1. Reply to all: Port Scanning and Spoofing (getting tough)
- Posted by who at bellsouth.net
Jan 03, 2003
Hi this is a reply to all whom replied to my initial message.
>Pete Lomax writes:
>Have you tried ad-aware: http://www.lavasoftusa.com/
Yes, I also use Spybot Search and destroy!
>David Cuny writes:
>If you don't already have it, I'd recommend getting ZoneAlarm
>(www.zonelabs.com). It can help block scans, and inform you if any programs
>on your PC are trying to access the Internet.
David, I use Sygate Personal Firewall that is vxd driver enabled
and, I also keep Norton AV upto date.
>Kat writes:
>Question: how will you get the Eu program to be notified of the attempts?
Good question, I havent thought that far ahead. Im sure we could listen to the
ports since we have have an async routine in the archives..but Im no guru in
this
area yet.
My addition to the security issue:
The best info I can give is to not unsubscribe from places like
zdnet or yahoo (including Topica) cause they tend to sell those
because they are valid email addy's when you unsub.
Unless, you change your email addy as soon as you have unsubscribed.
Thanks for all the input....I will be doing some more extensive study in this
area
I have always been intrigued by hackers, crackers, phreaks and the likes and
how they obtain information. My job now will be to understand how they function
and propose ways to combat them. Wish me luck!
Namely Anonymous [tomorrow who knows]
2. Re: Reply to all: Port Scanning and Spoofing (getting tough)
On 3 Jan 2003, at 18:39, who at bellsouth.net wrote:
>
> Hi this is a reply to all whom replied to my initial message.
>
> >Pete Lomax writes:
> >Have you tried ad-aware: http://www.lavasoftusa.com/
>
> Yes, I also use Spybot Search and destroy!
>
> >David Cuny writes:
> >If you don't already have it, I'd recommend getting ZoneAlarm
> >(www.zonelabs.com). It can help block scans, and inform you if any programs
> >on
> >your PC are trying to access the Internet.
I'd recommend the Pro version, but ZA is a application level firewall, not a low
level like nix's ipchains or a real firewall.
> David, I use Sygate Personal Firewall that is vxd driver enabled
> and, I also keep Norton AV upto date.
Up-to-date, but not enabled? Also, note many new viruses and trojans make
a good attempt to disable firewalls and AV programs, and even infect them.
It's best to shut down the avenues the viruses and trojans arrive thru.
> >Kat writes:
> >Question: how will you get the Eu program to be notified of the attempts?
>
> Good question, I havent thought that far ahead. Im sure we could listen to the
> ports since we have have an async routine in the archives..but Im no guru in
> this area yet.
If you are listening, the OS automagically returns info that the port is
available and listening. Also, altho we are led to believe we have 65536 ports
available, windoze OSs can't open or monitor (with an application) even half
that many at once. Look up "stealth" in your firewall readme files.
Kat
