I received a message from mp ISP, @home and would like
someone to interpret it for me. As per usual I can't get
a hold of anyone from @home so if you can shed a little
light on this, TIA I know nothing about what they are going
on about..

We have received over 20 complaints regarding scanning for Trojans
originating from your provisioned IP address. If this activity continue we
may be required to suspend service to your account pending further
investigation and/or possibly terminate your Internet account. I have
included a log showing the date and time of the activity in question. As the
complainant did not include a GMT offset, please account for this variable
in your investigation into the activity on your computer.

If you do not feel you are infected with a Trojan and are unaware of this
activity, we suggest you discuss this matter with anyone who has direct or
remote access to your computer. If you are running any daemons or services
that allow remote access we suggest you disable them. As you are responsible
for the security of your computer, it is your responsibility to ensure it is
not used to violate the Rogers@Home End User Agreement or Acceptable Use
Policy.

Sincerely,

Phillip T.
Rogers@Home
Network Security Dept.


Severity (icon), Time, Attack, Intruder, Count,
2, 2000-11-08 20:08:25, SubSeven port probe

Is there a way that someone can be using my system info?

Did you edit the letter at all? I would think if it was legit, they would have provided a phone number and a contact. I would call your ISP on the phone 1st.

You should have safe gueards anyway as provided by Dave. Cable service is very unsecure.

Good Luck!

J http://sysopt.earthweb.com/forum/smile.gif

You're kidding right? Getting a direct phone number for use in contacting actual human beings, out of @Home is worse than pulling teeth. They want you to email or online chat with customer service. Use a phone? Heck, that's practially endorsing the DSL companies. http://sysopt.earthweb.com/forum/wink.gif

I would assume that you have a Trojan on your system and someone is using your system to scan others.
This is the very reason why people will comprimise one system, and use it to access others, the trail leads to the first computer (yours).
First thing you need to do is to lock down your system with a firewall to prevent access into and out of your system.
Try Zone alarm: http://www.zonelabs.com/

Next you need to find the Trojan. Actually, I think you have 2, one that allows access into your system, and also the client part of the sub 7 trojan for "outward" connections.
Here is what I consider the best trojan scanner. "The Cleaner" http://www.moosoft.com/index.php
This is free for 30 days. Make sure that you run the update to get the current definitions, then run a compleate scan.
You may want to document any trojans found on your system and send all the info to your ISP.
Hope that helps, please feel free to contact me if there is anything at all I could do for you.
Best of luck,
Dave

Edit- I fixed a mistake above, I should have said client instead of server -edit

[This message has been edited by Dave_H (edited 11-09-2000).]

Sounds like someone is using a trojan in your system to scan others for trojan activity, Scan your system with Tauscan (freely DLable for a 30 day trial) and see what it gives. It is great at detecting trojans.
Dave