|
I'm really pissed off this week! My computer has been invaded by SpyWare! I won't get into details, but I had to turn off my firewall to run some tests to find out what is hidden inside my computer... ...and my assumptions were right. Something was hidden! Some kind of SpyWare. And guess what folks, it can happen to anyone of us. Though the doors are now under lock and key, it's kind of like sleeping with the enemy. The enemy woke up and did some damage. Nothing serious, but it makes you kind of think why would somebody do this? Why would these scanners to this? I'm no big shot (believe me). I'm not trying to alarm anybody... but there are more reports of immature hackers (real hackers probably don't go for small fries like us) doing damage to anybody... ANYBODY! This is not right. And don't think a Virus Scanner helps... because this is totally different from a Virus.... it's more like a Trojan? Or a Back Orfice (I think that's the name of it). Anyways, I'm just pissed off. I still have to do some more work in fixing this problem... and even then I'm not really sure if I'm 100% protected (nobody is). I'll keep all of you updated. Danziger :^) |
I've got some friends that even coded a trojan and do some hacking too (i tried it a few times but it simply was no fun). I can guarantee you that no real hacker will try to fry you, it's those small damn freaks that download a trojan somewhere and toy around with it. There will always be some of those suckers. Get Lockdown2000(.com) it's a very good internet protection tool you can really trust. TNT Tciny |
Get OptOut ( http://grc.com/optout.htm ). It detects (and optionally removes) Spyware and all that crap Aureate puts on your computer / in your registry. But be carefull, some freeware / shareware (Go!zilla, unregistered CuteFTP) won't work anymore after you've removed the Aureate crap. Even if you're not going to download OptOut, it's a really REALLY good idea to have your ports scanned on http://www.grc.com/ . You'd be suprised... Anyways, Danziger... what firewall do you use ? I use ZoneAlarm and am quite happy with it. Krusty |
ZoneAlarm is great! No regrets. But, you should close your NetBios port (Port 139). All Windows9x computers have everything binded to everything. That is just bad! The details are at grc.com's ShieldsUp site. Danziger :^) |
http://grc.com/su-bondage.htm Network Bondage... it's no short read... please read everything thoroughly and carefully. Danziger :^) |
Get Black ICE. It's a very good tool to give you highly advanced security. http://www.networkice.com/Products/BlackICE/default.htm |
BlackICE is a really great way to get paranoid fast. Getting 10 (mostly useless) warnings a day is no exception. ZoneAlarm just puts all your ports on STEALTH so they appear none-existant to the outside world. I've tried both, but ZoneAlarm is waaay better. Krusty |
I recommend EVERYBODY to close Port 139 (NetBios Port, I believe). Go to that site I recommend above. Yes, it's a long read... but if you really want to feel safe (you never know if you may get a program crash)... then what is 30 minutes reading compared to 8 hours of getting rid of parasites! Danziger :^) |
http://grc.com/su-rebinding9x.htm Get right to the chase if you are using Windows9x. There's one for Windows NT... go to my link above about Network Bondage... scroll down the page... and click on WinNT. I hope this helps everybody. Oh yeah, make sure you do the ShieldsUp test! And check your probes! Danziger :^) |
Well, I did a test at Shields Up, here're my results (with Black ICE): Your Internet port 139 does not appear to exist! One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion. Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. Port probe test: Port Service Status Security Implications 21 FTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 23 Telnet Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 25 SMTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 79 Finger Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 80 HTTP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 110 POP3 Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 113 IDENT Closed Your computer has responded that this port exists but is currently closed to connections. 139 Net BIOS Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 143 IMAP Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! 443 HTTPS Stealth! There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address! |
| All times are GMT -7. |
Powered by vBulletin®
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.