ECN Forum Forums Technical Discussion Re: Computers and the Internet What could be wrong here?

The thing is, you don't need to actually visit *any* sites at all in order to pick these things up: simply connecting the computer to your ISP is enough. After 20 minutes, if you are not protecting yourself, they will have you.

There are a lot of bugs in the way that Windows implemented its networking stack, and even more fundamental errors of design in the way that it tries to keep itself secure.

This is why it is _absolutely_ _essential_ to install SP2, because a lot of the fixes for these bugs are contained in there, and installing the fixes is essential to stop a sort of continual pool of reinfection from happening.

If you have not installed SP2, go and get the CD and do it ASAP. Or if you mail me I'll make you a CD and send it you. It's crucial. Sorry to be so bossy :-) But if you don't, they will probably have reinfected you already; that means that you would be both a victim, but also part of the problem, becuause your computer is there spitting out packets that will infect other computers around the world. Also, it may well be sending spam to other users under remote control (a botnet) and we all hate spam, don't we :-)

After SP2 it is also important to run a firewall and to turn off any unnecessary services, for the same reason -- if you don't, then there are opportunities for malware to sneak in there even if you are not visiting *any* sites, never mind ones that are infected themselves. I don't mean doing anything rash like turning off all of them -- you need to do a little checking to see first what actually is running; after that, you decide which ones need to be firewalled and which ones are not needed after all. I believe a normal home/small office user has no need of about two thirds of the stuff that's running, and ALL the unnecessary ones provide potential loopholes by which bad things can happen.

And, as a final thought, bear in mind that nearly ALL the viruses that ARE related to web browsing or email have only affected MS Internet Explorer / MS Outlook, and that people running Mozilla for instance have experienced very few such problems.

Sorry not to reply sooner I was away a bit but if it would help I could post a bit of a longer "howto" type article about things like firewalls. The trouble with these is that there are so many different ones that one can only usefully write a general intro, but I'm happy to do that if it will prove useful.

To start off you could just see which ports are open on your box by using one of the net port scanners.

The question of *why* it is done at all seems to have changed lately too. It is not done now just because they are the naughty geeky teenagers that like showing off too much to be able to control themselves. They are doing it nowadays more because there is a lot of money to be made, infecting lots of machines so that they can be marshalled into huge Botnets, and the collective computing resources in these botnets then sold off to the people who need to distribute spam for their no-prescription viagra stores / online porno shops / shocking APR loan service / whatever.