The newbie's dilemma!

September 2, 2007

Re: Ping Troll Lady

I find that those who bottom post confuse me - those that both top and

bottom post confuse me even more! <g>

Have you tried Dustin's BugHunter programme, Li? I've heard that it's very

good.

BD

"Troll_Lady" <TLOne@DogAgent.com> wrote in message

news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl...

> thanks!

>

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns999E853BD1C6FHHI2948AJD832@69.28.186.121...

>> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in

>> news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net:

>>

>>> ok. i have some questions i'd like to ask but they would be better

>>> suited for public.security.homeusers.

>>> i don't have that group on this server.

>>> if i see that you also sub that group, i'll post a ping?

>>> thanks!

>>> TL

>>>

>>> snipped extra.

>>>

>>> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

>>> news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

>>>

>>> Well, if I get destination host unreachable; I know it's dead, if I

>>> get no response instead, I know a computer is present, behind a

>>> firewall; If I were malicious, I'd explore it further. style_emoticons/

>>>

>>> I'll offer advice/help when I can do so. style_emoticons/

>>

>> I have crossposted this to that newsgroup as you requested so they can

>> benefit from the information as well. Feel free to continue the

>> questions.

>>

> hi, Dustin,

> thanks!

> my tests at grc shields up have always been 'stealth'. i have assumed this

> was enough. i have a dsl modem connected to a router, plus a software

> firewall. (not much incoming on sw firewall, unless i'm using my dial up,

> but all gets blocked when doing so. i use it to block my games from going

> out).

> from what i understand you to say above, the 'no response' is NOT good

> enough? if so, howwhat do i configure for 'host unreachable' ? i'm not

> running a server. if there is something further i need to do to protect

> myself, i want to know about it.

>

> xphome sp2, almost fully patched (last updates caused a system restore to

> be needed and i've not been back since, so, i'm a month behind)

> router (hopefully strong pw)

> spyware blaster

> ad aware

> avg free

> za firewall

> crap cleaner

> custom security settings

> safe hex

> i've used all grc tools to turn things off as recommended.

> windows pop up stopper works pretty good so i've not installed any 3rd

> party.

> i use an old 9598 power toy that adds to my 'tools' in ie, add site to

> trusted, add to restricted. i have 2 sites in trusted, allow everything

> for those 2. all other sites i visit fall under custom security unless

> they really irritate me (tripod) then i just 'tools' add to restricted

> sites. i don't use the phishing filter. (i don't buy online, i go to the

> bank in person, etc....)

>

> so, other than the windows updates i'm behind on, what else do i need to

> do to protect my computer?

>

> thanks,

> TL

>

>> --

>> ####################################################

>> Dustin Cook

>> Author of BugHunter - MalWare Removal Tool - v2.2c

>> Email: bughunter.dustin@gmail.com

>> Web..: http://bughunter.it-mate.co.uk

>> Pad..: http://bughunter.it-mate.co.uk/pad.xml

>> ####################################################

>

>

September 2, 2007

Re: Ping Troll Lady

"Troll_Lady" <TLOne@DogAgent.com> wrote in

news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl:

> hi, Dustin,

> thanks!

> my tests at grc shields up have always been 'stealth'. i have assumed

> this was enough. i have a dsl modem connected to a router, plus a

> software firewall. (not much incoming on sw firewall, unless i'm using

> my dial up, but all gets blocked when doing so. i use it to block my

> games from going out).

> from what i understand you to say above, the 'no response' is NOT good

> enough? if so, howwhat do i configure for 'host unreachable' ? i'm

I didn't mean to imply it's not good enough, it's just a distinction that

can be used to determine if a computer is firewalled or actually isn't

present. The only way I know of to achieve destination host unreachable

is if the connection really is down.

> not running a server. if there is something further i need to do to

> protect myself, i want to know about it.

It sounds to me like your doing a fine job already. I didn't mean to make

you nervous.

> i've used all grc tools to turn things off as recommended.

> windows pop up stopper works pretty good so i've not installed any 3rd

> party.

Shameless Plug: you should add BugHunter to your list of scanning

applications.

> so, other than the windows updates i'm behind on, what else do i need

> to do to protect my computer?

By the sounds of it, you already are.

--

Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

Email.: bughunter.dustin@gmail.com

Web...: http://bughunter.it-mate.co.uk

Pad...: http://bughunter.it-mate.co.uk/pad.xml

PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 3, 2007

Re: Ping Troll Lady

"Troll_Lady" <TLOne@DogAgent.com> wrote in message

news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl...

> my tests at grc shields up have always been 'stealth'. i have assumed this

> was enough. i have a dsl modem connected to a router,

It is suggested blocking both TCP and UDP ports 135 ~ 139 and 445.

http://seconfig.sytes.net/

(http://www.softpedia.com/progDownload/Seco...load-39707.html)

Seconfig XP is able configure Windows not to use TCP/IP as transport

protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139

and 445 (the most exploited Windows networking weak point) closed.

> plus a software firewall.

3rd party software fw are 'phoney-baloney' ware. Uninstall it and activate

the WinXP in-build version.

Is the XP SP2 firewall getting a raw deal?

http://blogs.zdnet.com/Ou/?p=81

How to Configure Windows Firewall on a Single Computer

http://www.microsoft.com/technet/security/...p/cfgfwall.mspx

"Personal Firewalls" are mostly snake-oil

http://www.samspade.org/d/firewalls.html

Deconstructing Common Security Myths.

http://www.microsoft.com/technet/technetma...hs/default.aspx

Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

Exploring the windows Firewall.

http://www.microsoft.com/technet/technetma...ll/default.aspx

"Outbound protection is security theaterâ€”itâ€™s a gimmick that only gives the

impression of improving your security without doing anything that actually

does improve your security."

> if there is something further i need to do to protect myself, i want to

> know about it.

1. Do not work as administrator, use a normal user account for day-to-day

work.

http://www.5starsupport.com/tutorial/hardening-windows.htm

http://blogs.msdn.com/aaron_margosis/archi...OfContents.aspx

2. Keep your OS (and all software on it) current/patched/updated.

3. Re: IE and OE; Consider utilizing another browser application and e-mail

provider.

4. Don't expose services to public networks.

http://www.blackviper.com/WinXP/servicecfg.htm#

http://www.ss64.com/ntsyntax/services.html

http://www.beemerworld.com/tips/servicesxp.htm

http://www.theeldergeek.com/services_guide.htm

> xphome sp2, almost fully patched (last updates caused a system restore to

> be needed and i've not been back since, so, i'm a month behind)

Not good enough! See #2 above.

> router (hopefully strong pw)

"Hope" will not get you very far in terms of security.

http://www.microsoft.com/protect/yourself/...ord/create.mspx

> spyware blaster

> ad aware

Add: SuperAntispyware - Free

http://www.superantispyware.com/superantis...efreevspro.html

> avg free

On-demand AV application (add it to your arsenal and use it as a "second

opinion" av scanner).

BitDefender10 Free Edition

http://www.bitdefender.com/PRODUCT-14-en--...ee-Edition.html

> za firewall

Uninstall ZA! See comments above.

> crap cleaner

> custom security settings

What are these?

> safe hex

http://www.claymania.com/safe-hex.html

Read this also:

So How Did I Get Infected Anyway?

http://www.wilderssecurity.com/showthread.php?t=27971

Now stay safe!

September 3, 2007

Re: Ping Troll Lady

Earlier today I posted a message to thank you, Kayman, for listing so much

helpful information.

When I checked half an hour later, my header had a horizontal line struck

through it with a corresponding message saying that my message had been

deleted from the server.

Regardless, I thank you once again for all the links.

Dave

"Kayman" <kayhkay~nospam~@gmail.com> wrote in message

news:ur79E7b7HHA.4436@TK2MSFTNGP03.phx.gbl...

> "Troll_Lady" <TLOne@DogAgent.com> wrote in message

> news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl...

>> my tests at grc shields up have always been 'stealth'. i have assumed

>> this was enough. i have a dsl modem connected to a router,

>

> It is suggested blocking both TCP and UDP ports 135 ~ 139 and 445.

> http://seconfig.sytes.net/

> (http://www.softpedia.com/progDownload/Seco...load-39707.html)

> Seconfig XP is able configure Windows not to use TCP/IP as transport

> protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139

> and 445 (the most exploited Windows networking weak point) closed.

>

>> plus a software firewall.

>

> 3rd party software fw are 'phoney-baloney' ware. Uninstall it and activate

> the WinXP in-build version.

>

> Is the XP SP2 firewall getting a raw deal?

> http://blogs.zdnet.com/Ou/?p=81

> How to Configure Windows Firewall on a Single Computer

> http://www.microsoft.com/technet/security/...p/cfgfwall.mspx

> "Personal Firewalls" are mostly snake-oil

> http://www.samspade.org/d/firewalls.html

> Deconstructing Common Security Myths.

> http://www.microsoft.com/technet/technetma...hs/default.aspx

> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

> Exploring the windows Firewall.

> http://www.microsoft.com/technet/technetma...ll/default.aspx

> "Outbound protection is security theaterâ€”itâ€™s a gimmick that only gives

> the impression of improving your security without doing anything that

> actually does improve your security."

>

>> if there is something further i need to do to protect myself, i want to

>> know about it.

>

> 1. Do not work as administrator, use a normal user account for day-to-day

> work.

> http://www.5starsupport.com/tutorial/hardening-windows.htm

> http://blogs.msdn.com/aaron_margosis/archi...OfContents.aspx

> 2. Keep your OS (and all software on it) current/patched/updated.

> 3. Re: IE and OE; Consider utilizing another browser application and

> e-mail provider.

> 4. Don't expose services to public networks.

> http://www.blackviper.com/WinXP/servicecfg.htm#

> http://www.ss64.com/ntsyntax/services.html

> http://www.beemerworld.com/tips/servicesxp.htm

> http://www.theeldergeek.com/services_guide.htm

>

>> xphome sp2, almost fully patched (last updates caused a system restore to

>> be needed and i've not been back since, so, i'm a month behind)

>

> Not good enough! See #2 above.

>

>> router (hopefully strong pw)

>

> "Hope" will not get you very far in terms of security.

> http://www.microsoft.com/protect/yourself/...ord/create.mspx

>

>> spyware blaster

>> ad aware

>

> Add: SuperAntispyware - Free

> http://www.superantispyware.com/superantis...efreevspro.html

>

>> avg free

>

> On-demand AV application (add it to your arsenal and use it as a "second

> opinion" av scanner).

> BitDefender10 Free Edition

> http://www.bitdefender.com/PRODUCT-14-en--...ee-Edition.html

>

>> za firewall

>

> Uninstall ZA! See comments above.

>

>> crap cleaner

>> custom security settings

>

> What are these?

>

>> safe hex

> http://www.claymania.com/safe-hex.html

>

> Read this also:

> So How Did I Get Infected Anyway?

> http://www.wilderssecurity.com/showthread.php?t=27971

>

> Now stay safe!

>

September 3, 2007

Re: Ping Troll Lady

"BoaterDave" <BoaterDave@nospam.invalid> wrote in

news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

> Earlier today I posted a message to thank you, Kayman, for listing so

> much helpful information.

>

> When I checked half an hour later, my header had a horizontal line

> struck through it with a corresponding message saying that my message

> had been deleted from the server.

Hi Dave. Your post arrived fine here. Just because one newserver cancels a

post doesn't mean they all will. Are you sure you didn't cancel it by

mistake?

--

Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

Email.: bughunter.dustin@gmail.com

Web...: http://bughunter.it-mate.co.uk

Pad...: http://bughunter.it-mate.co.uk/pad.xml

PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 3, 2007

Re: Ping Troll Lady

Dustin Cook wrote:

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

> news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>

>> Earlier today I posted a message to thank you, Kayman, for listing so

>> much helpful information.

>>

>> When I checked half an hour later, my header had a horizontal line

>> struck through it with a corresponding message saying that my message

>> had been deleted from the server.

>

> Hi Dave. Your post arrived fine here. Just because one newserver

> cancels a post doesn't mean they all will. Are you sure you didn't

> cancel it by mistake?

>

> --

> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

> Email.: bughunter.dustin@gmail.com

> Web...: http://bughunter.it-mate.co.uk

> Pad...: http://bughunter.it-mate.co.uk/pad.xml

> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

Dustin, please don't feed his paranoia. He probably clicked on the post

just as his modem reset the internet connection. Happens here all the

time. I just have to click on the post again and it downloads properly.

Barbara

September 3, 2007

Re: Ping Troll Lady

He was probably using Google mail to post. His post does not show up on the MS newserver(here) Posting under a new name "imbeady" when I checked Google against his previous IP stack. I have no idea why it does not show up here on the MS server. Unless Google mail is blocked for some reason.

--

Peter

Please Reply to Newsgroup for the benefit of others

Requests for assistance by email can not and will not be acknowledged.

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message news:Xns99A082105A0F4HHI2948AJD832@69.28.186.121...

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

> news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>

>> Earlier today I posted a message to thank you, Kayman, for listing so

>> much helpful information.

>>

>> When I checked half an hour later, my header had a horizontal line

>> struck through it with a corresponding message saying that my message

>> had been deleted from the server.

>

> Hi Dave. Your post arrived fine here. Just because one newserver cancels a

> post doesn't mean they all will. Are you sure you didn't cancel it by

> mistake?

>

> --

> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

> Email.: bughunter.dustin@gmail.com

> Web...: http://bughunter.it-mate.co.uk

> Pad...: http://bughunter.it-mate.co.uk/pad.xml

> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 3, 2007

Re: Ping Troll Lady

Peter Foldes wrote:

> He was probably using Google mail to post. His post does not show up

> on the MS newserver(here) Posting under a new name "imbeady" when I

> checked Google against his previous IP stack. I have no idea why it

> does not show up here on the MS server. Unless Google mail is blocked

> for some reason.

Shows up for me on the MS server?

Barbara

September 3, 2007

Re: Ping Troll Lady

"Barbara" <Tigger97055@hotmail.com> wrote in

news:u3dte6k7HHA.536@TK2MSFTNGP06.phx.gbl:

> Dustin Cook wrote:

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>> news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>>

>>> Earlier today I posted a message to thank you, Kayman, for listing

>>> so much helpful information.

>>>

>>> When I checked half an hour later, my header had a horizontal line

>>> struck through it with a corresponding message saying that my

>>> message had been deleted from the server.

>>

>> Hi Dave. Your post arrived fine here. Just because one newserver

>> cancels a post doesn't mean they all will. Are you sure you didn't

>> cancel it by mistake?

>>

>> --

>> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

>> Email.: bughunter.dustin@gmail.com

>> Web...: http://bughunter.it-mate.co.uk

>> Pad...: http://bughunter.it-mate.co.uk/pad.xml

>> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

>

> time. I just have to click on the post again and it downloads

> properly.

Okay.

--

Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

Email.: bughunter.dustin@gmail.com

Web...: http://bughunter.it-mate.co.uk

Pad...: http://bughunter.it-mate.co.uk/pad.xml

PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 3, 2007

Re: Ping Troll Lady

Hello Tigger! Are you the same Tigger as on Annexcafe?

BD

"Barbara" <Tigger97055@hotmail.com> wrote in message

news:u3dte6k7HHA.536@TK2MSFTNGP06.phx.gbl...

> Dustin Cook wrote:

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>> news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>>

>>> Earlier today I posted a message to thank you, Kayman, for listing so

>>> much helpful information.

>>>

>>> When I checked half an hour later, my header had a horizontal line

>>> struck through it with a corresponding message saying that my message

>>> had been deleted from the server.

>>

>> Hi Dave. Your post arrived fine here. Just because one newserver

>> cancels a post doesn't mean they all will. Are you sure you didn't

>> cancel it by mistake?

>>

>> --

>> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

>> Email.: bughunter.dustin@gmail.com

>> Web...: http://bughunter.it-mate.co.uk

>> Pad...: http://bughunter.it-mate.co.uk/pad.xml

>> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

>

> Dustin, please don't feed his paranoia. He probably clicked on the post

> just as his modem reset the internet connection. Happens here all the

> time. I just have to click on the post again and it downloads properly.

>

> Barbara

>

September 3, 2007

Re: Ping Troll Lady

I'm sure - no mistake.

Dave

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns99A082105A0F4HHI2948AJD832@69.28.186.121...

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

> news:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>

>> Earlier today I posted a message to thank you, Kayman, for listing so

>> much helpful information.

>>

>> When I checked half an hour later, my header had a horizontal line

>> struck through it with a corresponding message saying that my message

>> had been deleted from the server.

>

> Hi Dave. Your post arrived fine here. Just because one newserver cancels a

> post doesn't mean they all will. Are you sure you didn't cancel it by

> mistake?

>

> --

> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

> Email.: bughunter.dustin@gmail.com

> Web...: http://bughunter.it-mate.co.uk

> Pad...: http://bughunter.it-mate.co.uk/pad.xml

> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 3, 2007

Re: Ping Troll Lady

http://www.strikeitup.com/rencontre/boaterdave/

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:%23Gwq7pm7HHA.3716@TK2MSFTNGP03.phx.gbl...

I'm sure - no mistake.

Dave

September 4, 2007

"Troll_Lady" <TLOne@DogAgent.com> wrote in

news:uNSr3HH7HHA.5160@TK2MSFTNGP05.phx.gbl:

> hi, Tom.

> i do sub that group on this server.

> however, it doesn't show in any of my other Usenet accounts for some

> reason. my security questions to Dustin would be off topic here.

> thanks!

> TL

No problem. My apologies for posting off topic replies. You can always

email your questions if you'd prefer.

--

Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

Email.: bughunter.dustin@gmail.com

Web...: http://bughunter.it-mate.co.uk

Pad...: http://bughunter.it-mate.co.uk/pad.xml

PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 8, 2007

Re: Ping Troll Lady

thanks!

yes, i did go to your site and look at bug hunter.

i might add it.

it looks simple and does what it's meant to do.

TL

OH!

haha on making me nervous. i hadn't seen had so much as a tracking cookie in

a few years.

i was googling, had moderate safe search on, clicked w\o checking status.

picked up 13 trackers & 2 trojan d'loaders. slipped right through my active

x turn offs into my temp files. lesson learned, no matter how many years

being 'safe' never become so blaise' i won't forget the status bar check

again. LOL!

TL

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999F75E1EF697HHI2948AJD832@69.28.186.121...

> "Troll_Lady" <TLOne@DogAgent.com> wrote in

> news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl:

>

>> hi, Dustin,

>> thanks!

>> my tests at grc shields up have always been 'stealth'. i have assumed

>> this was enough. i have a dsl modem connected to a router, plus a

>> software firewall. (not much incoming on sw firewall, unless i'm using

>> my dial up, but all gets blocked when doing so. i use it to block my

>> games from going out).

>> from what i understand you to say above, the 'no response' is NOT good

>> enough? if so, howwhat do i configure for 'host unreachable' ? i'm

>

> I didn't mean to imply it's not good enough, it's just a distinction that

> can be used to determine if a computer is firewalled or actually isn't

> present. The only way I know of to achieve destination host unreachable

> is if the connection really is down.

>

>> not running a server. if there is something further i need to do to

>> protect myself, i want to know about it.

>

> It sounds to me like your doing a fine job already. I didn't mean to make

> you nervous.

>

>> i've used all grc tools to turn things off as recommended.

>> windows pop up stopper works pretty good so i've not installed any 3rd

>> party.

>

> Shameless Plug: you should add BugHunter to your list of scanning

> applications.

>

>> so, other than the windows updates i'm behind on, what else do i need

>> to do to protect my computer?

>

> By the sounds of it, you already are.

>

> --

> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

> Email.: bughunter.dustin@gmail.com

> Web...: http://bughunter.it-mate.co.uk

> Pad...: http://bughunter.it-mate.co.uk/pad.xml

> PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

September 8, 2007

Re: Ping Troll Lady

i followed directions at grc for turning off tcp\ip stuff that i don't need.

i dunno' or have forgotten exactly what but it concerned 'net bios' ?

ah.... my windows firewall won't block my games nor wmp from outgoing. i can

upload a screen shot of why i use a 3rd party fw. one session of listening

to wmp, it tried over 700 times to access the 'net.

i play some old macromedia flash games, i enjoy the games but certainly

don't want them calling out. they get through windows firewall but not za.

also, windows fw will allow only 1 Mirc. i run a few bots + my own personal.

za sees it as 1 mirc, which it is, windows sees it as a few and only allows

the first to connect.

i do have a user account but i have to be able to upload\d'load, be able to

access things on the 'net that i need my admin account for. i've made it as

strict as i can and still do what i need.

thanks for the links and i'll make sure to read them. if windows fw could be

configured the way i want, i would use it.

TL

"Kayman" <kayhkay~nospam~@gmail.com> wrote in message

news:ur79E7b7HHA.4436@TK2MSFTNGP03.phx.gbl...

> "Troll_Lady" <TLOne@DogAgent.com> wrote in message

> news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl...

>> my tests at grc shields up have always been 'stealth'. i have assumed

>> this was enough. i have a dsl modem connected to a router,

>

> It is suggested blocking both TCP and UDP ports 135 ~ 139 and 445.

> http://seconfig.sytes.net/

> (http://www.softpedia.com/progDownload/Seco...load-39707.html)

> Seconfig XP is able configure Windows not to use TCP/IP as transport

> protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139

> and 445 (the most exploited Windows networking weak point) closed.

>

>> plus a software firewall.

>

> 3rd party software fw are 'phoney-baloney' ware. Uninstall it and activate

> the WinXP in-build version.

>

> Is the XP SP2 firewall getting a raw deal?

> http://blogs.zdnet.com/Ou/?p=81

> How to Configure Windows Firewall on a Single Computer

> http://www.microsoft.com/technet/security/...p/cfgfwall.mspx

> "Personal Firewalls" are mostly snake-oil

> http://www.samspade.org/d/firewalls.html

> Deconstructing Common Security Myths.

> http://www.microsoft.com/technet/technetma...hs/default.aspx

> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

> Exploring the windows Firewall.

> http://www.microsoft.com/technet/technetma...ll/default.aspx

> "Outbound protection is security theaterâ€”itâ€™s a gimmick that only gives

> the impression of improving your security without doing anything that

> actually does improve your security."

>

>> if there is something further i need to do to protect myself, i want to

>> know about it.

>

> 1. Do not work as administrator, use a normal user account for day-to-day

> work.

> http://www.5starsupport.com/tutorial/hardening-windows.htm

> http://blogs.msdn.com/aaron_margosis/archi...OfContents.aspx

> 2. Keep your OS (and all software on it) current/patched/updated.

> 3. Re: IE and OE; Consider utilizing another browser application and

> e-mail provider.

> 4. Don't expose services to public networks.

> http://www.blackviper.com/WinXP/servicecfg.htm#

> http://www.ss64.com/ntsyntax/services.html

> http://www.beemerworld.com/tips/servicesxp.htm

> http://www.theeldergeek.com/services_guide.htm

>

>> xphome sp2, almost fully patched (last updates caused a system restore to

>> be needed and i've not been back since, so, i'm a month behind)

>

> Not good enough! See #2 above.

>

>> router (hopefully strong pw)

>

> "Hope" will not get you very far in terms of security.

> http://www.microsoft.com/protect/yourself/...ord/create.mspx

>

>> spyware blaster

>> ad aware

>

> Add: SuperAntispyware - Free

> http://www.superantispyware.com/superantis...efreevspro.html

>

>> avg free

>

> On-demand AV application (add it to your arsenal and use it as a "second

> opinion" av scanner).

> BitDefender10 Free Edition

> http://www.bitdefender.com/PRODUCT-14-en--...ee-Edition.html

>

>> za firewall

>

> Uninstall ZA! See comments above.

>

>> crap cleaner

>> custom security settings

>

> What are these?

>

>> safe hex

> http://www.claymania.com/safe-hex.html

>

> Read this also:

> So How Did I Get Infected Anyway?

> http://www.wilderssecurity.com/showthread.php?t=27971

>

> Now stay safe!

>

September 8, 2007

Re: Ping Troll Lady

hey, BD.

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:enCcxcW7HHA.1444@TK2MSFTNGP05.phx.gbl...

>I find that those who bottom post confuse me - those that both top and

>bottom post confuse me even more! <g>

<EG> you are easily confused. np..

>

> Have you tried Dustin's BugHunter programme, Li? I've heard that it's

> very good.

no, i haven't tried it yet. it's on my list of new toys to play with but

i've just not had time. i like the screen shots and the look of it. no extra

unwanted bells & whistles.

what is your oinion of it?

TL

>

> BD

>

>

September 8, 2007

Re: Ping Troll Lady

It found items that no on-line scanners had done - and removed the offending

'nasties'!

If Dustin now concentrates on making BugHunter more 'user fiendly' - perhaps

with a 'glossy coat' - he might well be on his way to making a fortune!

There sure is a need, IMO, for someone to help weed out the bad things

happening on the 'net nowadays! <g>

BD

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:G_2dnXsZS8j09H_bnZ2dnUVZ_g-dnZ2d@bright.net...

> hey, BD.

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:enCcxcW7HHA.1444@TK2MSFTNGP05.phx.gbl...

>>I find that those who bottom post confuse me - those that both top and

>>bottom post confuse me even more! <g>

>

> <EG> you are easily confused. np..

>

>>

>> Have you tried Dustin's BugHunter programme, Li? I've heard that it's

>> very good.

>

> no, i haven't tried it yet. it's on my list of new toys to play with but

> i've just not had time. i like the screen shots and the look of it. no

> extra unwanted bells & whistles.

> what is your oinion of it?

>

> TL

>>

>> BD

>>

>>

>

>

September 8, 2007

Re: Ping Troll Lady

You do realise that if a program wants out from your computer no firewall

that runs on the computer can stop it? The reason that some software

firewalls stop some malware is because the malware authors are too lazy or

don't know how to program around a firewall. Using software firewalls for

outbound security is false security.

--

Kerry Brown

Microsoft MVP - Shell/User

http://www.vistahelp.ca

"Troll_Lady" <TLOne@DogAgent.com> wrote in message

news:OPinlSf8HHA.464@TK2MSFTNGP02.phx.gbl...

>i followed directions at grc for turning off tcpip stuff that i don't

>need. i dunno' or have forgotten exactly what but it concerned 'net bios' ?

>

> ah.... my windows firewall won't block my games nor wmp from outgoing. i

> can upload a screen shot of why i use a 3rd party fw. one session of

> listening to wmp, it tried over 700 times to access the 'net.

>

> i play some old macromedia flash games, i enjoy the games but certainly

> don't want them calling out. they get through windows firewall but not za.

>

> also, windows fw will allow only 1 Mirc. i run a few bots + my own

> personal. za sees it as 1 mirc, which it is, windows sees it as a few and

> only allows the first to connect.

>

> i do have a user account but i have to be able to uploadd'load, be able

> to access things on the 'net that i need my admin account for. i've made

> it as strict as i can and still do what i need.

>

> thanks for the links and i'll make sure to read them. if windows fw could

> be configured the way i want, i would use it.

> TL

>

> "Kayman" <kayhkay~nospam~@gmail.com> wrote in message

> news:ur79E7b7HHA.4436@TK2MSFTNGP03.phx.gbl...

>> "Troll_Lady" <TLOne@DogAgent.com> wrote in message

>> news:epDBVsU7HHA.536@TK2MSFTNGP06.phx.gbl...

>>> my tests at grc shields up have always been 'stealth'. i have assumed

>>> this was enough. i have a dsl modem connected to a router,

>>

>> It is suggested blocking both TCP and UDP ports 135 ~ 139 and 445.

>> http://seconfig.sytes.net/

>> (http://www.softpedia.com/progDownload/Seco...load-39707.html)

>> Seconfig XP is able configure Windows not to use TCP/IP as transport

>> protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135,

>> 137-139 and 445 (the most exploited Windows networking weak point)

>> closed.

>>

>>> plus a software firewall.

>>

>> 3rd party software fw are 'phoney-baloney' ware. Uninstall it and

>> activate the WinXP in-build version.

>>

>> Is the XP SP2 firewall getting a raw deal?

>> http://blogs.zdnet.com/Ou/?p=81

>> How to Configure Windows Firewall on a Single Computer

>> http://www.microsoft.com/technet/security/...p/cfgfwall.mspx

>> "Personal Firewalls" are mostly snake-oil

>> http://www.samspade.org/d/firewalls.html

>> Deconstructing Common Security Myths.

>> http://www.microsoft.com/technet/technetma...hs/default.aspx

>> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

>> Exploring the windows Firewall.

>> http://www.microsoft.com/technet/technetma...ll/default.aspx

>> "Outbound protection is security theaterâ€”itâ€™s a gimmick that only gives

>> the impression of improving your security without doing anything that

>> actually does improve your security."

>>

>>> if there is something further i need to do to protect myself, i want to

>>> know about it.

>>

>> 1. Do not work as administrator, use a normal user account for day-to-day

>> work.

>> http://www.5starsupport.com/tutorial/hardening-windows.htm

>> http://blogs.msdn.com/aaron_margosis/archi...OfContents.aspx

>> 2. Keep your OS (and all software on it) current/patched/updated.

>> 3. Re: IE and OE; Consider utilizing another browser application and

>> e-mail provider.

>> 4. Don't expose services to public networks.

>> http://www.blackviper.com/WinXP/servicecfg.htm#

>> http://www.ss64.com/ntsyntax/services.html

>> http://www.beemerworld.com/tips/servicesxp.htm

>> http://www.theeldergeek.com/services_guide.htm

>>

>>> xphome sp2, almost fully patched (last updates caused a system restore

>>> to be needed and i've not been back since, so, i'm a month behind)

>>

>> Not good enough! See #2 above.

>>

>>> router (hopefully strong pw)

>>

>> "Hope" will not get you very far in terms of security.

>> http://www.microsoft.com/protect/yourself/...ord/create.mspx

>>

>>> spyware blaster

>>> ad aware

>>

>> Add: SuperAntispyware - Free

>> http://www.superantispyware.com/superantis...efreevspro.html

>>

>>> avg free

>>

>> On-demand AV application (add it to your arsenal and use it as a "second

>> opinion" av scanner).

>> BitDefender10 Free Edition

>> http://www.bitdefender.com/PRODUCT-14-en--...ee-Edition.html

>>

>>> za firewall

>>

>> Uninstall ZA! See comments above.

>>

>>> crap cleaner

>>> custom security settings

>>

>> What are these?

>>

>>> safe hex

>> http://www.claymania.com/safe-hex.html

>>

>> Read this also:

>> So How Did I Get Infected Anyway?

>> http://www.wilderssecurity.com/showthread.php?t=27971

>>

>> Now stay safe!

>>

>

>

September 8, 2007

Re: Ping Troll Lady

We agree on something at last, KB! <g>

BD

"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c a m> wrote in message

news:CC130224-0DB9-4722-9923-EBC63273D681@microsoft.com...

> You do realise that if a program wants out from your computer no firewall

> that runs on the computer can stop it? The reason that some software

> firewalls stop some malware is because the malware authors are too lazy or

> don't know how to program around a firewall. Using software firewalls for

> outbound security is false security.

>

> --

> Kerry Brown

> Microsoft MVP - Shell/User

> http://www.vistahelp.ca

<snip>

September 12, 2007

Hello again Li. Just wondering what you thought of Dustin's BugHunter

programme. Was it effective?

Could you - will you - recommend it to all the Annexcafe newsgroup members?

Perhaps even set up an anti-malware group specifically to advise on safety

when using the Internet nowadays. What do you think?

Dave

"Troll_Lady" <TL@DogAgent.com> wrote in message

news:e$oq6r95HHA.1188@TK2MSFTNGP04.phx.gbl...

>i hope he takes the time to learn before tossing out any more of his

> accusations.

>

> now, i think i'll go back on topic and go check out your BugHunter.

> TL

>

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns9998300FC8F1CHHI2948AJD832@69.28.186.121...

> "Troll_Lady" <TL@DogAgent.com> wrote in

> news:#wAwl8w5HHA.5164@TK2MSFTNGP05.phx.gbl:

>

>> correction. i am NOT the Administrator at Annexcafe.

>>

>> i'm sure if you did a google search, you could find many posts from me

>> on various MS groups over the years. long before you discovered the

>> 'net.

>

> MS didn't have newsgroups when I got on the net. grin

>

>> i keep my dial up account for my email address. it's been the same

>> address since 1998.

>

> I have a yahoo account that's older. LoL.

>

> Anyhow, I suspect the root of the problem is lack of understanding on

> the part of BoaterDave. with regard to what's going on inside the

> computer.

>

> I don't mean this as an attack on him as everyone has to start

> someplace. Eventually, I believe he will learn how various technologies

> work and be less inclined to form the conclusions that he has

> previously.

>

> --

> ####################################################

> Dustin Cook

> Author of BugHunter - MalWare Removal Tool - v2.2c

> Email: bughunter.dustin@gmail.com

> Web..: http://bughunter.it-mate.co.uk

> Pad..: http://bughunter.it-mate.co.uk/pad.xml

> ####################################################

>

>

September 12, 2007

I'm glad to have helped. style_emoticons/

"Troll_Lady" <TL@DogAgent.com> wrote in message

news:OeMqFDt5HHA.5360@TK2MSFTNGP03.phx.gbl...

> most isp's will add any news group to their list for Usenet if asked.

> that doesn't mean the owner of the server will agree to folks posting to

> the

> server FROM Usenet.

>

> in other words, Annexcafe groups are not really available on Usenet.

> they were added by folks requests to their isp's. most isp's will pop up a

> notice if you try posting to them. some don't, your post just floats

> around

> in cyberspace, never makes it to the Annexcafe server itself, never

> propagates to other servers.

>

> looking at bright.net list of groups, i see some Annexcafe groups that

> have

> been gone for years.

> i see some posts from back in 2005, when we first informed Gregory of

> Annex

> Technologies that groups from his private server, Annexcafe, were being

> carried on Usenet. i believe his lawyer took care of the problem. ty for

> bringing this remnant to my attention. i'll inform Gregory at once.

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:OHhLXTm5HHA.484@TK2MSFTNGP06.phx.gbl...

> Strangge things happen here, don't they?

>

> Looking here:

> http://www.giganews.com/newsgroup_search.h...cafe&go=Find%3E

>

> Most of the A/C sites aren't available. Are you willing/able to offer an

> explanation (as you are apparently using giganews). TIA.

>

> BD

>

> "Troll_Lady" <TL@DogAgent.com> wrote in message

> news:%23kk7x1l5HHA.980@TK2MSFTNGP06.phx.gbl...

>> oh dear.

>> who would want to imposter me?

>> a dilemma!

>>

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>> news:ewyw%23gl5HHA.5268@TK2MSFTNGP02.phx.gbl...

>> I can only surmise that you - Troll-Lady - are an imposter and not the

>> real Troll_Lady (aka Li) at all! style_emoticons/

>>

>> Hmmmm - but why on earth would you wish to obfuscate matters here in this

>> thread?

>>

>> I don't think these newsgroups are a safe place to play! <g>

>>

>> BD

>>

>> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

>> news:XtGdnTPldJuFQlPbnZ2dnUVZ_hadnZ2d@bright.net...

>>>i dunno.

>>> there are so many, it's hard to keep track.

>>> when you figure out my ip, let me know, k?

>>>

>>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>>> news:eXkj9RJ5HHA.4164@TK2MSFTNGP04.phx.gbl...

>>>

>>> I don't understand. Is this not really you, Troll Lady?

>>>

>>> NNTP-Posting-Host: oh-71-2-201-149.dhcp.embarqhsd.net 71.2.201.149

>>>

>>> I really am trying so hard to understand these matters. Your advice will

>>> be

>>> much appreciated. TIA.

>>>

>>> BD

>>>

>>>

>>

>>

>

>

September 13, 2007

Re: Ping Troll Lady

On Sep 3, 5:41 pm, Dustin Cook <bughunter.dus...@gmail.com> wrote:

> "BoaterDave" <BoaterD...@nospam.invalid> wrote innews:ujUFSzj7HHA.1208@TK2MSFTNGP03.phx.gbl:

>

> > Earlier today I posted a message to thank you, Kayman, for listing so

> > much helpful information.

>

> > When I checked half an hour later, my header had a horizontal line

> > struck through it with a corresponding message saying that my message

> > had been deleted from the server.

>

> Hi Dave. Your post arrived fine here. Just because one newserver cancels a

> post doesn't mean they all will. Are you sure you didn't cancel it by

> mistake?

>

> --

> Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d

> Email.: bughunter.dus...@gmail.com

> Web...:http://bughunter.it-mate.co.uk

> Pad...:http://bughunter.it-mate.co.uk/pad.xml

> PGP...:http://bughunter.it-mate.co.uk/bughunter.dustin.txt

Hi Dustin - you were right (again!) - I found it on Google Groups, so

I wasn' dreaming after all! <g>

BD

Thank you for all that excellent information, Kayman. I just wish I'd

read

it all two or three years ago when (I thought) I was adequately

protected!

<g>

The 'Crap Cleaner' programme to which Troll_Lady is, I believe,

referring

may be found here: http://www.ccleaner.com/

It is highly recommended by the 'helpers' (like yourself) over on A/C

User2User. I'm surprised that you are unaware of it.

I'd wecome your view of CCleaner (if you have one!) TIA

Dave

September 27, 2007

Re: Ping Troll Lady

Hello Li

"Troll_Lady" <TLOne@DogAgent.com> wrote in message

news:%23tXjnLf8HHA.4436@TK2MSFTNGP03.phx.gbl...

> thanks!

> yes, i did go to your site and look at bug hunter.

> i might add it.

> it looks simple and does what it's meant to do.

> TL

> OH!

> haha on making me nervous. i hadn't seen had so much as a tracking cookie

> in a few years.

> i was googling, had moderate safe search on, clicked wo checking status.

> picked up 13 trackers & 2 trojan d'loaders. slipped right through my

> active x turn offs into my temp files. lesson learned, no matter how many

> years being 'safe' never become so blaise' i won't forget the status bar

> check again. LOL!

> TL

I'd be most grateful if you would explain what programmes you used to

determine that you had inadvertently attracted two Trojan Downloaders onto

your machine. Did you actively seek to discover same or did your protection

pinpoint them automatically without your involvement? If the former, what

prompted you to search for them?

I'd also appreciate your advice on carrying out 'the status bar check' -

what is it? (Google didn't help me!)

TIA

BD

September 27, 2007

Re: Ping Troll Lady

Welcome back. How was the "cruise?"

--

Leo

Giving money and power to government is like giving whiskey and car keys to

teenage boys."

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:uqzLOCWAIHA.1204@TK2MSFTNGP03.phx.gbl...

> Hello Li

>

> "Troll_Lady" <TLOne@DogAgent.com> wrote in message

> news:%23tXjnLf8HHA.4436@TK2MSFTNGP03.phx.gbl...

>> thanks!

>> yes, i did go to your site and look at bug hunter.

>> i might add it.

>> it looks simple and does what it's meant to do.

>> TL

>> OH!

>> haha on making me nervous. i hadn't seen had so much as a tracking cookie

>> in a few years.

>> i was googling, had moderate safe search on, clicked wo checking status.

>> picked up 13 trackers & 2 trojan d'loaders. slipped right through my

>> active x turn offs into my temp files. lesson learned, no matter how many

>> years being 'safe' never become so blaise' i won't forget the status bar

>> check again. LOL!

>> TL

>

> I'd be most grateful if you would explain what programmes you used to

> determine that you had inadvertently attracted two Trojan Downloaders onto

> your machine. Did you actively seek to discover same or did your

> protection pinpoint them automatically without your involvement? If the

> former, what prompted you to search for them?

>

> I'd also appreciate your advice on carrying out 'the status bar check' -

> what is it? (Google didn't help me!)

>

> TIA

>

> BD

>

September 28, 2007

Re: Ping Troll Lady

Thanks for that Leo - 'twas a refreshing experience! style_emoticons/

Dave

"Leo" <ldontwant@anymail.com> wrote in message

news:OvrDVHWAIHA.4200@TK2MSFTNGP04.phx.gbl...

> Welcome back. How was the "cruise?"

>

> --

> Leo

>

> Giving money and power to government is like giving whiskey and car keys

> to teenage boys."

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:uqzLOCWAIHA.1204@TK2MSFTNGP03.phx.gbl...

>> Hello Li

>>

>> "Troll_Lady" <TLOne@DogAgent.com> wrote in message

>> news:%23tXjnLf8HHA.4436@TK2MSFTNGP03.phx.gbl...

>>> thanks!

>>> yes, i did go to your site and look at bug hunter.

>>> i might add it.

>>> it looks simple and does what it's meant to do.

>>> TL

>>> OH!

>>> haha on making me nervous. i hadn't seen had so much as a tracking

>>> cookie in a few years.

>>> i was googling, had moderate safe search on, clicked wo checking

>>> status. picked up 13 trackers & 2 trojan d'loaders. slipped right

>>> through my active x turn offs into my temp files. lesson learned, no

>>> matter how many years being 'safe' never become so blaise' i won't

>>> forget the status bar check again. LOL!

>>> TL

>>

>> I'd be most grateful if you would explain what programmes you used to

>> determine that you had inadvertently attracted two Trojan Downloaders

>> onto your machine. Did you actively seek to discover same or did your

>> protection pinpoint them automatically without your involvement? If the

>> former, what prompted you to search for them?

>>

>> I'd also appreciate your advice on carrying out 'the status bar check' -

>> what is it? (Google didn't help me!)

>>

>> TIA

>>

>> BD

>>

>

Sign In

The newbie's dilemma!

Recommended Posts

Guest BoaterDave

Popular Days

Popular Days

Guest Dustin Cook

Guest Kayman

Guest BoaterDave

Guest Dustin Cook

Guest Barbara

Guest Peter Foldes

Guest Barbara

Guest Dustin Cook

Guest BoaterDave

Guest BoaterDave

Guest BurfordTJustice

Guest Dustin Cook

Guest Troll_Lady

Guest Troll_Lady

Guest Troll_Lady

Guest BoaterDave

Guest Kerry Brown

Guest BoaterDave

Guest BoaterDave

Guest BoaterDave

Guest imbeady2@googlemail.com

Guest BoaterDave

Guest Leo

Guest BoaterDave

Join the conversation

Browse

Activity

Support