zone Alarm and Norton Shield gave my system problems so I made the switch.

Firewalls are important to your computers security, but they shouldn't cause more problems than they prevent. If I had to make a recommandation, I would say keep the firewall and remember to properly configure it. Most firewalls have a built in list that you can add programs to, giving them access, and not setting off the firewall.

My apologizes. I should have made that more clear in my last post.

[LUVBUGZ]

Quote:

Originally posted by Torrere
I tried to run a firewall for a brief time, but then I realized that I was only using a firewall to make myself feel cool, and to create an irritance for me to endure. I couldn't really think of a good reason to keep running it, so I stopped.

Why are you using a firewall?

At this point I'm not really sure why. I thought they were good to have for security purposes. I realize I don't have any info that anyone would really want on my computer, but I don't want some virus or worm or something getting in and f-ing up my computer worse than I have f-ed it up. If something got in I would have no clue how to fix it. I can't get the damn thing to work properly without any other outside problems getting in. I have Win 98 so the stuff that attacks XP doesn't apply to me (I guess). I have SpyBots, AdAware, and McAfee Virus Scan. So, if I use these progs. maybe I don't need a firewall, as it is seeming to cause more probs. than it's worth. Comments anyone, should I disable my firewall?

I'm not paranoid about hackers, I just don't want personal info. like credit card numbers, bank acct. info., and passwords floating around for anyone get access to.

PS...thanks again for everybody's input and info.

[LUVBUGZ]

Quote:

Originally posted by juju
Wrong, wrong, wrong. There are viruses out there now that will guess your IP address and install themselves onto your computer if you don't have the right ports blocked. You don't even have to download anything. It finds you. You <i>need</i> a firewall if you want to avoid viruses.

So which ports should I block and how do I do it?

Quote:

I have been told that the most commonly used Windows exploits are done via NetBIOS. I wouldn't recommend unblocking it. If you do, you'll probably just get hacked. But at least people will be able to browse all the files on your computer.

So, blocking NetBIOS is good for me since I use dial-up and I won't be missing out on anything?

Thanks for the links .

[LUVBUGZ]

Quote:

Originally posted by Razorfish
If you have a broadband connection (cable modem or DSL) its recommended you maintain a firewall (as broadband is online always).

I use dial-up because that is the only thing available to me where I live, but I have Juno Speedband. Is that a form of "broadband"? Actually, a better question is what is "broadband"?

On the topic of JSpeedband, I think e-mail and internet stuff downloads (uploads?) quicker except for pics they are "fuzzy" so if I want to see a "clearer" pic I have to click on "show original image" and then it redownloads the pic. This is rather annoying because I end up spending just as much time, if not more doing this everytime I want to get a clear image. There is a settings thing where I can adjust this, but it seems if I set it to show the original image then it is much slower, so what is the point of having it in the first place. Is JSpeedband a waste of time and money?

Quote:

I personally use a router, but thats just my preference. Software routers such as Zone Alarm and Norton Shield gave my system problems so I made the switch.

What's a router?

Quote:

Firewalls are important to your computers security, but they shouldn't cause more problems than they prevent. If I had to make a recommandation, I would say keep the firewall and remember to properly configure it. Most firewalls have a built in list that you can add programs to, giving them access, and not setting off the firewall.

I guess that's my main problem, I don't know the best way to configure the thing. Not sure which programs to add or remove.

[tw]

Quote:

Originally posted by LUVBUGZ
As I've stated many times before, I don't know much about computers and software, but I've been trying to use my spyware, virus and firewall stuff and have no idea what the hell I'm doing. I try to use the HELP stuff, but that usually leads to more questions, which eventually leads to frustration and eventual disgust. ...
My first question is......IP address. What is it, what does it do, what can bad people do if they get it?

WHYY and the Inky used to carry commentary from the CompuDudes. They have since move on. But their Philadelphia discussion group continues as www.bitzenbytes.com .

The Arcanum section archives technical dicussions that include many on IP addresses, etc. I recommend that you read many of these at:
http://www.bitzenbytes.com/101/101.htm

Then follow up here (or there) with questions.

The good technical discussions can never be understood on first read. With second and maybe third read, then even more is learned.
1) It is a good set of detailed and rather informative topics.
2) It proves there are people in Philadelphia that do know technology.

Rather than post a long answer, instead, I posted a long list of posts. Easy for me. Too much reading for you.

[LUVBUGZ]

tw thank you for the links. I will spend some time reading those. And, maybe post in a new forum. (scary )

NOTE: Following question is sarcasm, joke:p, funny, haha, not ment to incite a riot, etc. You get my point, I hope?

So, tw, is this a nice way of telling me to stop wasting space in the Cellar and ask my stupid questions in another forum, hence waste space elsewhere?