Re: a few basic simple questions
From: Douglas Pichardo (vbnova@myrealbox.com)Date: 01/30/02
- Previous message: David@cawdgw.net: "RE: a few basic simple questions"
- In reply to: Enquiries: "a few basic simple questions"
- Next in thread: Snow, Corey: "RE: a few basic simple questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Douglas Pichardo <vbnova@myrealbox.com> To: "Enquiries" <Enquiries@globalart4u.com>, <security-basics@securityfocus.com> Date: Wed, 30 Jan 2002 15:16:59 -0500
> How do you know when you are infected by a trojan or someone has control of
> your pc from a backdoor?
The simplest way to see if you are infected by an active trojan is to run
netstat -an from a DOS window. That will show you open internet connections.
You might also want to try a packet sniffer to examine incoming/outgoing
packets; I recommend Ethereal (http://ethereal.zing.org).
> Is it when your windows update's always continuously refuse to update from
> the microsoft site, including the ever popular critical updates to patch
> security holes?
The Windows Update site has been down for a little while I think... some
problem with the setup (I think there was a news item about it, but I don't
remember). Also, that just happens sometime; it happenned to me, and I was
clean (in Windows 98).
> When trying to update IE from microsoft it does not work?
That happenned to me a few times... see above.
> When you discover every so often that the hard drive when wiped clean
> suddenly becomes a 1gb hard drive instead of a 20 gb hard drive - has
> happened several times to me?
Sometimes your BIOS and/or DOS/Windows see large drives in a messed up way.
Some BIOSes can report incorrect info about the hard drive, and sometimes
fdisk messes up when reporting partition size when you actually partition it.
> when the firewalls (zonealarm) every so often is disabled while surfing?
...this is the only one I see as really a hint there might be a problem. You
should get some anti virus software and scan your computer. If you find
anything, unplug your computer from the internet (or disconnect if on
dialup), and clean up.
> How does one detect what the problem is and cure it, especially when you
Well, netstat is useful in finding out open connections you have to foreign
computers. Under Start Menu/Programs/Accessories/System Tools (I THINK, not
sure...) you can find a prog called System Information, and a tab in that
shows you all running processes and the locations of the files that are
running - this is very useful. But most of all, get some antivirus software -
if not Norton's or McAfee's, try... umm, I forget the name, maybe someone can
provide a link - it's free though... sorry, brain fart.
> are a beginner? If using a trojan to fight a trojan to cure the problem
> how does you know which ones to trust, as I have found there seems to be a
> lot of programmes out there saying they can find this that and the other
> but what if it is something really specialised?
...don't use a trojan to fight a trojan... I don't see a trojan could fight
another, and also you are not sure the one you purposefully use is not
malicious to you.
DoPo
- Previous message: David@cawdgw.net: "RE: a few basic simple questions"
- In reply to: Enquiries: "a few basic simple questions"
- Next in thread: Snow, Corey: "RE: a few basic simple questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
