I can see what Iriegirl is saying. It is very annoying to have an alert window coming up every few seconds while you're trying to work. I can aslo imagine that getting 1000 interspersed hits would make reading your firewall logs (for whatever reason she is) confusing.

I can also see how having these hits from a filesharing network that you never joined is extra-puzzling.

Iriegirl: on Norton Firewall I can turn off the alert message, while continuing to log activity, if that's what you're talking about. Others have mentioned that you can probably also have the log filter out an IP (I'm not sure how to do that), if that's what you're talking about.

To all the blasters -- are you really saying that someone trying to access your computer every four minutes for 24 hours wouldn't cause you concern? Or that if you're working with your firewall logs these erroneous entries wouldn't annoy you?

On a tangent, I'm getting conflicting information here:

MrGone says: "And 'your firewall caught it so you're okay' is bullshit, you're okay anyway because you don't have a service listening for traffic on that port (even if you did, it'd most likely be a gnutella client which don't currently have holes to exploit). Noone can just aim a sharply pointed packet at your computer and "hack" it. You must be running some form of server (web, email, ftp, gnutella servent, etc) to receive and process the traffic coming in."

However, cultiv8r says: "There are some things to note about Cable Modem access though. Because your computer will be connected to the Internet 24/7 (or at least, it is supposed to be), you become a bit easier target to malicious users. A software based firewall is a good start, but I'd recommend adding a hardware firewall as well."


These are the two predominant views that I've heard regarding firewalls. My questions are:

• If I'm on a system NOT running any servers:

Which information is more accurate? What exactly is a hacker/cracker/kiddiescripter capable of (apart from the trojan issue)? Can anyone really harm me even if I don't have a firewall? Are firewalls then only a preventative measure in case one downloads a trojan? I have even heard that a firewall may cause increased risk, because IT is, in fact listening at the ports. Is that true?


• If I'm on a system that IS running some sort of server:

What is the risk? Will a firewall (hardware or software) help protect me? How is this possible if the port needs to remain open in order to serve?


• Third: Does any of this change if I'm connected to the internet via a wireless connection to a base-station that is hooked into a DSL router? Can some sneaky driver-by hack into my computer through my wireless connection?


• The last question is: Do the answers to these questions change if I'm on a macintosh (running either os 9, or os X)? I have heard that macintoshes are virtually invulnerable to hacking other than through a direct, hardware connection. However I've heard that there may be some security holes in os X.


Any security experts in the house, with a lot of time on their hands? If not, where can I post these questions?

Thanks a bunch,
Gratis