fubr
01-19-2005, 04:47 AM
It will take me some time to put together a file but for starters all who are freaking out over this shit start by doing this.
go into your advanced firewall settings and set the frirewall to ask permission for any program to access the web.
update spybot, adware spyblaster,
do NOT sign on as adminstrator on your NT machines,
create a limited account that will not let any changes be made to your machine unless you are signed on with admin priviliges.
USE a proxy server, Slows you down but will help masking your ISP and IP.
Disable ALL clients, protocols and services under your networkconnection that is HOT to the internet.
Internal networks only need the client and file and printer sharing shit ALL you need to get on line is TCP/IP. Thats for broadband espeasically
go to administrator tools and diable evrything except what you need to get on line.
If you have a dynamic IP (changes evrytime you get online) then disconnect frequently.
If you have a static ip then by all means USE a proxy server.
evry hit (incoming and out going) do a trace with your firewall and take notice to the destinations and ip's. do a whois and there will be a report abuse address.
this way people who have compramised machines will be notified of their problem by thier ISP and steps can be taken to fix there machine, Most of them probily never heard of DSSFTP or have a sattellitte receiver, they are just inocent internet browsers.
active ports to be used to see what ports are open so you can close them or the app....
hijack this is to be used to see what programs have hijacked you machine,NOT ALL HIJACKINGS ARE BAD IF YOU DO NOT UNDERSTAND THE PROGRAM CREATE A LOG FILE AND PASTE IT HERE.
I will tell you wich ones to disable.
If you are using dail up connection then set your modem to always dail when connection is not present and then get off line and open some programs to see if the connection box pops up. if it does then you have a program wanting to "call home"
you can pm me the hijack report if you want to keep it out of public view.
it will also generate a start up list to show you what all is loading at start up.
for now I would suggest removing all start up apps except the ones needed to operate and cut them on as needed.
3 places to look.
msconfig>start up.
admin tools>services> set to manual any services you dont need.
right click start>click on programs and select start up. delete all the shortcuts in that folder.
this is sketchy guys but it will help a little for more security.
anything you are not sure of set firewall to BLOCK!!!
if you find you need it then unblock later.
FUCK these assholes!!!!!!!
Use firefox if you got it.
here is a program that will tell you all open ports and what proggy is opening them. I seen one LIGHT up with 30 ports once and we got a call the next day from the ISP telling us we were spamming. We did not even have email on that machine.
go into your advanced firewall settings and set the frirewall to ask permission for any program to access the web.
update spybot, adware spyblaster,
do NOT sign on as adminstrator on your NT machines,
create a limited account that will not let any changes be made to your machine unless you are signed on with admin priviliges.
USE a proxy server, Slows you down but will help masking your ISP and IP.
Disable ALL clients, protocols and services under your networkconnection that is HOT to the internet.
Internal networks only need the client and file and printer sharing shit ALL you need to get on line is TCP/IP. Thats for broadband espeasically
go to administrator tools and diable evrything except what you need to get on line.
If you have a dynamic IP (changes evrytime you get online) then disconnect frequently.
If you have a static ip then by all means USE a proxy server.
evry hit (incoming and out going) do a trace with your firewall and take notice to the destinations and ip's. do a whois and there will be a report abuse address.
this way people who have compramised machines will be notified of their problem by thier ISP and steps can be taken to fix there machine, Most of them probily never heard of DSSFTP or have a sattellitte receiver, they are just inocent internet browsers.
active ports to be used to see what ports are open so you can close them or the app....
hijack this is to be used to see what programs have hijacked you machine,NOT ALL HIJACKINGS ARE BAD IF YOU DO NOT UNDERSTAND THE PROGRAM CREATE A LOG FILE AND PASTE IT HERE.
I will tell you wich ones to disable.
If you are using dail up connection then set your modem to always dail when connection is not present and then get off line and open some programs to see if the connection box pops up. if it does then you have a program wanting to "call home"
you can pm me the hijack report if you want to keep it out of public view.
it will also generate a start up list to show you what all is loading at start up.
for now I would suggest removing all start up apps except the ones needed to operate and cut them on as needed.
3 places to look.
msconfig>start up.
admin tools>services> set to manual any services you dont need.
right click start>click on programs and select start up. delete all the shortcuts in that folder.
this is sketchy guys but it will help a little for more security.
anything you are not sure of set firewall to BLOCK!!!
if you find you need it then unblock later.
FUCK these assholes!!!!!!!
Use firefox if you got it.
here is a program that will tell you all open ports and what proggy is opening them. I seen one LIGHT up with 30 ports once and we got a call the next day from the ISP telling us we were spamming. We did not even have email on that machine.