New Computer - XP

From: Ian (anonymous_at_discussions.microsoft.com)
Date: 05/12/04

  • Next message: Polaris: "Location of Hosts and LmHosts files in Win98, WinMe and Win95?" 
    Date: Wed, 12 May 2004 09:23:12 -0700

    Hi everyone.
    I have purchased a new computer, and a new Virus Checker
    and Firewall, both Mcafee, who I have used for years and
    years.

    I went onto the shields up website
    https://grc.com/x/ne.dll?bh0bkyd2 and despite being in
    FULL stealth mode, and being told me system is highly
    secure, it still managed to get the following:

    - Your User Name
    - Your Computer's Name
    - Your Workgroup

    Can anyone tell me how much of a threat this is, how I
    can stop it (Mcafee support tell me that im on the
    highest security setting and this is nothing to worry
    about) but I asked 5 friends, 3 also had this, 2 didnt.
    So why cant I stop it?

    Further tests show that:

    Your Internet port 139 does not appear to exist!
    One or more ports on this system are operating in FULL
    STEALTH MODE! Standard Internet behavior requires port
    connection attempts to be answered with a success or
    refusal response. Therefore, only an attempt to connect
    to a nonexistent computer results in no response of
    either kind. But YOUR computer has DELIBERATELY CHOSEN
    NOT TO RESPOND (that's very cool!) which represents
    advanced computer and port stealthing capabilities. A
    machine configured in this fashion is well hardened to
    Internet NetBIOS attack and intrusion.

    Unable to connect with NetBIOS to your computer.
    The attempt to connect to your computer with NetBIOS
    protocol over the Internet (NetBIOS over TCP/IP) FAILED.
    But, as you can see below, significant personal
    information is still leaking out of your system and is
    readily available to curious intruders. Since you do not
    appear to be sharing files or printers over the TCP/IP
    protocol, this system is relatively secure. It is
    exposing its NetBIOS names (see below) over the Internet,
    but it is refusing to allow connections, so it is
    unlikely that anyone could gain casual entry into your
    system due to its connection to the Internet.

    ***************

    Can anyone please help me block the info, or tell me if
    its secure? Im begging here.

  • Next message: Polaris: "Location of Hosts and LmHosts files in Win98, WinMe and Win95?"

    Relevant Pages

    • Re: SBSServer processes Port 80 blocked
      ... settings and auth provided for the AutoUpdate client). ... McAfee autoupdate client used HTTP port 80 to downlad the latest update ... He is in the BackOffice internet ...
      (microsoft.public.backoffice.smallbiz2000)
    • Re: Is this a virus?
      ... Well NetBIOS also does random lookups on its own AFAIK. ... computers are leaky -- they flood my logs ... > ZoneAlarm does not show any programs trying to access the internet that I ... > assign a random tcp port to outgoing mail in the email client and have ...
      (comp.os.linux.security)
    • Re: Is this a virus?
      ... Well NetBIOS also does random lookups on its own AFAIK. ... computers are leaky -- they flood my logs ... > ZoneAlarm does not show any programs trying to access the internet that I ... > assign a random tcp port to outgoing mail in the email client and have ...
      (comp.os.ms-windows.nt.admin.security)
    • Re: Closing Ports
      ... Port 139 is one of the NetBIOS ports. ... Internet interface, unless you need to share with others on the subnet ...
      (microsoft.public.security)
    • Re: E-Mail Highjack???
      ... see exactly what is using port 25 on your system. ... > Notified today by my internet cable company that they shut ... > networked through a Linksys broadband router. ... > McAfee firewall installed. ...
      (microsoft.public.security)