Re: Full Control to Users programmatically

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

On Mon, 12 Feb 2007 13:52:01 +0100 (CET), DanS
<t.h.i.s.n.t.h.a.t@xxxxxxxxxxxxxxxxxxxxx> wrote:

<snip>

Sure enough, my XP box became totally infected - well within 30 mins -
not a problem as I use Partition Magic Drive Image.

Totally infected with what ? While doing what in that < 30 minute's ?

The Sasser exploit was the first worm that didn't require the user to
activate something, that an infection could occur just from being online.
I'm not sure if there have been any since.

I just don't buy it. If you are running a 'totally patched' XP, why would
this happen ? This would mean virtually all dial-up users are succeptable
to this, which I believe is still 70% of internet users. you would have
to have had some ports open and waiting for connections, or had
file/print sharing bound to the USB interface.

My XP is not fully patched and it does not have a firewall

Normally it hides behind an ADSL Router running off the network, since
that router has all ports turned off, I have an effective hardware
firewall.

For what it is worth, the concept of a software firewall strikes me as
spurious - if I were malign then that would be the first thing I would
target.

I was aware that my machine would be compromised, I had been warned,
but I just wanted to prove that the ADSL line was working and I knew I
could restore an image.

I've no idea what got in there, but I am sure that the machine was a
mess.

If you want an idea of the type of assaults have a look at Steve
Gibson's site at: www.grc.com
He also has a very useful port prober that checks out your machine
online.

I would not be at all surprized if the majority of home machines were
compromized.
.

Relevant Pages

  • Problems Connecting to Servers
    ... I am having major issues with connecting to online servers to play all sorts ... just fail to connect to online versions of games altogether. ... everything I have seen or know to try, including: allowing ports in Windows ... Firewall, turning Windows Firewall off altogether, opening ports on my ...
    (microsoft.public.windowsxp.games)
  • Re: port scanning
    ... > via dialup, my antivirus is up to date, i am running a ... > addresses tring to access the same ports every time i ... > sign online. ... Let your firewall do its thing and ...
    (microsoft.public.security)
  • Can Zone Alarm hide/stealth more ports
    ... When I run any of the firewall checks available online, ... response that the main ports are hidden/invisible/stealthed but that ... lots of other ports are merely closed, ...
    (comp.security.firewalls)
  • Re: open port?
    ... Use a good firewall all the time while online -- www.zonelabs.com ... The firewall will block, close, hide ports. ... > Symantec trojan horse check says I have an open port-12076 GJammer. ...
    (microsoft.public.windowsxp.general)
  • RE: FreeBSD Mail Server
    ... On Thu, 2005-02-17 at 11:15 -0800, Robert Kim, EVDO-Coverage, Verizon ... Where else can I find this kind of detailed info online?? ... > inetd is not the right way to start these ports. ... I don˙t know if it matters but I am trying to setup ...
    (freebsd-questions)