ECN Electrical Forum - Discussion Forums for Electricians, Inspectors and Related Professionals

ECN Shout Chat
Top Posters(30 Days)
Admin 19
Recent Posts
fuse rejectors
by NORCAL. 03/29/17 01:44 AM
Old decora style outlets
by NORCAL. 03/29/17 01:41 AM
NFPA stuff
by gfretwell. 03/28/17 08:08 PM
Anyone hiring inspectors?
by HotLine1. 03/27/17 08:03 AM
ESA Arc flash course
by TheShockDoctors. 03/24/17 10:15 AM
New in the Gallery:
SE cable question
Popular Topics(Views)
231,833 Are you busy
166,727 Re: Forum
160,851 Need opinion
Who's Online Now
0 registered members (), 61 guests, and 11 spiders.
Key: Admin, Global Mod, Mod
Previous Thread
Next Thread
Print Thread
Rate This Thread
#131963 - 10/22/04 11:08 PM Adware and Spyware  
Dave55  Offline
Member
Joined: May 2004
Posts: 697
Crystal Lake, Illinois, USA
A friend told me about some great software for removing adware and spyware. It's available at www.download.com and they are:

Spy Bot Search and Destroy and
Ad-ware SE.

Dave


Tools for Electricians:

#131964 - 10/23/04 03:54 AM Re: Adware and Spyware  
jooles  Offline
Member
Joined: Sep 2004
Posts: 93
brussels, belgium
The other important thing is to be aware at all times of actually what your computer is doing. Ad-aware and things like that only tackle a problem when it has taken hold.

If you run a properly configured firewall then it will monitor all the network traffic, and create alerts for you that program X is passing unusual and/or unexpected traffic back and forth on port Y to host Z. Anything you can't explain or don't like, then you can block off that hole to prevent it.

The problem with Microsoft is that they often configured their systems by default to be running a whole heap of services that you probably don't need, and NO FIREWALL, so all these open ports then provide useful points of ingress for all the malware. We hear that at long last they have started learning not to do it any more. But it will be years yet before the majority will upgrade to take advantage of the security provided by the more modern versions.


#131965 - 10/23/04 08:37 AM Re: Adware and Spyware  
Dave55  Offline
Member
Joined: May 2004
Posts: 697
Crystal Lake, Illinois, USA
I have Norton SystemWorks and Norton Internet Security, jooles. However, I may not have had the firewall feature running when the adware took over my e-mail homepage. I have a new PC with XP Home Edition. I've heard about closing unused ports (gateways?) but don't understand it. I have DSL (SBC). Can you tell me how to close off these unused ports, or a site with instructions? Thanks

Dave


#131966 - 10/30/04 12:21 PM Re: Adware and Spyware  
jooles  Offline
Member
Joined: Sep 2004
Posts: 93
brussels, belgium
Dave,

Sorry it has been a very long time now since you wrote that.

The first thing to find out is which ports you have got open. This information you need so you can then decide which ones don't need to be :-) The open ports will be revealed in an exercise known as port scanning.

Normally a port will be open because your machine is running a corresponding service as a background task, so to disable the port, you just need to stop that service. However, a few of the ports and services are actually needed, so it is not a case of just nixing everything in sight :-) The ones that you need to keep but not make available to the world at large you can secure by placing them behind a firewall. XP has a built-in firewall but a lot of the experts still say that ZoneAlarm is a better one.

You can do port scanning from any other machine on the internet using a port scanner tool, but possibly easiest of all is to use one of the web-based port scanners. There is one here

http://www.securitywire.com/scan.php?

based on the unix portscan tool called nmap, which many say is the rolls-royce of port scanners (I'd agree, really). So you should run that first. It is quite easy to use you need to give it a a couple of minutes though.

You will get results including stuff like this:

20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
80/tcp open http

(that is an example for one of my computers)

Please note also that a /gateway/ is not the same thing as a port. A /gateway/ is an element in a routed network by which means multiple networks are linked together. All the data that is not intended for one of the detinations available in the local network is instead sent away to another network through the default gateway, and so on, until it reaches its destination.

If you don't know what to do when you get your results then just paste them here in a reply (only the lines like my example NOT your machine's IP Address and all) and I'll take a look.



Member Spotlight
RH1
RH1
California
Posts: 22
Joined: August 2009
Show All Member Profiles 
Featured:

2017 NEC and Related
2017 NEC
Now Available!

Shout Box
Powered by UBB.threads™ PHP Forum Software 7.6.0
Page Time: 0.011s Queries: 14 (0.002s) Memory: 0.7590 MB (Peak: 0.8901 MB) Zlib enabled. Server Time: 2017-03-30 08:53:27 UTC