http://grc.com/x/ne.dll?bh0bkyd2

I learned a lot....and it freaked me out. I was actully scared to even be on the site....I mean it told me my name. Well, I'm off to get a firewall.

That is a very good site! But are you sure you need a firewall? First time I went there it also knew my ID and when I did "scan ports" it told me that the netBIOS port 139 was wide open for all to see. But...

I then followed the instructions on how to fix all that and now when I go there it doesn't even know my computers name. And all the ports are closed. I know it's not 100% security (nothing is) but I'm now more secure than average (default), and feel much better about it. I'm on a "always on" cable connection so I do have cause for a little concern.

Here's another "fun" one...

http://privacy.net/analyze/

Ha, well I already got one....BlackICE. It's the one that site most recomended. I've had a hacked experience...mind you it was a controled one (a friend). Disappearing icons, monitor tunring on and off, cd tray popping open and closeing, pictures appearing. Not to mention the complete access to every file on my system, scary. And all he needed was to talk to me on ICQ. Anyway, I like the added security....even if it never gets used.

[This message has been edited by seti (edited 11-28-1999).]

I just tried both of those site they got the Ip address right. No open ports either. I do run atguard though plus I run through the @home proxy.
Seti have your freind try again with the firewall runnig and see what happens. I don't use ICQ for that reason. I think he may still be able to do it, but I am not sure. If someone wants in they will get in!

youde be suprised what we can find. http://ipindex.dragonstar.net/

Hi Seti,
Thanks for the interesting and informative link (yours too socalgal). I had no idea my port was open /forum/redface.gif

I got lost in a time warp reading a great part of that but feel much more informed and my computer is now 'virtually' "a black hole for TCP/IP packets". /forum/smile.gif

........CHNsaw

[This message has been edited by Chainsaw (edited 12-11-1999).]

Question: I haven't been using my cable providers (@Home) proxy and haven't had any problems. However, when I do use their proxy, then sites like "Shield Up!" doesn't get my true IP correct.

Is this good? bad? or indiferent?

Plus, using their proxy they claim web surfing will be faster (due to their proxy server caching pages) but I actually find it a bit slower. Am I imagining this, or what?

No problem Chainsaw, glad I could help in someway...ha, my topics are my children. Anyone else feel that way sometimes? Yeah I'm trying to get all my ports to register as "stealth" One is now (smtp)...and the rest are closed.


OuTpaTienT, I wasn't aware that you could choose if you wanted to use the proxy or not. How do you do that?

seti,
As for the children (er, topics), they do need nurturing and direction at times.
As for the stealth mode, did you go into your network properties and make sure that the only bindings that you have set are from the NetBEUI?
When I did a check the first time around, all of my ports were closed except 139.
After going thru the his advice and extensive information (it is kind of dry reading) I was able to get all ports to register as stealth. You should be able to get the same results if you go thru the complete process. Let me know if you can't get the ports to stealth, I'll do what I can to help. I think the most important thing is to remember that no matter what we do, it's best not to have critical information on our computers unless it really needs to be there.
Thanks,
........CHNsaw

[This message has been edited by Chainsaw (edited 11-29-1999).]

How? I dunno. In my apps (browsers, Gamespy, whatever) I'm sure you're aware that you can usually choose (in the preferences) "direct connection" or "use proxy". Well, it works both ways.

When I use @Home's proxy, then it's IP address is what shows to anyone inquiring. If I use "direct connection to the internet" then my real (and I guess unchanging) IP address is what shows.

Security-wise, am I "safer" using the proxy? Or does it really matter?

Things do really "seem" to be faster without the proxy, but honestly it's hard to tell.

Well I tryed unbinding everything but NetBEUI....I'm sure I'm missing something but I got a fatal exception loading windows and was unable to veiw any web pages. Hmmmm. I'll have to go back to that site and read it more carefully. Maybe it has something to do with haveing @home.

OuTpaTienT...yeah I kind of thought that's what you ment...I notice no difference so I was wondering if I knew what you were talking about. Thanks.


I got eveything stealth now. Ha, it was before...well, after I installed the firewall. I just forgot to use the "i.p.agent" and it was looking at the wrong computer. Coooooool, steeeeealth baby!

[This message has been edited by seti (edited 11-29-1999).]

seti,
Glad to hear it!
I forgot to do the IP Agent the first time too, but I'm not set up with a proxy so I don't think it made any real difference. I checked using the IP Agent after setting up the Firewall though and that's when I saw all the green. Takes quite a while to go through all the ports when in stealth.
Thanks for pointing me down this path.
........CHNsaw

thanks for bringing up the port 139 vulnerability again. I didn't think about it when a similar post went around a couple of months ago. Now I read the site a little more closly and shut it down. I'm on an ISP which dynamically assigns IPs, so I'm lower risk, but even so, I spent at least 8 hours downloading stuff this weekend (mostly due to a recent HDD crash), and anything that stops the script kiddies is a boon.

Did anyone see the cartoon on www.dilbert.com (http://www.dilbert.com) about hacking - that really cracked me up... can't post here - check the archive - but the dialogue went something like...

Frame 1 [Dilbert sat in cube at PC], phone rings
Frame 2 [Dilmom at home with laptop] "I've been watching you through you webcam, and you aren't working hard enough"
Dilbert: "How did you...."
Frame 3 [Dilmom at home] "...well not much of a firewall - I'm using your mail server to spam my Mah Jong group"

This site just cracks me up, make it your startup page today /forum/smile.gif

U-96

Well I've had the firewall up for about 18 hours and I've already had attacks. Some person that uses telus as there ISP....or that's hacked into someone's comp and useing it as a mask probed my smpt port...and then did a "What's up" scan. These people don't even have to know your IP. They just scan a range of them. And almost every cable user is in that range. It happens all the time.

So.........if my ports are "closed" am I fairly safe? Or should I be thinking about a firewall? I really don't want to have to deal with a firewall. And I definitely don't want to have to spend any money on one.

Try BlackICE from NetworkICE:
http://www.networkice.com

The grc.com site had no luck whatsoever detecting anything about my IP/system - no ports whatsoever were open, and BlackICE notified me of the scans.

Scott

Hey, that Shields Up was an eye opener. Geeezzz, they knew my name, computer setup, well you all know if you've been there.

But, I did what they said about disconnecting the bindings in network and they said port 139 was secure now. Passed security check w/ flying colors.

I didn't have NetBlui to install and I haven't installed IP-Agent yet either.

That secur32.dll file that windows will ask for is in Windows\System, don't need to put in the cd-rom.

arn