Posted on 05/16/2004 11:48:47 AM PDT by freedumb2003
I have been getting an inordinant number of attacks on my system. They are on ports 666 and 3049.
I have Norton intercepting these attacks, but I am not well-versed ebough on firewalls and the like to know what exactly is going on. The whois for most of them go back to my ISP (SBC). Interestingly, a few have come from Denmark, where the prince just got married to that commoner.
Is anyone else getting this kind of thing -- like there is a virus running around?
Some other things to check:
1) Is a black helicopter hovering overhead?
2) When you talk on the phone, do you hear an echo?
3) Did the foil shielding fall off of your hub, router, or modem?
4) Do you randomly get "ECHELON DISK FULL, PLEASE WAIT" messages while using your computer?
The number "666" has obvious connotations. For this reason, it was chosen as the port number for "Doom", a popular 3D "first person shooter" game of the mid-1990s. Because of the cool connotations, this port number has also been chosen for numerous Trojan Horse/backdoor programs.
So maybe you have Doom running. If not, your port is opened. Close it. Either get a firewall ($50 and up), use Windows XP's built in one, or install on.
Port 3049 is for Network File System. You probably need neither.
The only safe method of operation is to close ALL ports by default, and open only the ones you need to use, and then only for the specific programs that use them. Oh yes, and terminate Microsoft Outlook with extreme prejudice.
What you need is Duct Tape, Plastic Sheeting, Fill your bathtub with water and check the batteries in your flashlight and radio.
Why terminate Outlook? What does it do?
It's a walking security hole... do a Google search on Outlook security if you want details, lots and lots and lots and lots of details.
If you do use Outlook, make sure get ALL of the Microsoft patches for it. I would also strongly recommend that you turn off all scripting and Java in it.
Yes about 200,000,000 world wide. If you are running Norton, you have chosen wisely.
Go to your incoming log, find the incoming hits open up your security menu and chose to block the addresses forthwith.
And as it has been stated, close your ports if need be and open them up as needed.
I was looking for all that -- I was hoping for something specific.
I am using Norton Firewall and XP firewall. This was a strange set of attacks that have subsided. Just looking to see if it was systemic or if it was just me.
Looks like my paranoia was right -- or they saw my FR post and got scared! Thank goodness my duct tape kept my system secure!
I have Road Runner and ezArmour firewall and virus protector. So far today, I have had three failed attempts to access my computer. Firewalls are GREAT!
1. Security Test
2. Virus Scan
3. AVG AntiVirus
4. Zone Alarm
5. Search& Destroy
6. Ad-Aware
I forgot the most important hint...
UPDATE UPDATE UPDATE!
At least once/week check for updates for Microsoft , antivirus, everything! This is a war between you and the (mostly script-kiddie) virus makers.
But there are also deliberate attacks by foreign forces also attempting to shut us down.
WARNING! Unplug the electrical cord before placing CPU in tub.
Immediately update your anti-virus software and run a full virus scan. You likely have a trojan horse or zombie virus that is taking over your computer. Download and install Zone Alarm---a free firewall program.
Physically disconnect your computer from the Internet by pulling the phone cable or network line until you have run a full virus scan and do not reconnect until you have Zone Alarm installed and running.
ping
Go to www.zonelabs.com and download & install their free firewall. It is totally adequate for personal use and works divinely.
The best fix is to first cover your head in aluminum foil, and then take the largest magnet you can find and run a couple dozen times over your hard drive. the foil protects your brain from damage, while the magnet pulls all the virus from your computer.
whatever you do, dont say "666" outloud or you will summon demons instead.
I did the security test. All the info they had on me was wrong, and they couldn't crack anywhere into my system. Got a thumbs up :-)
I'm doing the virus scan from trend micro now. Taking forever to download, though. Maybe the site is getting a lot of hits.
Thanks for the info. This is a new computer. I had nothing but problems with my HP.
While software products are ok, I ended up installing a Linksys router to act as a firewall. I have it set to block all incoming connection requests. On top of that, I have ZoneAlarm running to intercept any unexpected outbound connection requests. I also switched to the Eudora email program, just because the Microsoft products are such targets. With those precautions and Norton Antivirus scanning all incoming/outgoing email and my hard disk, I feel pretty safe. At one time I used to look in the logs at all the connections attempts that were being made and felt like my system was under seige. Now I've come to realize that it's just part of being connected to the internet and with proper precautions, not a big deal.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.