Hack attacks - as a home user am I safe?

Posted on 2006-04-20
Last Modified: 2013-11-16
Hi everyone,

Now that Wifi is being widely adopted, I as many other do have a home router / firewall. Is it the case that it is now not possible for a n attacker to run malicious code (such as buffer overflows) against my machine?

It used to be the case that some script kiddie threatining you across a chat program, could easily retrieve your IP address by typing "netstat -n". Am I right in thinking that if your behind a router / firewall the only address they can retrieve is the IP of your router, hence making your machine invisible to the outside world? This is assuming of course that your port forwarding to the machines services is not setup and the machine is not in the DMZ. Even so, many ISPs now use a proxy which hides even the IP address of my router.

To summarise:
- As long as I don't accept and run malicious files, my machine cannot be accessed?
- If this is not the case, what other threats to I face?
- How can I prevent these threats?

Thank you for your knowledge

Question by:expert-ad
    LVL 38

    Expert Comment

    by:Rich Rumble
    True, as long as your router/firewall do not allow incomming connections, by default this is how most are configured. Nonetheless, ZoneAlarm (free) and ZoneAlarm Pro are great additions to have on any windows PC. Your protection is two fold. One, you have the typical firewall that blocks connections inbound bydefault, with Pro you can actaully allow incomming connections with grainular control, the free version is pretty much ON or OFF with respect to incomming connection blocking.

    Securing WIFI so that other don't use your Access Point is a concern, as any damage they may do could lead back to your IP and you might catch the blame. Turn off DHCP and statically assign your IP if possible, and above all use MAC address filtering, common to most modern WIFI AP's

    There are many more things you can do to secure your wifi, like using WPA instead of WEP
    LVL 32

    Expert Comment

    It is true. For all practical purposes, you are safe (from outside hacking) if none of your ports are forwarded.

    However, most infections are not due to outside hacking, but from user mis-steps, such as clicking on unknown links and attachments, downloading games and music, clicking on untrustworthy web pages,  etc. Firewalls and routers offer little or no protection against these.

    You can protect yourself by being alert about what is safe and what is suspicious. Do not rely entirely on firewalls, anti-spyware and AV programs (though each is important).

    Keep your system patched.

    Finally, do regular backups so you don't lose valuable files in the worst case.
    LVL 38

    Expert Comment

    by:Rich Rumble
    Ahh the second fold to ZAP's protection is Program access. If you got a new virus, no one had a definition for, and it wanted to spread, it'd need to acces your NIC to do so, and ZA will see any new programs doing this and pause them and ask you if you want to allow it. ZA can remember the response if you place a check mark to do so. ZA will stop programs like Ad-ware and mal-ware also in the same fashion.

    There are always best practices also:
    As mentioned above, backups are also a GREAT idea.

    Author Comment

    Thank you all for the replys. I am happy with the security of my wifi, I have recently achieved qualifications in wifi security testing, but your advice is still appreciated.

    The thing thats really throwing me is that a firewall with a rule set, set to talk to a specific port on a server will happily send a remote attack onto the machine. If the machine behind the firewall does not offer any services such as serving web pages on port 80, there is no need to forward any ports onto the machine.

    Even if "user mis-steps, such as clicking on unknown links and attachments, downloading games and music, clicking on untrustworthy web pages" are the cause of hack attacks how can the virus, trojan etc that has been planted be accessd from the outside world?

    Unless this virus, trojan is able to reconfigure your firewall by opening a specific port to allow the inbound connection and setup port forwarding to the target machine, how is it possible for this to work?

    I am not saying its "not possible" really I guess I am asking how can it be done? If the remote exploit is sent to the router IP the exploit has no way to know which machine to hop to next without port forwarding configured to the correct target machine.

    Thanks again
    LVL 38

    Accepted Solution

    Trojan's /Viri, let's say obtained from an Email attachment that you run, the virus, depending on your User privileges, could "own" your PC from that point, until removed. Your pc could then contact an IRC message system (the virus rather, using your PC) get instructions on who to spam, who to scan/infect next.
    But the fact remains, that if your not allowing incomming connections,/ports your threats are lessened to things like email, activex controls in IE, image buffer overflows, M$ WMF images... Best practices help, but in the case of M$'s WMF someone malicious could obtain "System" privileges, just higher than admin.

    Author Comment

    Thank you!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now