A properly configured firewall for your workstation can make your home PC completely invisible: even if someone knows your IP address, they can’t get at your machine unless you install something on your machine first that lets them. That’s where all those trojan applications and such come in: they “call home” to the bad guy, giving him a way in because the user knowingly or unknowingly opened the door first.

Case in point: I installed a super-simple firewall and AV software on my Mom’s computer and directly attached her to the Internet a few years ago. My Mom is in her 80’s, so she’s definitely not keeping up with the latest worms or cracker exploits. All she does is keep her Antivirus software up to date, and ask my nephew or I when something weird happens on her computer (not often). After three years, her machine is still worm and virus free.

My webserver, on the other hand, can’t be *completely* blocked via a firewall- folks have to be able to initiate a web session, so at least port 80 has to be open. And then there is the software that serves those web pages: in the case of my server, PHPNuke and WordPress. WordPress is well-written, and doesn’t have obvious holes. PHPNuke is poorly written, and has a *lot* of obvious holes. Unfortunately, I have sites using PHPNuke that would be more hassle to migrate than I want to invest.

My server has nothing confidential on it, nor can it be used as a gateway to my work stuff. But it still bugs me that I have to periodically fix the mess the script kiddies leave behind. Sort of like having a nice front yard, and every once in a while the neighborhood thugs smash the flowers and knock over the garden gnomes…it is a “violation” and a bit frustrating, but nothing serious.

That said, every once in a while I’d like to plant explosives in the flower bed and give my garden gnomes flame throwers…

Oblivions, there is a big difference between a server and your desktop PC, much akin to a public tore and a private home. A store that has it’s doors open and allows anyone to wander in off the street is going to be much more vulnerable to robbery than your house. All of the vulnerabilities Kelly mentioned only apply if you are using your computer as a server.

Even if it is a small little store in an out of the way neighbourhood. Which might be exactly why they are attacking it Kelly, they figure it’s an easy target to practice on, rightly or wrongly think it has lower security, and they are less likely to get arrested than if they went after a big company with deep pockets.

Other than that… either you pissed off someone, and on the internet that is ridiculously easy to do and you may never even know it - maybe you laughed at someones screen name - or it is because of who you work for and they are foolish enough to think they can get into your work stuff from your personal stuff.

Oh, and last theory … the chinese hacker army needs someone to practice on so it may as well be you

And what frightens me is that in general I do understand what Kelly is talking about and I consider do myself to be completely incompetent *lol*

What frightens me is that you know what all that means… and I have no clue and even you weren’t immune to the attacks. This makes all the attempts to keep this little machine of mine clean impossible and I don’t consider myself completely incompetent.