Re: Desperate for good firewall: ARP and DNS attacks
> I did try a new modem/router, a Linksys/Cisco WAG120N, but as soon
> as
> I plugged it in, I had no hope of getting to the configuration page
> in
> the browser before it was being attacked.
Use a clean computer and plug the modem into that, do NOT plug the
modem into the adsl line. Go to the modem config page and change the
default password. Now lock down the modem, ie make sure no ports are
open / mapped / forwarded unless YOU specifically want them open.
>
> Oddly enough when I tried a new install, I moved from Debian to
> Kubuntu and I got a message flashed on the screen saying the backup
> BIOS on disk was being flashed. This is a feature of my motherboard,
> but I did not enable it and it wasn't me doing any BIOS update.
>
>> Regarding your possibly attacked systems as it was already
>> explained the
>> best you could do is to re-install them from scratch.
>
> Unfortunately it makes no difference. I need a way to scrub my disks
> clean because of the partitions "hidden" in there which take over an
> installation somehow, and I need control over my system. I can't
> believe how easy it is to break into a system and almost ruin it so
> quickly.
>
> This also happened to my iMac, and the Apple technicians were
> perplexed by it. I was supposed to only have one partition, for Snow
> Leopard, but there were two partitions, and using the disk tool to
> scrub the disk with zeros before installing did not work. It takes
> over the installation and makes sure you can't get rid of it.
>
Get a minimal CD to install a clean system from, either *nix or *bsd
will do. Run the CD, do not install, instead drop to a shell and
manually clear the entire disk, dd would be the command I would use.
It is NOT possible for an ATA hardware controller to get haxored, so
this will always work.
Now you have a clean modem and a clean computer - installing and
config a secure sys is now up to you, but most *nix and *bsd sys are
quite secure by default.
Regards, Tim.
Reply to: