obviously, this allows access to your computer, and will let others communicate with your machine, but the communication is limited to the avility of the port? at least as I understand. For example if a program in windows has port 86 open, that port only sends and recieves stuff from that program right?
now how can a hacker open remotely a port on my machine? I hear that they have to open a high port to b able to do anything and b semi untraceable... ???
My question is:
HOW DO THEY OPEN THE PORT and without me finding out (that is me not running a file or anything from them that will open this)

First, go to www.grc.com (http://www.grc.com) and test your system. You may be surprised.

If your post is a result of already testing your system, just know it can be done. This has happened to at least one friend of mine.

There is a free firewall available. It's called ZoneAlarm. I think that's the site name too, (with www in front and com afterward.) If that doesn't work as a url, it's posted over in General too.

[This message has been edited by Ygor (edited 02-10-2000).]

ZoneAlarm is the name of the firewall app, its made by Zone Labs
Http://www.zonelabs.com/

BlackIce Defender is good too. Worth ever cent of the $40 it costs. I rarely say that about software too. It is a great filter and gives you IP addresses of those hacking you, along w/ DNS, MAC, user id, and type of probe. ZA (what Target mentioned) is my other app runnign security patrols on my PC.

As for the questions you asked, I am not a hacker and know little about networks so...

dave

I've re-read the original post now.

I still don't know the details of how this happened to a friend of mine, and she doesn't either. Knowing her online habits and caution, I am sure someone scanned her ports and found them open. She's more cautious than I am about downloading anything, and I've never been hacked... yet.

Seems like someone finds holes somewhere in M$ security every month or so. How it's exploited would probably be over most of our heads or would take too much space here to explain well, programming codes being as fun as they are.

The only way I've heard of anyone finding they were hacked while online is seeing their computer do things they did not tell it to do while they were online. By then it's too late!

As I understand it (and please correct me if I'm wrong), opening a port on a computer requires an application running on that computer to open it. Certain applications "listen" on certain ports, e.g. your e-mail client listens for incoming mail on port 110, etc.
When hackers do a portscan, they're usually looking for ports monitored by certain programs that contain some kind of vulnerability they can exploit, or they're looking to see if a trojan horse program is installed and waiting for a connection on a certain port. If they find it running and listening on that port, they may be able to take control of the computer through the trojan (see also the latest Denial Of Service attacks in any news program you care to name.)
I believe by default most computer ports are closed - as I said before, they're only opened by applications and usually those apps are listening for something specific.

Adam

I have had a cable modem for just under a year now, through RoadRunner, and just bought and downloaded BlackICE Defender in January. Now I am freaked out about how open things were, and how often I am scanned... a couple times a week! Just last night I was scanned by someone probing ports looking to see if the SubSeven trojan horse program was resident! Wild!

I love this personal firewall... tells who from where, and what they were trying to do!

Oh, and I ALWAYS trace it to their ISP/netblck to send a message to their ISP about the activity. I just cut and paste the log entry from the attack-list file (it's an ms excel file that logs all the info from attacks), just like the RR admins had asked me to do.

I have had more than half my hits from areas in NY state.. even one from Germany too..

Plus the activity monitor (history) looks wicked cool... makes me fell like I have so real high tech sh** going on (and I guess I do, now that I think about it! hahaha).

Definitely worth the $40 if you have cable or DSL with static IP address. And honestly, I find it entertaining, especially when trying to find out who it is! I'll have to try out those newer IP search programs, WhoIs is OK, but I want more detail! http://www.sysopt.com/forum/smile.gif

Mine were all open by default on both machines here although I did not have a network at that time. Apparently most are unless you go in and close them per the instructions at the grc site.

I never would have looked had I not seen posts about it here.