Can Firewalls Protect Computers from Hacking?

  • Thread starter Thread starter liokaiser
  • Start date Start date
  • Tags Tags
    Internet Security
AI Thread Summary
Hacking a computer with a firewall is indeed possible, particularly if the firewall is misconfigured. Hackers can exploit vulnerabilities by scanning IP addresses and using specific exploits to gain access. The effectiveness of a firewall depends on its type and configuration; hardware firewalls are generally more secure than software firewalls. Properly configuring firewalls and disabling unnecessary services can significantly enhance security. Learning about internet security is encouraged, with Linux being recommended for its robust control features. Resources for security education include various Linux distributions, security applications, and online security sites. Overall, maintaining updated systems and employing proper firewalls can protect against most hacking attempts.
liokaiser
Messages
4
Reaction score
0
is it possible to hack a computer if it has a firewall?
 
Computer science news on Phys.org
Simple Answer: Yes

Long Answer: If a hacker knows your ip address they could run a nessus scan to find any vunerabilities that will allow me to gain access to your computer. With this information they would download the hack coresponding to the exploit if they don't already have it on their computer. Once in your system they can use a program to escalate their user previlages. From there they could steal or deface anything they want. Depending on how well you configure your firewall and services (web server, ftp, telnet, ssh), will determine how difficult it would be to gain access.

By the way. I think I hear your boss calling you from Max Online :eek:
 
liokaiser said:
is it possible to hack a computer if it has a firewall?

No system is absolutely safe, that is just a general principle. What type of firewall you have is important. Those client firewalls like zonealarm are better than nothing and keep out the script kiddies, but won't do a thing if a hacker knows what they're doing. Firewalls on a router however are a lot better because it's hardware based and the contact point is away from your computer.
 
Thanks for the replies.

dduardo, how do u know?which country are u from?


i like to learn more about internet security and how i can protect my pc.
any pointers on where to start?or perhaps some books? :smile:
 
liokaiser, I'm from the US. Do a google search on traceroute.

The best way to protect yourself and learn about security is to use linux. You would be amazed at how tight you can control your system. You can do everything: encrypted filesystems, low level stateful packet filtering, chroot jails, mandatory access control policies, intrusion dectection, honeypots, security auditing, etc.

I recommend using Gentoo Linux. Although the install is said to be someone complicated (Personally, I don't think it is), the Gentoo group did an excellent job writing step by step instructions. If you follow the instructions you should have minimal problems. When you do install make sure you have plenty of time on your hands. Depending on how fast your computer is, how fast your internet connection is, and how experienced you are, the install can take anywhere from one day to a week. You can stop anytime in the middle of the install and start again anytime.

Here is their site:
http://www.gentoo.org/

You can download a cd image from here:
http://www.linuxiso.org/distro.php?distro=45

The installation manual is here:
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml

If you want the to learn about the adding security features read this:

http://www.gentoo.org/doc/en/gentoo-security.xml

Once you finish the install here are some applications you might want:

http://www.insecure.org/nmap/
http://www.nessus.org/
http://www.snort.org/
http://firehol.sourceforge.net/

To install these applicaitons in gentoo simple do:

emerge nmap
emerge nessus
emerge snrot
emerge firehol

Here are some generic security sites:

http://www.securityfocus.com/
http://www.astalavista.com/
http://www.us-cert.gov/
http://www.sans.org/index.php
 
Last edited by a moderator:
dduardo,thanks for the detailed guide.

i will work on it soon. :smile:
 
liokaiser said:
is it possible to hack a computer if it has a firewall?

YES, if the firewall is configured improperly. Disabling unneeded services adds another layer of protection as well.
 
I am in the process of reading Hacking for Dummies. All of the below has been explained in the book. Very, very interesting.

Paden Roder

P.S.- Of coarse I am an Ethical Hacker.
 
Hacking is a missused term IMO, a hacker is in the open source community is a person who has a deep knowledge of computers programing networks etc etc, a Cracker is one who trys to break into your computer!

Software based client firewalls are a joke, they serve no purpose but to propogate fear. If you keep your system up to date, and disable unneed services (as mentioned above) then you will be safe for 99.9% of crackers... I have reviewed Zonealarm before and it dialogue box pops up when it hears harmless network chatter and claims that it had just "stoped a hacker from compromising your system" Thus propogating fear!

Zone Alarm etc are not statefull firewalls and thus are useless, they do not analyis packets and drop "funny" ones...

If you are that keen on knowing if people are connecting to you Computer, then download something free like TCP viewer for Windows from sysinternals
http://www.sysinternals.com/ntw2k/utilities.shtml

If you think you need a firewall then buy a proper one like a Cisco PIX that does proper deep scanning of packets NAT (DMZ) VPN etc etc...

To be honest a NAT device is probably all you need as this will wean out most people who are tring to crack your PC... I have been online for a long time and never have had my computer Cracked... At my work we have a LOT of people try to crack our systems, and thus we use proper firewalls IDS etc etc... But that is difference most Black hatter are not after 1 person they are after corporations!
 
Last edited by a moderator:
  • #10
Software based client firewalls are a joke, they serve no purpose but to propogate fear. If you keep your system up to date, and disable unneed services (as mentioned above) then you will be safe for 99.9% of crackers... I have reviewed Zonealarm before and it dialogue box pops up when it hears harmless network chatter and claims that it had just "stoped a hacker from compromising your system" Thus propogating fear!

Zone Alarm etc are not statefull firewalls and thus are useless, they do not analyis packets and drop "funny" ones...

If you are that keen on knowing if people are connecting to you Computer, then download something free like TCP viewer for Windows from sysinternals
http://www.sysinternals.com/ntw2k/utilities.shtml

If you think you need a firewall then buy a proper one like a Cisco PIX that does proper deep scanning of packets NAT (DMZ) VPN etc etc...

To be honest a NAT device is probably all you need as this will wean out most people who are tring to crack your PC... I have been online for a long time and never have had my computer Cracked... At my work we have a LOT of people try to crack our systems, and thus we use proper firewalls IDS etc etc... But that is difference most Black hatter are not after 1 person they are after corporations!

Agreed, 100%
 
Last edited by a moderator:
  • #11
i like to learn more about internet security and how i can protect my pc.
any pointers on where to start?or perhaps some books?

Instead of changing your OS, http://www.symantec.com/index.htm has a lot of advice for keeping your PC safe.


They also have an Online Tester.
 
Last edited by a moderator:
  • #12
Linksys makes those cheap blue/black routers with NAT and other fancy features. A pretty good, adequate protection for the home user. I recommend it. Just don't forget to change the default username and password.

Either that or configure an old box with Linux IPchains. But for that you got to learn linux first ;)
 
Last edited:
  • #13
I have tried to connect my comp with the old one at the corner using a router, don't know why but blue message is shown up saying "refuse"...:cry:
why ? :redface: :cry:
 
  • #14
Nec said:
I have tried to connect my comp with the old one at the corner using a router, don't know why but blue message is shown up saying "refuse"...:cry:
why ? :redface: :cry:
(sigh...)
 
  • #15
  • #16
lol...

I love that link :-)

STFW... and RTFM :-D
 
  • #17
Concord said:
(sigh...)
Thanks Senpai for givingme a sigh! :D
Nomikai Ropongi next time ? :D
 

Similar threads

What is the NWJS virus and how can I protect my computer from it?
Replies
17
Views
5K
(Linux) having trouble connecting Linux to internet/wifi
Replies
12
Views
3K
Firewall parameters and PC security
Replies
12
Views
3K
Has a New Wi-Fi Hack Been Discovered in the WPA2 Security Protocol?
Replies
10
Views
2K
Windows Vista - Internet/Firewall doesn't work
Replies
3
Views
1K
Calculators Anti-virus and Internet Security Software
Replies
29
Views
5K
FBI chief says Russia hacked Republican Party computers
Replies
3
Views
2K
The Motherboard Guide to Not Getting Hacked
Replies
1
Views
2K
Biological Hacking of Computers
Replies
2
Views
2K
Install Programs, Settings, from PC to PC
Replies
1
Views
2K

Hot Threads

Recent Insights

Back
Top