Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Home Pc Security


  • Please log in to reply
8 replies to this topic

#1 4InTheMorning

4InTheMorning

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 06 December 2007 - 05:40 PM

Hello everyone, i popped in today for some friendly advise.

What would be some good tools to start making my own security and where are the best sites (lamens) for teaching how to use them. Also a jargon buster for getting to know how my pc works, internaly, ie. ports and whatnot and how the xp system works. suck as handles and threads.

Karma to all.

BC AdBot (Login to Remove)

 


#2 CTH_Tom

CTH_Tom

  • Members
  • 295 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 06 December 2007 - 07:41 PM

how the xp system works. suck as handles and threads.

Karma to all.

A good resource for understanding XP's services is Black Vipers site with recommendations on what is essential and what's not.
http://www.blackviper.com/WinXP/servicecfg.htm
If you have SP2 and get the monthly updates from MS you get most of the security holes fixed.
Of course you need an AV program and Spyware protection. I'll let others chime in on recommendations as it's always a Ford versus Toyota kind of thing.
As for a firewall I find XP's built-in O.K., hey I know it's one way but I know I'm malware free. And get yourself a router even if you don't network other computers just for it's firewall defense.
I just got the Ping of Death last week and haven't seen that in many a years.

Checkout this forum on how to best protect your computer from nasties-
http://www.bleepingcomputer.com/forums/f/25/antivirus-firewall-and-privacy-products-and-protection-methods/

Edited by CTH_Tom, 06 December 2007 - 07:44 PM.

X

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:14 PM

Posted 06 December 2007 - 08:57 PM

http://www.microsoft.com/security/default.mspx A good place to start, IMO.

Louis

#4 4InTheMorning

4InTheMorning
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 07 December 2007 - 02:16 PM

Thank you. i did start reading the tutorials, i did learn a thing or two. I downloaded the tcpview, but alas, i can only recognise the programs i am running and cannot distinguish between system and attackers. here is a regular screen shot, maybe someone has made a nest in a port and i cant see it.





ok..... well i would add an image but its not a simple as copy and paste. :thumbsup:

#5 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:03:14 PM

Posted 07 December 2007 - 02:39 PM

ok..... well i would add an image but its not a simple as copy and paste. :thumbsup:

This link may help:Inserting An Image Within A Post

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#6 4InTheMorning

4InTheMorning
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 07 December 2007 - 10:26 PM

Yeah.... Thanks for the image upload info..... I dont think im gonna bother with all that, its not straight forward.

I have found however this user permission, S-1-5-5-0-47595, ive googled it with absalute failure. I am contacting my IP provider as it has their name all over it, i am dubious as to why they should have full control permision.

what i want is to be able to sit at my pc and know exactly what belongs there and what shouldn't... im talking full tech stuff, as it seems i cannot fully rely on my firewalls and scanners. I noticed a neat trick where my IE asks for internet access... well i gave it permission when i first installed all the gubbings and cogs. So it is obviously a fraudulent program that is masquerading a IE.

I have tried many sites for the tech info, but unfortunately, the comprehension scale for using the the internet and navigating is at a minus 100.

ps.
Why cant i just copy and paste?

#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:14 PM

Posted 08 December 2007 - 06:50 AM

There's roughly 65,000 TCP ports and 65,000 UDP ports on your computer that are capable of connecting to the internet (incoming and outgoing). Programs that use the accepted means of connecting aren't the problem - it's those programs that don't use the usual means of connecting that are a problem. And this can be either malware or poorly designed programs.

As for knowing exactly what belongs there and exactly what doesn't - that's a formidable task. Go to a command prompt, navigate to the root of your C:\ drive, and type in "dir /s" (without the quotes) - then sit back and wait for a long, long time as your system grinds through all the files there.

A good firewall with proper settings will tell you every attempt to connect to the internet - and there are a lot of them! But, you can't easily connect to the internet without a browser - so what can you do? Well, you can try an alternate browser (such as Firefox), or you can trust the one on your computer by allowing it permission to access the web. If you don't trust it anymore - then deny it access.

As for the user permission - what does this user permission relate to? Where did you locate it on your system? What does it have permission to do? Who is your ISP and what software of theirs have you installed?
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 4InTheMorning

4InTheMorning
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:14 PM

Posted 08 December 2007 - 07:09 PM

i used proccess explorer and right clicked on all of them, then checked the permissions..... some of then gave S-1-05-5-0-47595 full user control, as in an admin user

it was mainly a procces called wdfmgr.exe

my IP is virgin media and they run the RPS rpsupdater

#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:14 PM

Posted 09 December 2007 - 08:03 AM

This link states that it's a part of WMP: http://www.liutilities.com/products/wintas...library/wdfmgr/
WMP likes to go out and contact different places on the internet without bothering you with the details - hence the Admin permissions.

The Logon ID is the computer's way of identifying a particular account (rather than using the User name that you're used to). I suspect that it's one of the built-in accounts on your system.

Using XP Pro, if you locate that file on your hard drive, right click on it and select "Properties", then click on the Security tab you'll see what accounts have access to that file. You can also click on the Advanced button there to see the Owners of the file. If you're using XP Home you'll have to boot into Safe Mode in order to access the security tab (or use one of the workarounds available at http://www.google.com/search?q=show+securi...lient=firefox-a )

FYI - BlackViper recommends disabling the service (near the bottom of this page: http://www.blackviper.com/WinXP/servicecfg.htm )
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users