Safe Surfing

[RHS]

And I thought my computer was secure. When I installed ADSL, I did my security homework and thought I was practising safe surfing.

After being 'unwittingly taken' to a 'Download Site' (you know the sort, which I left so quickly as I was shocked to see it display my C:\ directory!) I investigated further.

Previously,
I had disabled Universal Plug n Play (UPnP), (NOT Plug n Play, you must keep that).
I use IE6 and had blocked third party cookies, Tools > Internet Options > Privacy > Advanced Privacy and Blocked Third Party Cookies.
Every Windows Update has been installed.
To keep all my programs up to date I use CatchUp - CNET.com
http://catchup.cnet.com/catchup/cu/setup/setup.html?tag=st.cu.cu_fdx.txt.cu_nu

I use ZoneAlarmPro, McAfee, Pop-up Stopper & AdAware. All activated, up to date and configured to a high level of security.

I tried half a dozen other firewall testers which all reported I was secure. I knew otherwise!
But then I tested it with the following utility from Sygate Technologies, Inc. Use all 5 scans (the sixth scan, ICMP, was not enabled yet)
http://scan.sygatetech.com/preicmpscan.html

It discovered that a port 5000 was open. How could that be when that is what UPnP uses and I had shut mine? Quite simple really. It was open on a 'client' computer networked to mine. I thought that was safe as it is only connected to the network through mine (ICS, Internet Connection Sharing) but that was the 'back door' to my C:\.!

Don't think, "I'm all right, I don't use XP, it's not only XP that has UPnP, ME 98SE and 98 do too! However it may (thankfully) be turned off on those systems.

You can turn find out if it's switched on and optionally turn UPnP off (or on!) with the following very simple utility from Gibson Research Corporation (GRC).
http://grc.com/files/UnPnP.exe

(For) now my system reports as secure, however, on checking my ZAPro > Current Alerts, in the last 48 hours, it has registered 73 events! I'm sure most were harmless, but sooner or later........

Rgds
RHS

 

[Lonman]

Don't fear the reaper man. I can 'see' your C:\ drive too... check it out here:

The boogie man - not!

In IE, go to View> source, and you'll see how I 'see' you. In reality, you're the only one that can see what you're looking at. Here's the code:

<iframe src="file:///C|/" height=350 width=800 marginwidth=0 marginheight=0 scrolling=no frameborder=0 vspace=2></iframe>

A good firewall and a decent anti-virus is a must, no doubt.

 

[Lactic.Acid]

One thing that would be worth doing is removing/reinstalling ZoneAlarm, and make sure you install it in a "connection sharing" schema, and make sure you choose server/client properly during the setup process. Then the computers all coordinate the firewalling operations, etc. and make sure ALL your computers are updated.
/Lactic

 

[RHS]

Thanx for the advice Lactic.Acid.
I built an setup both computers myself. Then installed XP following all the advice on Abit KG7raids from Paul's Unoffical site, then ZApro as you have suggested above. Being on ADSL and allowing XP & McAfee to Auto update themselves hopefully keeps me partly ahead of the game.
For those that are interested AdAware has a new Ref file update, 041-02-02-2002.

RHS