Digital BW, The Print

On 25 Sep 2004 at 9:57, Joseph Erbacher wrote:

> Someone in this forum wrote:
> 
> "That's a fantasy.  It implies that viruses can magically infect a
> computer without any human interaction, and that just isn't true."
> 
> The statement above is misleading.  Of course, nothing happens magically,
> but a computer can be infected by just being turned on and connected to the
> Internet.
> 
> I know of one instance where, on first use of a new computer, a person
> connected to the Internet to download Windows and virus updates.  No router
> with built in firewall nor was the Windows Internet Connection Firewall
> turned on.  
> 
> During the time the person was trying to download updates, his computer was
> infected and rendered useless.  This could have been prevented with a
> firewall.
> 
> If you are connected to the Internet and do not have a firewall, your
> computer can be infected; you do not even have to be using any application
> programs.  Having the computer turned on and booted and an Internet
> connection setup is all that is needed to be vulnerable.   A hardware
> firewall such as is built into most routers will protect against certain
> attacks (those attacks where the user did not initiate contact with an
> internet address); antivirus software is still needed to protect you while
> you are browsing or receiving email or using any application that accesses
> the Internet.
> 
> Even if you only have one computer you should use a router with built in
> firewall.
> 

What makes routers so effective, isn't the firewall per-se but a technique used to 
share addresses, called Network Address Translation (NAT for short).  How NAT 
works, is that your desktop, workstation, etc has an internet address that doesn't 
exist.

Normally, the rules with the Internet, is that every machine must have a unique IP 
address, but a few years ago, they had a problem, there are only ~4.5 billion IP 
addresses to go around.  The solution, was sharable addresses, and NAT is the way 
that is often implemented.

There are two blocks of IP addresses that are never assigned, anything that starts 
with 10, and any class C network starting with 192.168.  So, for example I have a 
firewall that uses an ISP assigned address, but inside the firewall there are two 
machines with addresses inside one of the 192.168 blocks.  I will not state which 
one, you have 1 chance in 32768 of actually knowing one of the addresses, 
but the firewall blocks EVERY port that is used for outside to inside communication, 
that is not initiated from inside.

Suppose you found out my machine used 192.168.252.27 (which it might), you can't 
reach that address, except from inside my network, and since you can't a virus on 
your machine can't either.

W