Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet
From: sponge (yosponge_at_yahoo.com)
Date: 01/30/04
- Next message: Eric J. Goforth: "Re: Instagate Series"
- Previous message: Lars M. Hansen: "Re: CheckPoint FireWall"
- In reply to: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Next in thread: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Reply: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Jan 2004 11:59:21 -0800
heyimjustcurious@yahoo.com (curious) wrote in message news:<ca3e516b.0401300047.53ba0d08@posting.google.com>...
> yosponge@yahoo.com (sponge) wrote in message news:<8d76ec03.0401291723.741ccb03@posting.google.com>...
> > On 29 Jan 2004 15:37:30 -0800, heyimjustcurious@yahoo.com (curious)
> > wrote:
> >
> > >Just after I ran AdAware and reomoved 80 files and 2 registry, I ran
> > >AdaWare again. It's runing now that with a statement that 4 files
> > >identified, i.e 4 objects found. Is that a *normal* behavior? Or am I
> > >not doing soemthign right? Does it have somehting to dow the Firewall
> > >not workign efficiently?
> >
> > You didn't say *what* it found. Odds are, it probably found some
> > spyware, but they both also identify and remove cookies associated
> > with spyware services and adsites, the latter of which can be worse
> > than spyware itself. Just about any non-Internet Explorer browser
> > will allow you to delete cookies on exit, so cookies are never saved
> > to the disk.
>
> I plan to change to non IE browser after i egt SyGate set up
> preperly. (I didn't know that other browswer qould nto save those
> cookies.) It's ridiculous that the cookies get saved the way they are.
>
> >
> > >How often do I run these spy ware? Of course, I will be online a lot
> > >as I am trying to learn many things....
> >
> > If you use Internet Explorer or frequently download and software,
> > daily at least. If not, mayby once a week is fine.
>
> Thanks.
>
> >
> > >Since I have Sygate installed and turned on (though 4 ports are still
> > >open when I did scanning using Stealth scan, Trojan scan and 3 with
> > >TCP sca while UDP scan couldn't be performed), is it OK to leave my
> PC
> > >connected to Internet, say 24 hours?
> >
> > Really, everything should come up Stealth or at least Closed. If you
> > have 4 ports open, and you're not running a server, then there's a
> > problem.
>
> I thought so and I was concern.
>
> > What ports are open?
>
> Ports 21, 25, 80, 1307 are 'OPEN' when Qucik Scan and Stealth Scan
> were performed.
>
> Ports 21, 25, 80 for Trojan Scan.
> Ports 21, 25, 80 for TCP scan. TCP scan seemed to have stopped at port
> 1024.
This isn't good. Sometime while running a scan, run hiJackThis!
(http://tomcoyote.org/hjt) and check your log results. It'll tell you
what's running - it's more detailed than Task Manager. If you like,
post or email the results. I don't see areason why Port 80 should be
open. Actually, I don't see a reasonwhy any of those should show open
because your firewall should stop it.
> > If it's any of the NetBIOS ports
> > (137-139), or RPC ports (1025, 135, for example) then create ruels
> > immediately to close them.
>
> TCP scan seemed to have stopped at port 1024. SO I gueess it didn't
> check for port 1025.
>
> I have also posted the results of scans in the thread "help with
> SyGate needed " in this ng the same day.
>
Someti,e when you have a lot of time and the above is taken care of,
try using the online Nmap scanner at www.insecure.org. If you have a
second PC, you can even download it. That's the best scanner
available.
> > I would also consider investing $60 and by
> > a firewall/router, but don't give up personal firewalls like sygate -
> > routers do absolutely zero as far as preventing outbound connection
> > attempts.
>
> Would you recommend a name. I don't mine the cost. I want to make
> sure about the secuirty.
Make sure it is a router and FIREWALL. Some are just routers and are
numbered similarly to the firewalls. While those will still offer a
lot of protection, the firewall-ish features only cost a few bucks
more and can offer some nice stuff like ActiveX blocking, etc. Dlink
has the 704P which is nice. The ever-popular Linksys BEFSX41 is
another popular choice (it can overload and glitch though, under
extended, heavy periods of running). All are about the same. Likewise,
the Netgear FR114P is another good choice, and I'd probably take it
over the others. SMC reportedly makes some good router/firewalls too.
Just don't get wireless if you can avoid it and be sure to check the
labelling on the box to be sure it has firewall features.
> >
> > >Or is it better to disconnect my PC from the modem (to Internet) when
> > >not using it? Just that I have Windows Update scheduled everyday and
> > >Norton Anti-virus scheduled everyweek.
> >
> > Since I assume you are not running a server,
>
> No I am not.
>
> > I'd disconnect it
> > whenever it's not in use. You generally do not ISP software (which
> > often contains spyware and other junk) to connect to the net; if you
> > have a high-speed connection, use IPCONFIG /RELEASE to disconnect and
> > IPCONFIG /RENEW to connect.
>
> I have highspeed (comcast). I need to learn how to disconnect and
> connect as you suggested above. IPCONFIG /RELEASE and IPCONFIG /RENEW
> the commands I need to use for disconnecting and reconnecting? I
> shall try immediately.
> > You generally have to run this from a DOS
> > window,
>
> In my case, command prompt. I have XP prof.
Just type CMD from the run menu, and enter those commands in.
IPCOFNIG\ /RELEASE and test your connection, then try IPCONFIG /RENEW
Adapter #. Run IPCOFNFIG | MORE to find out the adapter number and
just see what's going on, and you can jjust use that in the future.
Once you've got that down, creating shortcuts is easy.
> > You can create shortcuts and place them wherever you want.
>
> > Windows Update and Norton LiveUpdate are of no consequence; if they
> > cannot connect to the net at a certain time, they will wait until a
> > connection IS available.
>
> Well..Norton LiveUpdate has been doing that, i.e prompting me to
> download whenever i connect to internet but Windows Update hasn't been
> doing that since I had my PC disconnected from internet. Something
> wrong?
I don't think so. It shouldn't be a problem. Just run WU and see if
anything is amiss. IIRC, WU can operate silently in the background,
and is smart enough to back off on updating when you're busy so as to
not clog your connection.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Next message: Eric J. Goforth: "Re: Instagate Series"
- Previous message: Lars M. Hansen: "Re: CheckPoint FireWall"
- In reply to: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Next in thread: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Reply: curious: "Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
