Uhh...I might just be paranoid, but do you think it's possible that someone could set up this type of site, and then track the ip's that fall within an acceptable range of hackability (yeah, i know it's not a word)? And then whoever is running the site has your ip logged so they can access your pc at will?

Sure they could, but you shouldn't be worried if your PC is secure. My comp can be hacked, just like any other, but it's just really difficult to do so.

Anyway, why would some poor schmuck want to hack Joe Blow Websurfer's computer? Hackers target servers, not clients, unless they have a motive to do so.

Or maybee it ays you are fully secure and it saves you as easly hackable. Or perhapse it tells you to unbind something with security stuff built in!

Only one "problem" I hafve a small server setup on my computer for the rest of my network, it detected that someone could possibly hack another of my computers and get into this one.

Well, That site confermed what I already knew about my setup. I got the best marks and the "safest" rating he had. So I would say his site is pretty good and I dont think he is a "hacker/cracker" He is trying to sell his software so it would behove him to prove your vulnerability so you would be more likely to buy his software.

Mntsnow

The IP address that was listed on the web site wasn't the one assigned to my computer
by Bellsouth. They wouldn't have much if they hacked my rig.
BRONX BOMBERS RULE!!!!!!

The pickel

Mntsnow: tried it twice and it showed 'no such ISO'Does that mean they can't find me.
I'm not really to concerned, but still, I wouldn't appreciate someone hacking around my computer. I feel we all should respect everyone else's privacy .

[This message has been edited by pickel (edited 10-25-1999).]

Sygate 3.1 stopped him in his tracks, mine refused to respond, kind of sounds like my kid. /forum/smile.gif

TP 51

Pickel,

Most people with dial-up accounts dont run into many problems with hackers as thier addresses change all the time (because you get a different modem everytime you call into your ISP. The address that showed on the website is that of your ISP. (do the test again and write down the address that it uses and then go to see who owns the address (http://www.networksolutions.com/cgi-bin/whois/whois) and I bet your address is that of your ISP.

The SYgate and SYshield programs are great for providing that extra edge against hackers

Mntsnow

[This message has been edited by Mntsnow (edited 10-25-1999).]

another cool page i found: http://grc.com/x/ne.dll?bh0bkyd2 you click a button, and it tries to gain access your computer like a hacker would, and points out any vulnerabilities it finds. i think it is for Windoze comps only. im happy to say, tho, that my comp. came out perfect /forum/smile.gif

It says that a port (139) is open. Is this common. Should I post this here? If not, please delete this Socalgal.

Dave that is fairly common. That port deals with NETBIOS. (I would venture a guess that you are running your home network with netbui as one of the proticols. You would be well advised to change to TCP/IP as you can configure security much better with TCP/IP than you can with netbui. BTW NETBIOS is a favorite among the hacker community. (it is so feature rich that there is network management software designed to use NETBIOS. NETBIOS used to be considered a TROJAN HORSE when used improperly.

This is a cut and paste from the test site as well: IF You DO NOT have servers running on those open ports:

If you are not actively offering Internet services through the ports shown as OPEN, something is very wrong with your system:

It is actively advertising its presence on the Internet and
soliciting the attention of ALL PASSING PORT SCANNERS!

Logs of open ports are maintained by crackers and used as points of attack.
Either a server has been started without your knowledge — as is done by Trojan horse programs like Back Orifice — or you may be running one of the many "Evil Port Monitors" which has altered your system's "open port profile" in order to monitor TCP/IP connections. Evil Port Monitors will tell you that a passing scanner has just successfully probed into your system . . . but the problem (for you) is that it was a successful scan probe and the existence of your system's wide open ports will have been noticed and logged!

Your system may be monitored for Internet attacks without alerting crackers to your presence by using a real personal firewall product — instead of one of the many evil port monitors. I do not know of any that are free, though they are all inexpensive and provide exceptional intrusion detection and protection. (See the "Personal Firewalls" page for specific recommendations.)

Mntsnow

[This message has been edited by Mntsnow (edited 10-26-1999).]

[This message has been edited by Mntsnow (edited 10-26-1999).]

I tried this scanner and found my system to be somewhat vunerable, so I removed everything except tcp/ip from the network properties and now it says that my system is secure. I thought it was strange that my network neighborhood icon disapeared after doing this, but I really didn't worry because on this machine I only use dial up networking for surfing the net. The problem is that now the dial up networking won't remember my password. When I click on the connection shortcut I made to dial my ISP it asks for my password and the box to check to remember it is greyed out and can't be checked.Anyone know how to fix this? My password is rather long and confusing and it is a pain to enter everytime I dial up.

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet
/forum/wink.gif

bdog
you have to have a network client installed, most common Client for Microsoft Networks and selected as the Primary Network Logon.

Shields up told me my NIC mac address number! Said it was ALWAYS available and was a hardware id
like the PIII id #! That really pisses me off. /forum/frown.gif I bought a 3-com 10/100 fast ethernet
NIC bout 3 weeks ago. Should I call 3-com and just raise holy hell or what? Also said port 139 was open. I,m on a RR cable modem-is that my port or theirs? Also I searched for the ip address it gave me with mtnsnow's
link and it said no match found. What to do?

[This message has been edited by reddog4629 (edited 10-26-1999).]

Humor me please, I got the port139 vunerability also, went to netBIOS properties tab and the disable/enable checkbox is greyed out with it enabled, How do I disable netbios or can I disable it? WIN98SE-TCP/IP connect

Reddog,

You might need to do a "deeper" search on your IP address as many of the "Cable" ISP providers do not "register" each and every IP address such. BTW every NIC as a "MAC address". But without an open port having a mac address known will get a hacker no where (a hacker NEEDS an OPEN port to do their deed). to answer your last question concerning the open 139 port (weither it was yours or your ISP's) It depends on which TCP/IP address you were having "Shields up" test. If the IP address it stated at the beginning of the test was that of YOUR computer then the open port is on YOUR computer.

Mntsnow

So, what would this mean?

BBA's PC (http://www.jacksonville.net/~bhunter/BBA'S%20Secure%20PC.jpeg)

/forum/smile.gif

BBA

[This message has been edited by BBA (edited 10-26-1999).]

Freddy...are you using a network? If not just run the no share prog Mr G has...or just rename vnbt.386 in windows\system to vnbt.closed
/forum/smile.gif

I never REALLY thought that it was a sneaky way for someone to try to find vulnerable pc's to break into, but that was the first thing I thought- come to my site so I can get your ip address and hack you! Thanks!

I think that in general, most people are more paranoid about security than they need to be. Or maybe I'm a fool. Who knows?

Well BBA.....I know what it means! /forum/biggrin.gif

BTW. How do you like MediaOne for your cable provider? (did a search on your IP)

Mntsnow

(means you got a pretty secure machine)

[This message has been edited by Mntsnow (edited 10-27-1999).]

Oh BBA...your quake port is open.....

LOL Smokin1 /forum/biggrin.gif BBA's quake port is always open!

Mntsnow

Lord Locksley, Thanks for the tip. I am back to normal now.

Here's another pretty good scanner, intended for static IP's/DSL connections:

http://www.secure-me.net

Also, if you want a good software "firewall", try BlackICE from http://www.networkice.com . It alerts you whenever there is suspicious activity, logs it, and blocks any attacks. I installed it yesterday, and just today it told me that someone tried to ping me to check and see if I have Back Orifice installed. Shame on them, I notified their ISP /forum/wink.gif.

Scott

Would a good firewall slow downloads or other things down a bit? And that mac address
is a "unique 48 bit finger print" that can be seen by anyone. Makes me nervous. Sounds like some of the folks here need a quick,cheap,dirty,reliable fix-like me. /forum/smile.gif
I'll find out about that ip address and port
from my isp.
Just found out the IP address and port are
RR's and the tech.supp. guy said BUY a firewall called "Secure Destop" (bout 50 bucks) from "Conceal" software-it's what he uses and won't effect d/l or throughput speeds.
Any comments?

[This message has been edited by reddog4629 (edited 10-27-1999).]