Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am invisible!


  • Please log in to reply
14 replies to this topic

#1 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,588 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:34 PM

Posted 04 January 2005 - 08:28 PM

It takes trust in this site that you would not steer us into the hands of criminals, vandals and scumbags. With that trust in hand, given a recent post, which of course I can't find now, I went to the SHIELDS UP! site one of you suggested and permitted my computer to be poked at and otherwise abused.

Well, their diagnosis based on pinging 1000+ ports, found all in stealth mode other than one port 113 which was closed but wasn’t responding. I ran all their tests including BIOS vulnerability, spam etc. So it sure looks to me like good news :flowers: . Quietly chugging along, Linksys router and ZoneAlarm seem to be doing their job just as you say in these forums they would. And for the FIRST TIME, I've seen some concrete feedback.

I can trust all of this, right? Please confirm.
Just have to watch out for spyware and emails with junk, correct?

Thanks guys, just keep patrolling ... :thumbsup:

I had to try to post this twice & login twice. Why? All the blocks and locks I do?

Edited by tos226, 04 January 2005 - 08:29 PM.


BC AdBot (Login to Remove)

 


#2 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 04 January 2005 - 10:04 PM

I can trust all of this, right? Please confirm.

I do.
I think Steve Gibson has done us a good service to have invested
in his hardware & for his work at a related forum.

Just have to watch out for spyware and emails with junk, correct?

That's about it. Watch out what you download in the way of activeX "applets".
Spyware-killing programs that claim to, but don't, can be a hazard.

We try to point that out by not recommending any except those well rated.

Possible exception might be in my signature.
One just released that I've test run.
Found good, effective and no problems with it.
Its new though.

Some question it's legitimacy.
I should know more in a couple days.
Till then it's grayed out.

Opinions vary.
Every system running does too.
What works for one might not for another.

Advice given to one is usually meant for that one.
Advice given to more than one usually has some cautionary language attached.
Not everything works on everything.
patiently patrolling, plenty of persisant pests n' problems ...

#3 Scarlett

Scarlett

    Bleeping Diva


  • Members
  • 7,479 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:As always I'm beside myself ;)
  • Local time:02:34 PM

Posted 04 January 2005 - 10:26 PM

In case you have not come across this thread. It is a good read by Grinler. All the in's and out's of securing your computer. Very informative. Link below.



Simple Steps to Keep Your Computer Secure


I had to try to post this twice & login twice. Why? All the blocks and locks I do?


That I can not answer. Someone else can though I'm sure.

As far as e-mails go. Do not open any that are not from a trusted contact. Period. Delete them and empty the trash.
Posted Image

#4 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:02:34 PM

Posted 04 January 2005 - 10:29 PM

I think I was the one who suggested you check your firewall at Shields Up! While I do not have the expertise to personally warrant the mechanics of the tests, they are generally seen as valid by those more expert than I. The moderatorsat BC would not casually recommend something without either using it themselves, or doing some research about it.
As with any firewall, it is only as good as it has been trained what to block and what to allow; you should have some confidence, now, that it is configured correctly. Coupled with a good resident antivirus with updated defintions, and careful updating of your OS with any security patches, a firewall will go a long way in preventing problems. And, as you correctly remark, having care about what you open in EMail attachments (and reading them in plain text), and doing careful research before downloading ANY application or tool bar, will add to the protection; almost all spyware, and most viruses, are on a computer because of its owner's actions and decisions.

Cheers,
John
Whereof one cannot speak, thereof one should be silent.

#5 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:02:34 PM

Posted 04 January 2005 - 10:51 PM

Scarlett mentions the Simple Steps to Keep Your Computer Secure tutorial and while it contains excellent advice I feel the following (or a variation of it) should be added in the section titled Make your Internet Explorer more secure:

In Internet Explorer go to Tools>Internet Options>Advanced and take the check mark from Enable Install On Demand (Internet Explorer) and Enable Install On Demand (Other). The consequence of this will be that you will begin to see Security Warnings when something tries to install on your computer. Unless it is something you want to install (which happens rarely) always say no.

BTW, Shields Up is a great resource.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#6 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 04 January 2005 - 11:20 PM

I'll add that Spybot's Tea Timer feature warns of any changes to the registry (basically)
and it's nice to know that in conjunction with the firewall warnings about access by programs when they "want to connect online".

Gives one a good feel for what the consequences of their actions online are. :thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#7 tos226

tos226

    BleepIN--BleepOUT

  • Topic Starter

  • Members
  • 1,588 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:34 PM

Posted 05 January 2005 - 10:00 PM

I think I was the one who suggested you check your firewall at Shields Up!  While I do not have the expertise to personally warrant the mechanics of the tests, they are generally seen as valid by those more expert than I. The moderatorsat BC would not casually recommend something without either using it themselves, or doing some research about it.

That's what I wanted to know, whether you run thru these and trust them for real.

Scarlett, thanks, I did read Grinler's tutorial - but just need occassional confirmation and clarification.

Leurgy - I presume you suggest I take OFF those flags, yes?

Phawgg - I wasn't sure if with the firewall and PestPatrol patrolling all the time TeaTimer was a good idea, I don't want to get those products confused. BTW, it's cute that Spybot S&D sees pest patrol. Good cooperation.

All others, many, many thanks. And I do know not to open things, and so on. I'm still fuzzy on how to handle activeX controls, but will get there. I understand what they do but so many places to change things is just confusing a bit.

Phawgg - please, just continue your patient patrolling !

Edited by tos226, 05 January 2005 - 10:05 PM.


#8 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:02:34 PM

Posted 05 January 2005 - 10:05 PM

Leurgy - I presume you suggest I take OFF those flags, yes?


Yes, remove the check marks in front of both Install on demand entries. This will prevent most "drive by downloads".

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#9 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 05 January 2005 - 10:06 PM

Clarity regarding activeX downloads can be yours.
Download SpywareBlaster 3.2
Give it a whirl.
Free, and easy. :flowers:

BTW, I do not use spywareGuard.
SpywareBlaster works without running as a tray icon.
SpywareGuard does not.
I use Tea Timer to alert me to all registry changes,
including those an activeX download would enact.

I allow only those I'm aware of causing no problems.
The database within Javacool's SpywareBlaster lists (presently) 3,310 bad activeX files.
You can choose to let any of them through.
It's your PC.
I like the choice.
It's my PC.

:thumbsup:

Edited by phawgg, 05 January 2005 - 10:12 PM.

patiently patrolling, plenty of persisant pests n' problems ...

#10 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 PM

Posted 05 January 2005 - 11:27 PM

Scarlett mentions the Simple Steps to Keep Your Computer Secure tutorial and while it contains excellent advice I feel the following (or a variation of it) should be added in the section titled Make your Internet Explorer more secure:

In Internet Explorer go to Tools>Internet Options>Advanced and take the check mark from Enable Install On Demand (Internet Explorer) and Enable Install On Demand (Other). The consequence of this will be that you will begin to see Security Warnings when something tries to install on your computer. Unless it is something you want to install (which happens rarely) always say no.

I've seen this recommended before but Install on Demand is still enabled for me and I've never had a problem. Looked at this MS article and it seems to contradict what you say--I've italicized for emphasis.
http://support.microsoft.com/default.aspx?kbid=222639

For example, if you open a Web page that requires Japanese-text display support (Charset=euc-jp), Internet Explorer automatically prompts you to download the Japanese Language Pack component if it is not already installed and the Install On Demand feature is enabled.

I want the prompts. I like having the ability to decide what gets downloaded. Just like ActiveX, which the BC article Scarlett mentions tells you how to set to prompt, not everything is bad. But if I'm asked (prompted) about downloading something I don't at all expect, then I can just say no.

Or am I misinterpreting? If I understand correctly Install on Demand has to do with Active Setup, which is updating or installing Internet Explorer updates and plug-ins from MS--not third parties. Doesn't sound like ActiveX but I'm not sure. Could you elucidate on this Leurgy?

I had to try to post this twice & login twice. Why? All the blocks and locks I do?

Sounds like you have all your cookies blocked. This board will set a cookie to remember your log on. Perfectly harmless. I don't block any cookies. Not even tracking cookies. And no ill effects. See here for why I don't worry about them:
http://www.dtp-aus.com/cookies.htm

With a combination of:

ActiveX set to prompt--as set out in Grinler's article--this is what prevents drive by downloads.

Windows kept patched and updated.

And a good, up to date Antivirus and Firewall---

I've not had any problems. I don't run TeaTimer, SpywareGuard or anything like that. Only installed SpywareBlaster when I started doing HijackThis logs so I would have access to the database.

But then my surfing and other habits aren't like most other people's. So SpywareBlaster and some other tools are good to have. I just think the BC tutorial is pretty complete.

We always did feel the same

We just started from a different point of view

Tangled up in blue--Bob Dylan


#11 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 05 January 2005 - 11:39 PM

I agree about the cookies. (and a lot more, too. BTW)
They help achieve the speed I get manuevering in/out of this site & others.
On dialup.

All alerts can border on irritation, which I patrol for :trumpet:

For instance, those tea timer alerts...
firewall traffic reports...
download messages...
IE is set a little tighter than FF for me.
Mostly I review the Event Viewer and logs of activities once a week.
Set things to log alerts.
Know where the log files go.

basically I set things up so there is a minimum of tray icons,
spybot & firewall.
I recently gave up the AVG auto-update when I learned
that the protection in AVG7 runs without it,
no ill effects.

Tryin' out google desktop, and that's it.
Everything else I go to start menu when I want it.

But, I'm kinda
:flowers: whoops. :thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#12 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:02:34 PM

Posted 06 January 2005 - 12:50 AM

Papakid

Yes, Internet Explorer will prompt to see if you want to install Japanese Language Support. This is a Microsoft Component. But it will NOT prompt to see if you want to install Gator, Gain, NewDotNet, CoolWebSearch, etc. This is how these items come to be installed in many cases. If you come to a website that tries to download these components and have Install on demand disabled (unchecked) you WILL be prompted.

A case in point. Go to Panda Active Scan with install on demand unchecked. If you have never been there before, as you go through the procedure to do the scan, you will see a security warning about a download and will be asked to accept it or not. Don't accept it. Close all IE windows. Enable both Install on demands by going to Control Panel>Internet Options. Open IE and go back to Panda, and it will do the download without you even noticing anything other than the wait.

A qoute from the Microsoft link you supplied:

Install On Demand is not available for other components in Internet Explorer 6 for Windows 2000, and Install On Demand is not available for any components in Internet Explorer 5.x for Windows 2000.

For Internet Explorer 6 for Windows XP, no components are installed based on the Enable Install On Demand (Other) option. This option should not appear in the Advanced dialog box in Windows XP.


Microsoft has dropped this feature in these OS's most likely because they realized that this was being exploited by adware/spyware programs but I doubt you would get MS to admit it.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#13 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 06 January 2005 - 01:07 AM

I think your exploration into this has merit, Leurgy.

I read this:
Disabling These Features
The Install On Demand (Other) or Install on Demand (Internet Explorer) and Automatically check for Internet Explorer updates options are turned on by default in all versions of Windows except Windows 2000 and Windows XP. These features are not available in Windows 2000 or Windows XP, but these options are present on the Advanced tab in the Internet Options dialog box in Windows 2000 and Windows XP. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
257021 Advanced Internet Explorer Options Do Not Work on Windows 2000-Based Computer


It seems like typical contradictory english fostering misunderstanding to me.
Nothing new. :flowers:

So.
I've unchecked both
Install on Demand (IE) &
Install on Demand (other).
As is my general tendency towards trial & error.
I'll go with it that way a while.
Casually. :thumbsup:

Edited by phawgg, 06 January 2005 - 01:13 AM.

patiently patrolling, plenty of persisant pests n' problems ...

#14 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:11:34 AM

Posted 06 January 2005 - 01:12 AM

It takes trust in this site that you would not steer us into the hands of criminals, vandals and scumbags.

and furthermore, steering you to microsoft is out of necessity.
Trust them.
They are your friends.
They will explain things to you.
Things you need to know now that you bought the system.
patiently patrolling, plenty of persisant pests n' problems ...

#15 tos226

tos226

    BleepIN--BleepOUT

  • Topic Starter

  • Members
  • 1,588 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:34 PM

Posted 06 January 2005 - 10:21 PM

Papakid,

QUOTE 
I had to try to post this twice & login twice. Why? All the blocks and locks I do?

Sounds like you have all your cookies blocked. This board will set a cookie to remember your log on. Perfectly harmless

I thought so too. But this site and one other are the only ones permitted to leave persistent cookies. So it must be something else .

Phawgg,
I have no problem you steering me to Microsoft also. I steer myself there too. But as you point out

It seems like typical contradictory english fostering misunderstanding to me.
Nothing new.

reading can be frustrating at times.

As far as the irritation from alerts - I find them educational at this point. It tells me what's happening. Between the logs, alert list, alert popups, I'm getting a picture what is normal, when and so on.

This is a very good thread. I really want to thank all who commented, and will read all this very carefully now. And nobody is off the subject, Phawgg, it's all connected :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users