and yet another threat

Started by kinmel, Aug 29, 2011, 08:57:58

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

kinmel

It appears that worm is spreading across the net this weekend .... http://www.theregister.co.uk/2011/08/28/morto_worm_spreading/


Use Gibson Research's free on-line test  "Shields Up" to check you are safe from this worm  ...  https://www.grc.com/x/ne.dll?bh0bkyd2.

Accept the safety messages and "proceed", then enter 3389 on the next page and select "User specified custom port probe".  The results are clearly explained.

For a full check select "All service ports" instead.
Alan  ‹(•¿•)›

What is the date of the referendum for England to become an independent country ?

Technical Ben

Test says I'm stealthed. Which is nice.
AFAIK there are 3 results.
1) Stealthed. Best result. It means your computer does not even reply to the request such as "is anyone there" so the virus/attack does not even know if you are there.
2) Blocked. The second best result. The computer tells the attacking PC, "No". But from this, the attacker at least knows you are there now. :P
3) Fail. The attack is accepted and processed by the computer.
I use to have a signature, then it all changed to chip and pin.

davej99

Quote from: kinmel on Aug 29, 2011, 08:57:58
It appears that worm is spreading across the net this weekend .... http://www.theregister.co.uk/2011/08/28/morto_worm_spreading/

Use Gibson Research's free on-line test  "Shields Up" to check you are safe from this worm  ...  https://www.grc.com/x/ne.dll?bh0bkyd2.

Accept the safety messages and "proceed", then enter 3389 on the next page and select "User specified custom port probe".  The results are clearly explained.

For a full check select "All service ports" instead.

Thanks for that, Alan, especially the grc link.  :karma:

Not being at all expert in these matters, the grc site is both informative and reassuring. I seem to be stealthy, perhaps more by luck than judgement. Thanks for alerting us to the remote desktop protocol vulnerability and the grc test facility.

Dave

davej99

This is probably a naive question, but the GRC site tells me I have a unique machine name. It looks like cust###-dsl**-***-**.idnet.net where **-***-**-### is my unique IP address. I guess this is just a name derived from my IP address and it does not represent any exposure. Though I wonder who creates it. As GRC say "it can be used to persistently identify you as long as you use this ISP" and this has always bothered me a bit. :dunno:

Cheers, Dave.

Rik

IDNet generates the hostname, you can view it in your profile.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

davej99

Thanks, Rik.

Does the name it have to contain the IP address and could this name be varied? There is so much data gathered by the search providers and others that it is hard to be legitimately private; that is, not bombarded by targetted advertising. I delete all cookies, pages, history etc when closing IE, but I still feel I am being data mined. :eek4:

(How are you BTW, haven't spoken to you in ages?)

Rik

Hi Dave

AFAIK, IDNet will not provide custom host names within the basic service, but if you have a domain registered, you could ask them to alter the DNS records to point to that - though there may be a charge.

I'm fine, thanks, enjoying my semi-retirement but unable to stay away completely. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Inkblot

Long time ago now but IDNet did provide a reverse DNS for me when I was running my own mailserver. I simply put the MX record into DNS and they changed the reverse DNS to match, this was a few years ago but there was no charge at the time.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

I didn't like to mention it. ;D
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.


pctech

Fully stealthed here too and all non essential services are disabled.




Rik

Those passwords are just asking for trouble, aren't they.  ;D
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Lance

Quote from: Inkblot on Aug 29, 2011, 11:49:46
Long time ago now but IDNet did provide a reverse DNS for me when I was running my own mailserver. I simply put the MX record into DNS and they changed the reverse DNS to match, this was a few years ago but there was no charge at the time.

I had my rDNS changed for the same reason about 4/5 months back and there was no charge at that time either.
Lance
_____

This post reflects my own views, opinions and experience, not those of IDNet.

sparkler

* sparkler tries logging into idnetters accounts using the password 12345 XD

Technical Ben

Forumites go on a pub crawl thanks to sparklers generosity and banking details...

;)
I use to have a signature, then it all changed to chip and pin.