The newbie's dilemma!

Discussion in 'Virus Information' started by BoaterDave, Aug 13, 2007.

  1. BoaterDave

    Dustin Cook Guest

    My apologies for making the statement as generic as I did.

    --
    Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2c
    Email.:
    Web...: http://bughunter.it-mate.co.uk
    Pad...: http://bughunter.it-mate.co.uk/pad.xml
    PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
     
    Dustin Cook, Sep 2, 2007
    1. Advertisements

  2. BoaterDave

    Troll_Lady Guest

    thanks!

    hi, Dustin,
    thanks!
    my tests at grc shields up have always been 'stealth'. i have assumed this
    was enough. i have a dsl modem connected to a router, plus a software
    firewall. (not much incoming on sw firewall, unless i'm using my dial up,
    but all gets blocked when doing so. i use it to block my games from going
    out).
    from what i understand you to say above, the 'no response' is NOT good
    enough? if so, how\what do i configure for 'host unreachable' ? i'm not
    running a server. if there is something further i need to do to protect
    myself, i want to know about it.

    xphome sp2, almost fully patched (last updates caused a system restore to be
    needed and i've not been back since, so, i'm a month behind)
    router (hopefully strong pw)
    spyware blaster
    ad aware
    avg free
    za firewall
    crap cleaner
    custom security settings
    safe hex
    i've used all grc tools to turn things off as recommended.
    windows pop up stopper works pretty good so i've not installed any 3rd
    party.
    i use an old 95\98 power toy that adds to my 'tools' in ie, add site to
    trusted, add to restricted. i have 2 sites in trusted, allow everything for
    those 2. all other sites i visit fall under custom security unless they
    really irritate me (tripod) then i just 'tools' add to restricted sites. i
    don't use the phishing filter. (i don't buy online, i go to the bank in
    person, etc....)

    so, other than the windows updates i'm behind on, what else do i need to do
    to protect my computer?

    thanks,
    TL
     
    Troll_Lady, Sep 2, 2007
    1. Advertisements

  3. BoaterDave

    BoaterDave Guest

    I find that those who bottom post confuse me - those that both top *and*
    bottom post confuse me even more! <g>

    Have you tried Dustin's BugHunter programme, Li? I've heard that it's very
    good.

    BD

    ***************************************************
     
    BoaterDave, Sep 2, 2007
  4. BoaterDave

    Dustin Cook Guest

    I didn't mean to imply it's not good enough, it's just a distinction that
    can be used to determine if a computer is firewalled or actually isn't
    present. The only way I know of to achieve destination host unreachable
    is if the connection really is down.
    It sounds to me like your doing a fine job already. I didn't mean to make
    you nervous.
    Shameless Plug: you should add BugHunter to your list of scanning
    applications.
    By the sounds of it, you already are.


    --
    Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
    Email.:
    Web...: http://bughunter.it-mate.co.uk
    Pad...: http://bughunter.it-mate.co.uk/pad.xml
    PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
     
    Dustin Cook, Sep 2, 2007
  5. BoaterDave

    Kayman Guest

    It is suggested blocking both TCP and UDP ports 135 ~ 139 and 445.
    http://seconfig.sytes.net/
    (http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
    Seconfig XP is able configure Windows not to use TCP/IP as transport
    protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
    and 445 (the most exploited Windows networking weak point) closed.
    3rd party software fw are 'phoney-baloney' ware. Uninstall it and activate
    the WinXP in-build version.

    Is the XP SP2 firewall getting a raw deal?
    http://blogs.zdnet.com/Ou/?p=81
    How to Configure Windows Firewall on a Single Computer
    http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx
    "Personal Firewalls" are mostly snake-oil
    http://www.samspade.org/d/firewalls.html
    Deconstructing Common Security Myths.
    http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
    Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.
    Exploring the windows Firewall.
    http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
    "Outbound protection is security theater—it’s a gimmick that only gives the
    impression of improving your security without doing anything that actually
    does improve your security."
    1. Do not work as administrator, use a normal user account for day-to-day
    work.
    http://www.5starsupport.com/tutorial/hardening-windows.htm
    http://blogs.msdn.com/aaron_margosis/archive/2005/04/18/TableOfContents.aspx
    2. Keep your OS (and all software on it) current/patched/updated.
    3. Re: IE and OE; Consider utilizing another browser application and e-mail
    provider.
    4. Don't expose services to public networks.
    http://www.blackviper.com/WinXP/servicecfg.htm#
    http://www.ss64.com/ntsyntax/services.html
    http://www.beemerworld.com/tips/servicesxp.htm
    http://www.theeldergeek.com/services_guide.htm
    Not good enough! See #2 above.
    "Hope" will not get you very far in terms of security.
    http://www.microsoft.com/protect/yourself/password/create.mspx
    Add: SuperAntispyware - Free
    http://www.superantispyware.com/superantispywarefreevspro.html
    On-demand AV application (add it to your arsenal and use it as a "second
    opinion" av scanner).
    BitDefender10 Free Edition
    http://www.bitdefender.com/PRODUCT-14-en--BitDefender-8-Free-Edition.html
    Uninstall ZA! See comments above.
    What are these?
    http://www.claymania.com/safe-hex.html

    Read this also:
    So How Did I Get Infected Anyway?
    http://www.wilderssecurity.com/showthread.php?t=27971

    Now stay safe!
     
    Kayman, Sep 3, 2007
  6. BoaterDave

    BoaterDave Guest

    Thank you for all that excellent information, Kayman. I just wish I'd read
    it all two or three years ago when (I thought) I was adequately protected!
    <g>

    The 'Crap Cleaner' programme to which Troll_Lady is, I believe, referring
    may be found here: http://www.ccleaner.com/

    It is highly recommended by the 'helpers' (like yourself) over on A/C
    User2User. I'm surprised that you are unaware of it.

    I'd wecome your view of CCleaner (if you have one!) TIA

    Dave

    ****************************************************************
     
    BoaterDave, Sep 3, 2007
  7. BoaterDave

    BoaterDave Guest

    Earlier today I posted a message to thank you, Kayman, for listing so much
    helpful information.

    When I checked half an hour later, my header had a horizontal line struck
    through it with a corresponding message saying that my message had been
    deleted from the server.

    Regardless, I thank you once again for all the links.

    Dave

    *****************************************************
     
    BoaterDave, Sep 3, 2007
  8. BoaterDave

    Dustin Cook Guest

    Hi Dave. Your post arrived fine here. Just because one newserver cancels a
    post doesn't mean they all will. Are you sure you didn't cancel it by
    mistake?


    --
    Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
    Email.:
    Web...: http://bughunter.it-mate.co.uk
    Pad...: http://bughunter.it-mate.co.uk/pad.xml
    PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
     
    Dustin Cook, Sep 3, 2007
  9. BoaterDave

    Barbara Guest


    Dustin, please don't feed his paranoia. He probably clicked on the post
    just as his modem reset the internet connection. Happens here all the
    time. I just have to click on the post again and it downloads properly.

    Barbara
     
    Barbara, Sep 3, 2007
  10. BoaterDave

    Peter Foldes Guest

    He was probably using Google mail to post. His post does not show up on the MS newserver(here) Posting under a new name "imbeady" when I checked Google against his previous IP stack. I have no idea why it does not show up here on the MS server. Unless Google mail is blocked for some reason.
     
    Peter Foldes, Sep 3, 2007
  11. BoaterDave

    Barbara Guest

    Shows up for me on the MS server?

    Barbara
     
    Barbara, Sep 3, 2007
  12. BoaterDave

    Dustin Cook Guest

    Okay.


    --
    Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
    Email.:
    Web...: http://bughunter.it-mate.co.uk
    Pad...: http://bughunter.it-mate.co.uk/pad.xml
    PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
     
    Dustin Cook, Sep 3, 2007
  13. BoaterDave

    BoaterDave Guest

    Hello Tigger! Are you the same Tigger as on Annexcafe?
    BD

    *******************************************************
     
    BoaterDave, Sep 3, 2007
  14. BoaterDave

    BoaterDave Guest

    I'm sure - no mistake.

    Dave

    ******************************************************
     
    BoaterDave, Sep 3, 2007
  15. http://www.strikeitup.com/rencontre/boaterdave/

    I'm sure - no mistake.

    Dave
     
    BurfordTJustice, Sep 4, 2007
  16. BoaterDave

    Dustin Cook Guest

    No problem. My apologies for posting off topic replies. You can always
    email your questions if you'd prefer.


    --
    Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
    Email.:
    Web...: http://bughunter.it-mate.co.uk
    Pad...: http://bughunter.it-mate.co.uk/pad.xml
    PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
     
    Dustin Cook, Sep 4, 2007
  17. BoaterDave

    Troll_Lady Guest

    thanks!
    yes, i did go to your site and look at bug hunter.
    i might add it.
    it looks simple and does what it's meant to do.
    TL
    OH!
    haha on making me nervous. i hadn't seen had so much as a tracking cookie in
    a few years.
    i was googling, had moderate safe search on, clicked w\o checking status.
    picked up 13 trackers & 2 trojan d'loaders. slipped right through my active
    x turn offs into my temp files. lesson learned, no matter how many years
    being 'safe' never become so blaise' i won't forget the status bar check
    again. LOL!
    TL
     
    Troll_Lady, Sep 8, 2007
  18. BoaterDave

    Troll_Lady Guest

    i followed directions at grc for turning off tcp\ip stuff that i don't need.
    i dunno' or have forgotten exactly what but it concerned 'net bios' ?

    ah.... my windows firewall won't block my games nor wmp from outgoing. i can
    upload a screen shot of why i use a 3rd party fw. one session of listening
    to wmp, it tried over 700 times to access the 'net.

    i play some old macromedia flash games, i enjoy the games but certainly
    don't want them calling out. they get through windows firewall but not za.

    also, windows fw will allow only 1 Mirc. i run a few bots + my own personal.
    za sees it as 1 mirc, which it is, windows sees it as a few and only allows
    the first to connect.

    i do have a user account but i have to be able to upload\d'load, be able to
    access things on the 'net that i need my admin account for. i've made it as
    strict as i can and still do what i need.

    thanks for the links and i'll make sure to read them. if windows fw could be
    configured the way i want, i would use it.
    TL
     
    Troll_Lady, Sep 8, 2007
  19. BoaterDave

    Troll_Lady Guest

    hey, BD.

    no, i haven't tried it yet. it's on my list of new toys to play with but
    i've just not had time. i like the screen shots and the look of it. no extra
    unwanted bells & whistles.
    what is your oinion of it?

    TL
     
    Troll_Lady, Sep 8, 2007
  20. BoaterDave

    BoaterDave Guest

    It found items that no on-line scanners had done - and removed the offending
    'nasties'!

    If Dustin now concentrates on making BugHunter more 'user fiendly' - perhaps
    with a 'glossy coat' - he might well be on his way to making a fortune!

    There sure is a need, IMO, for someone to help weed out the bad things
    happening on the 'net nowadays! <g>

    BD

    ***************************************************************
     
    BoaterDave, Sep 8, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.