Me Short Break Home Page Decent Talk Home Page

pfaucher@e-z.net http://www.pipeline.com/~radspot/sbindex.htm http://eaglegraphics.net/decenttalk/

Hope everyone had a happy Mother's Day! My present to all the moms (ok...and dads) is the following letter I received from my buddy, Pat.

Want the short version? OK...go here and check out the vulnerability of your computer. Then go here and download the free firewall that will offer big protection. I did it. It was fast, easy to install, and within 36 minutes had caught the first culprit trying to access my home computer. Next...the long version:

Hi friends: 
  
(this is a mass mailing, but only your address will be shown on your mail)
  
   Starting just before five PM day before yesterday, my firewall,
ZoneAlarm, began with the first of 72 sequential reports, from what
appeared to be a sophisticated hacking and port-scanning program
attempting to find an open port on my computer system through the internet.
These attempts continued until well after seven PM, in fact, almost until
eight PM, occurring every two minutes, .04 seconds, with metronomic
regularity. And even though I contacted the ISP in Iowa where the attacks
were coming from one of its users, nothing was done to stop those attacks
by the ISP at the time. I got my ISP involved, and then the police, who
seemed more than interesed, and who were to have turned the matter over to
the Arizona Attorney General's office for investigation. I used PrintScreen
to screen-capture almost every event as it happened. I used Sam Spade to
determine to whom the IP block belonged from which the offending attacks
came. Following that, I used the information gained from Sam Spade to get
the URL for the Iowa ISP, and opened their website up to find a phone
number to call.  Eventually, in about fifteen minutes or so, I was able to
contact a "technical" representative of the Iowa ISP.
  
   That's as far as I got with them - at that time. The so-called tech
support person refused to call her superior and notify him (whose name I
now have, and with whom I have had several communications) of the on-going
attack. She had me email the abuse@blahblah.net (not the real name) with a
report to them, and said there was nothing else she could do. It later
developed, after a call I made the next day, that not only was she supposed
to call the supervisor, but any tech working for them is supposed to call
the supervisor any time of day or night when it's demonstrated to them that
hacking is originating from one of their IPs. She did not. From the
polite, but descriptive language used by her now-irate supervisor, I have
to assume she may not feel too well today. In her shoes, I wouldn't.
  
   My own ISP cooperated quite well with me, and I was kicked up to a
supervisor almost instantly. They contacted the Iowa ISP too. They also
verified the fact that someone from the IP I gave them was attempting to
scan my system - though unsuccessfully. They even pinged my IP to see what
result they would get. They got none. The only reason they knew I was
online was that they could ascertain through their servers that I was
connected, and at what IP address. But they could not, in any way, contact
my computer system through an external source. To all intents and purposes,
it is invisible to the web. That's due in whole to the firewall protection
I now use.
  
   I have a network of four computers and am using Windows 98, Second
Edition, allowing any computer on the network access to the web though
the modem on the main machine. This means, in part at least, that if my
system were not protected by a firewall, that someone on the web could
access any of those four machines, when they were connected to the
network - which isn't all the time, but is often. I plan to put two more
machines on the network when we move into the new office. That will - or
would have, before the firewall was installed - expose 6 computers to the
dangers of hackers on the web, any time I was connected, whether through a
dialup connection, a cable connection, or a DSL connection.* At the moment,
I am using dialup. Dialup connections are no less vulnerable to hack attacks
than DSL or cable connections, other than the fact that they aren't always
online, as DSL and cable connections are.
  
   About a year ago, I started using a program called NetBus Detective, and
another called BOShield, in an effort to stop hack attacks. NetBus
Detective began showing me attempts on my system immediately. For some time,
I thought it was adequate to protect the system, until I saw several times
that it had been hammered hard enough to fail. BOShield is merely software
that prevents hackers from using a trojan called Back Orifice (back door,
in other words) from automatically connecting to a remote server from one's
computer.. and to do that, the trojan has to be ON one's computer. Since I
keep updated (weekly or more often) anti-virus software running at all
times, I never got the BO trojan. But nevertheless, as I describe below, I
learned fairly quickly that my system was still vulnerable to hack attacks.
I had to change that...and I did.
  
   I learned about ZoneAlarm from one of the subsciptions to various
information (or intelligence) lists I am a member of. Then I investigated
it. I also went to a website that checks, via the web, the vulnerability of
the computer you are running a connection to the internet from, to a
hacker. That was an education, believe me. My system was open to the web,
and I didn't even know it, thinking my NetBus Detective and BOShield were
protecting me. They weren't. That site recommended five different firewall
software solutions, but also said that as far as they were concerned,
ZoneAlarm was far and away the best, and easy to use.
  
   Since installing ZoneAlarm, I have seen, on average, 8 to 10 attempts
a day, and at a few times, more than that an hour, to connect to my system.
Now, folks, that's scary. It's even scarier given the fact that I use
a dailup connection!
  
   Why am I telling you all this? Simple: I know that most of you DON'T
have much, if any, protection from hackers. Not having any, you don't know,
because you can't see, when or if an attack has occurred on your computer.
Believe me, some already have... and you may not even have a clue that
someone has been looking through all of your private files, maybe 
downloading your passwords to various websites or IRC passwords...or even
credit card information if you have used your credit card to buy on the web.
Are you listening? I hope so, for your sake.
  
   Recently, hackers around the world have begun to get serious about
messing with people and companies on the web. You already know that...
that's not news. But what the media, and most of the websites that advise
you on webstuff aren't telling you is: the hackers are going after you and
me, too...seriously. How can you prevent access to your machine?
  
Just two ways:
  
1. Don't turn it on, and never use the web for anything, not even email.
2. Get protection by installing a firewall.
  
   Let's look at 1. for a second; you aren't gonna do that, now, are you?
Nope; and that brings something else to mind. There are now email
viruses that don't even require that you open an attachment. All you have
to do is to click on (highlight) the incoming email. Uh OH...big time.
And as if THAT wasn't enough, there are several other ways to get
viruses. If you use Internet Explorer, and until recently RealRadio, those
two programs can and do attempt to access the web invisibly.. that is,
without your knowledge. YES, they do. I know, because I have had IE
attempt to gain access when I didn't even have it open!** ZoneAlarm notified
me it was attempting to access the web, and gave me the option of preventing
that access. And, you bet, I prevented it. There are quite a few more
software packages you can download that do the same thing...about 300 of
them. Can you prevent them from accessing the web? YES.
  
   Go to number 2. Get a firewall. Specifically, get ZoneAlarm...it's free
for personal use, it works well, and it's extremely simple to install and
use. A firewall can prevent those hackers from stealing your privacy.
  
  Oh...I forgot to mention...the Iowa hacker ain't hackin' from that ISP
any more. ZoneAlarm and PrintScreen (for documentation), my emails,
telephone conversations, and the ISPs themselves, put a crimp in his
style...at least for a day or two, until he gets another ISP; and he may.
They usually do.
  
Shields Up! - the website that gives you the means to check the security
of your system. Try it. I hope it scares you into visiting the ZoneAlarm
site, if you haven't already done so.
  
ZoneAlarm - Remember, it's free, and it works.
  
   I DO NOT WORK FOR Zone Labs. I don't even know anyone who does. But I do,
in a sense, work for you, my friends, family, and associates. I want you to
be as protected from hack attacks as I am, if not more...and if you learn
how to be more protected, please tell me.
  
Pat

"Summary: The alert you received, 'access blocked (incoming)', has the
following meaning: ZoneAlarm has blocked an incoming request to your
computer. This could indicate that an unauthorized party is trying to gain
access to it, or obtain information about your network."

  
     Pamela K. Faucher
   Coldwell Banker Residential Brokerage
~ Planet Earth ~ Without Borders ~ 

Back To Top