Re: Security Problem...
From: Greg (greg_68@hotmail.com)
Date: 02/12/03
- Next message: Curtis Anderson: "Re: WHAT IS TOP POSTING"
- Previous message: Youssef: "128 Bit encryption"
- In reply to: Alun Jones: "Re: Security Problem..."
- Next in thread: Lawrence Cheung: "Security Problem..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Greg" <greg_68@hotmail.com> Date: Wed, 12 Feb 2003 14:53:04 -0700
I'm running Norton AntiVirus and Norton Personal Firewall. Norton AV was
installed right after a clean install of Windows (brand new hard drive) and
I was originally using the firewall built into XP until the problem with
DirectX 9 and Windows Messenger, so I switched to Norton Personal Firewall.
So, there's always been a firewall and AV running.
"Alun Jones" <alun@texis.com> wrote in message
news:DCx2a.126$F64.44063948@newssvr12.news.prodigy.com...
> In article <eNw1Wgs0CHA.2452@TK2MSFTNGP11>, "Greg" <greg_68@hotmail.com>
> wrote:
> >How can I check? The PID just says svchost.exe. I'm already running
Norton
> >AntiVirus (with a subscription)... wouldn't that have prevented it? I'll
do
> >a full system scan with it and see if it finds anything, unless you have
a
> >better idea?
>
> If there's anyone in these newsgroups less worth listening to than
"Tracker",
> I doubt that I can find it within myself to believe how ill-informed they
are
> likely to be.
>
> Port 1025 is simply one of the first of the ephemeral port range. As
such,
> the first or second program that tries to create and connect a socket
without
> binding it first will find it bound to port 1025.
>
> Here are some of the services that are included in svchost:
>
> 6to4 - supports IPv6 connectivity over IPv4 networks.
> Alerter - Notifies of administrative alerts.
> AppMgmt - software installation services.
> AudioSrv - manages audio devices.
> BITS - Background file transfer.
> Browser - allows you to browse the network.
> etc, etc.
>
> To find out what's started by svchost, you could do a search through the
> registry using "regedit", searching for "svchost".
>
> If you want to find out if there's a Trojan at that port, then find out if
> there's a Trojan on your system - this can be done by running an antivirus
> scanner (you do have antivirus software, don't you?), since they detect
such
> things as well. Your firewall (you do have a firewall, don't you?) should
> already be blocking incoming traffic to ports that aren't supposed to
receive
> incoming traffic.
>
> Alun.
> ~~~~
>
> [Please don't email posters, if a Usenet response is appropriate.]
> --
> Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
> 1602 Harvest Moon Place | http://www.wftpd.com or email alun@texis.com
> Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
> Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.
- Next message: Curtis Anderson: "Re: WHAT IS TOP POSTING"
- Previous message: Youssef: "128 Bit encryption"
- In reply to: Alun Jones: "Re: Security Problem..."
- Next in thread: Lawrence Cheung: "Security Problem..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
