1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Security check

Discussion in 'Virus & Other Malware Removal' started by skyman, Oct 19, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. skyman

    skyman Thread Starter

    Joined:
    Jan 30, 2001
    Messages:
    1,234
    I don't want to seem paranoid but I am running Win 98 and have a dialup connection and ZoneAlarm.

    I ran a quick port security scan at Sygate and it said:

    secure shell open = SSH-2.0 - Open SSH 2.5.2p2

    I ran a stealth scan and it shows SSH port 22 and Web Proxy
    port 8080 are shown open.

    Ports 20, 21, 23, 25, 53, 59, 79, 80, 110, 113, 493, 1080, and 59848 showed clear but Sygate says:

    They have responded to search and it is possible for someone to crash my computer through known TCP/IP stack vulnerabilities.

    When using Gibson Research, "Shields up" it shows all my ports as "stealth" and no problem.

    I went to Auditmypc.com and when doing a stealth search it showed that:

    TCP port 22 adare SSHD.shaft.SSH remote login protocol was open and that trogans are commonly found to be running on this port.

    All this is greek to me and when I installed Zonealarm I assumed I would be free from any invasion, and probably I am, but could someone tell me if there is anything else I need to do to keep my computer safer from invasion than it is now.

    Thanks...
     
  2. NiteHawk

    NiteHawk

    Joined:
    Mar 9, 2003
    Messages:
    4,699
    Skyman, can you give me the link to where you did the port scan?

    Thanks
     
  3. skyman

    skyman Thread Starter

    Joined:
    Jan 30, 2001
    Messages:
    1,234
  4. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,242
    Hi Skyman,

    I use 98 and ZA (via cable) and I did the quick, and the stealth scan, and came up perfectly protected. Have you checked the ZA settings, or maybe you have an older version than me. I've got v.3.7.211 (free version)

    Any help..?

    Cheers

    Liam
     
  5. skyman

    skyman Thread Starter

    Joined:
    Jan 30, 2001
    Messages:
    1,234
    I have the same version, v.3.7.211, and I checked my setup and did not have mailsafe checked. I checked it and will run scans again. My trusted sites are set to medium and all else is set to high.
     
  6. skyman

    skyman Thread Starter

    Joined:
    Jan 30, 2001
    Messages:
    1,234
    An update:

    On rerunning "quick scan" I got results from scan of "commonly used trojans" at my TCP/IP address. Ports shown closed were:

    1234--1999-6776-7789-12345-31337-54320-54321

    Yet It says that it is possible for someone to crash my computer through known TCP/IP stack vulnerabilities, for each port shown.

    On rerunning the "stealth" scan, I get the same as reported in my previous post.

    I ran a "trojan" scan and it showed port 8080 is open and possible trojan, Ring Zero. It also showed port 9876 is open and possible trojan, Cyber Attacker.

    I have NAV and run regular antivirus scans and find nothing.

    Is their anything to these scans or is Sygate just trying to sell it's firewall?

    Thanks...
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,185
    First Name:
    Derek
    check the IP it is scanning is your computer and not your ISP's proxy server, that is common for many online scans
     
  8. NiteHawk

    NiteHawk

    Joined:
    Mar 9, 2003
    Messages:
    4,699
    Thanks for the link. On two pc's running Win98 SE and ZA Pro I ran all scans and each and every one came back with a clean report. (y)

    You may have to go into ZA and do a little tweaking.
     
  9. TOGG

    TOGG

    Joined:
    Apr 2, 2002
    Messages:
    5,856
    You could get a second opinion by running the firewall test at Hackerwhacker http://www.hackerwhacker.com/

    I did it some time ago and it was very thorough indeed and, because I had a firewall (ZA), it took nearly half an hour. Because I had problems with my ISP's proxy I had to enable my telnet program to get scanned. The first scan is free and you get an e-mailed report as well. If you do try it, disable the alert popups in ZA (if you haven't already done so) and use the Options tab to limit the size of the ZA log, unless you don't mind how big it gets. Also, if you have to use telnet, remember to close it afterwards.

    You don't say which anti trojan program you used but, subject to the outcome of any other scans, you could try Trojan Remover from http://www.simplysup.com It's free for 30 days and can be set to scan the usual launching places for trojans or the complete HDD.
     
  10. buckaroo

    buckaroo

    Joined:
    Mar 25, 2001
    Messages:
    3,334
  11. skyman

    skyman Thread Starter

    Joined:
    Jan 30, 2001
    Messages:
    1,234
    Thanks for all your help. TOOG, I ran your site and installed
    the trogan remover and ran a complete scan of C and nothing there.

    buckaroo, I ran blackcode and all ports closed.

    I think too many scans from too many sites can make you a little paranoid..

    I think that, from what I can see, I am free from any trogans.

    I really thank you for your advice...
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/173218

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice