|
PureBytes Links
Trading Reference Links
|
<x-html><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META content="MSHTML 5.00.2721.2900" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT size=2>
<P>Protect your Windows PC with Steve Gibson's 'Shield's UP!' - WinInfo (Paul
Thurrott)</P>
<P>Every once in a while something profoundly useful just appears in front of
<BR>me and Steve Gibson's latest triumph, a Web-based Windows security
checker<BR>called "Shield's UP!" is such a thing. This wonderful utility not
only tell<BR>you when something is wrong with your computer's security settings,
it will<BR>also tell you how to fix it. I can't recommend this site enough: If
you're<BR>using a Windows PC to connect to the Internet, you *need* to visit
Shield's<BR>UP!<BR><BR> "I was tightening up the security of a new DSL
connection. Out of curiosity<BR> I did a quick scan of the IP
addresses in my IP 'neighborhood' and was<BR> *shocked* by all of
the port 139's that were open," Gibson says. "That<BR> started me
wondering how big this problem was... and 'ShieldsUP!' is the<BR>
result!"<BR><BR>Steve's site includes a wealth of information, tips, how-to's
and even some<BR>cool utilities that make it easy to enable and disable the
Client for<BR>Microsoft networks component, which he describes as the most
dangerous<BR>software you can have on an Internet-connected PC. Gibson ties the
problem<BR>to Microsoft's NetBIOS technology, which was never designed to
interoperate<BR>with the global Internet.<BR><BR>"This feels like the very early
days of software viruses, when people<BR>weren't taking precautions, weren't
aware of, and didn't understand the<BR>problem," he says. "So, I decided to
provide some tools to help people<BR>appreciate and deal with this growing
problem."<BR><BR>Drop whatever you're doing (including reading this!) and head
over to Steve<BR>Gibson's excellent Shields UP! Web site. You'll be happy you
did:<BR> <A
href="http://grc.com/x/ne.dll?bh0bkyd2";>http://grc.com/x/ne.dll?bh0bkyd2</A></P>
<P>___________________________________________________________________________<BR><BR>WinInfo:
Windows news and information -- Copyright (c) 1995-9 Paul Thurrott<BR>Visit
WinInfo on the Web at WUGNET: <A
href="http://www.wugnet.com/wininfo";>http://www.wugnet.com/wininfo</A><BR>___________________________________________________________________________<BR></P>
<P>
<TABLE border=0 cellPadding=0 cellSpacing=5 width="85%">
<TBODY>
<TR vAlign=top>
<TD width=33><IMG border=0 height=34 src="http://grc.com/1.gif";
width=33></TD>
<TD><FONT color=#000080
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=+0><B>Attempting connection to your computer. . .</B>
<BR><FONT color=#404040 size=-1><B>Shields UP!</B> is now attempting to
contact the <B>Hidden Internet Server</B> within your PC. It is likely
that no one has told you that your own personal computer may now be
functioning as an <B>Internet Server</B> with neither your knowledge nor
your permission. And that it may be serving up all or many of your
personal files for reading, writing, modification and even deletion by
anyone, anywhere, on the Internet! See the <A
href="http://grc.com/su-explain.htm";>next page</A> for additional
information.</FONT></FONT></TD></TR></TBODY></TABLE>
<TABLE border=0 cellPadding=0 cellSpacing=5 width="85%">
<TBODY>
<TR vAlign=top>
<TD width=33><IMG border=0 height=34 src="http://grc.com/reddash.gif";
width=33></TD>
<TD><FONT color=#000080
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif" size=+0><B>Unable
to connect to your computer.</B><BR><FONT color=#404040 size=-1>The
attempt to connect to your computer with NetBIOS protocol over the
Internet (NetBIOS over TCP/IP) <B>FAILED</B>. But, as you can see below,
<B>significant personal information</B> is still leaking out of your
system and is readily available to curious intruders. Since you do not
appear to be sharing files or printers over the TCP/IP protocol, this
system is <B>relatively secure</B>. It <B>is</B> exposing its NetBIOS
names (see below) over the Internet, but it is refusing to allow
connections, so it is unlikely that anyone could gain casual entry into
your system due to its connection to the
Internet.</FONT></FONT></TD></TR></TBODY></TABLE>
<P>
<TABLE border=0 cellPadding=0 cellSpacing=0>
<TBODY>
<TR vAlign=top>
<TD colSpan=2><IMG border=0 height=39
src="http://grc.com/spinningglobe.gif"; width=39></TD>
<TD colSpan=5 rowSpan=2><FONT color=#101010
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif" size=-1>Several of
your <B>private names</B> are being served up to the<BR>Internet by the
Windows networking system. (see below)<BR>While it's unlikely that this
information can be exploited, you<BR>should know what anyone can learn
about you and your system.</FONT></TD></TR>
<TR>
<TD><IMG border=0 height=31 src="http://grc.com/netunderglobe.gif";
width=25></TD></TR>
<TR>
<TD><IMG border=0 height=70 src="http://grc.com/netlpipe.gif"; width=25></TD>
<TD><IMG border=0 height=70 src="http://grc.com/nethpipe.gif"; width=46></TD>
<TD><IMG border=0 height=70 src="http://grc.com/netpc.gif"; width=32></TD>
<TD> </TD>
<TD>
<TABLE border=0 cellPadding=0 cellSpacing=0>
<TBODY>
<TR>
<TD><FONT color=#000080
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=+1>ESCOM</FONT></TD>
<TD><FONT color=#202020
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=-1> — Your User Name</FONT></TD></TR>
<TR>
<TD><FONT color=#000080
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=+1>ESCOM</FONT></TD>
<TD><FONT color=#202020
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=-1> — Your Computer's Name</FONT></TD></TR>
<TR>
<TD><FONT color=#000080
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=+1>MAAS</FONT></TD>
<TD><FONT color=#202020
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif"
size=-1> — Your
Workgroup</FONT></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></P>
<TABLE border=0 cellPadding=0 cellSpacing=5 width="85%">
<TBODY>
<TR vAlign=top>
<TD><FONT color=#404040
face="Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif" size=-1><IMG
border=0 height=2 src="http://grc.com/darkredpixel.gif";
width="100%"><BR><IMG border=0 height=15
src="http://grc.com/transpixel.gif"; width=1><BR><B>Thanks for using
Shields UP!</B> I hope it's been useful and informative for you.
</FONT></TD></TR></TBODY></TABLE></FONT><BR>
<P><FONT size=2> </P>
<P> The article above was derived from the Oct, 8
edition of the WinInfo-daily mailing and as such<BR>
have put my PC to the test-bank, with the here above
test-results.<BR> Since Windows 95 is a very secure
Operating System and also that Microsoft does its utter best
to<BR> keep any Upgrades(eg IE5) very secure as
well, I did not expect to have any problems whilst or after testing.</P>
<P> As such here are "my results" :</P>
<P>First note here that the above information is the only info that can be
derived from my PC while <BR>being online and that a common (email-) program can
also easy manage to do just that (eg since that it<BR>is also a common part,
protocol and practise on the Internet (i.e. being its protocol) to Identify
your<BR>self (eg your PC) when wanting to log-on (eg to be enabled to
surf/mail).</P>
<P>In my Network Neighberhood-settings:</P>
<P>- ESCOM is indeed my computer's Name and User Name, but both are for me FAKE
Names, and are not<BR> ever used for
anything else than that it was required (in a certain field) by/in the Network
Neighborhood<BR> configuration/set-up.
ESCOM however is NOT my User Name to log-on to my ISP, but is only
used<BR> internaly by the Network
Neighborhood program).<BR>- MAAS for being the Name of the workgroup dito.</P>
<P>Since absolutely NOTHING is Shared on my PC, the above info is also DUMMY
information for both<BR>the Network Neighborhood environment and also for any
other (ISP) Log-on procedures, eg the only info<BR>one can ever derive from my
PC (eg being public for as it is commonly used for Log-on procedures
by<BR>local/global Network card's users) and which is further absolutely
WORTHLESS to anyone else (thus<BR>also to potential Hackers).</P>
<P>Should you have a local LAN or intranet/internet (eg for example at home),
than visiting both the above<BR>mentioned website as well as visiting the
Microsoft websites is recommended , eg to find for more detailed<BR>protection
info. Personaly I believe that there cannot be enough written on the security
subject, eg both<BR>to explain and to inform and to also see through any
hoax-information.</P>
<P>The recommendation made on the site <to disable the "Client for Microsoft
Networking"> as such is very misleading<BR>and bad hoax information, for
#1. as it is not ever recommended by Microsoft Securit and #2. for as it will
also stop<BR>me from ever accessing both my ISP and the Internet itself.
Therefore this HOAX (-information) is very UNTRUE<BR>information and
spread by someone not so very familiar with the TCP/IP (eg the Internet)
protocol(s) and therefore<BR>should think twice before writing such non-sence.
Therefore be also advised to NOT ever follow up on this<BR>trosious
fabulous "advice" form someone not ever so knowledgable.</P>
<P>Re</FONT><FONT size=2>gards,<BR>Ton Maas<BR><A
href="mailto:ms-irb@xxxxxxxxxxxxxxxx";>ms-irb@xxxxxxxxxxxxxxxx</A><BR>Dismiss the
".nospam" bit (including the dot) when replying and<BR>note the new address
change. Also for my Homepage<BR><A
href="http://home.planet.nl/~anthmaas";>http://home.planet.nl/~anthmaas</A></FONT></P></DIV></BODY></HTML>
</x-html>Content-Type: image/gif;
name="1.gif"
Content-Location: http://grc.com/1.gif
Attachment Converted: "c:\eudora\attach\1.gif"
Content-Type: image/gif;
name="reddash.gif"
Content-Location: http://grc.com/reddash.gif
Attachment Converted: "c:\eudora\attach\reddash.gif"
Content-Type: image/gif;
name="spinningglobe.gif"
Content-Location: http://grc.com/spinningglobe.gif
Attachment Converted: "c:\eudora\attach\spinningglobe.gif"
Content-Type: image/gif;
name="netunderglobe.gif"
Content-Location: http://grc.com/netunderglobe.gif
Attachment Converted: "c:\eudora\attach\netunderglobe.gif"
Content-Type: image/gif;
name="netlpipe.gif"
Content-Location: http://grc.com/netlpipe.gif
Attachment Converted: "c:\eudora\attach\netlpipe.gif"
Content-Type: image/gif;
name="nethpipe.gif"
Content-Location: http://grc.com/nethpipe.gif
Attachment Converted: "c:\eudora\attach\nethpipe.gif"
Content-Type: image/gif;
name="netpc.gif"
Content-Location: http://grc.com/netpc.gif
Attachment Converted: "c:\eudora\attach\netpc.gif"
Content-Type: image/gif;
name="darkredpixel.gif"
Content-Location: http://grc.com/darkredpixel.gif
Attachment Converted: "c:\eudora\attach\darkredpixel.gif"
Content-Type: image/gif;
name="transpixel.gif"
Content-Location: http://grc.com/transpixel.gif
Attachment Converted: "c:\eudora\attach\transpixel.gif"
|
![http://grc.com/1.gif"](http://grc.com/1.gif"){kind=link}
![http://grc.com/reddash.gif"](http://grc.com/reddash.gif"){kind=link}
![http://grc.com/spinningglobe.gif"](http://grc.com/spinningglobe.gif"){kind=link}
![http://grc.com/netunderglobe.gif"](http://grc.com/netunderglobe.gif"){kind=link}
![http://grc.com/netlpipe.gif"](http://grc.com/netlpipe.gif"){kind=link}
![http://grc.com/nethpipe.gif"](http://grc.com/nethpipe.gif"){kind=link}
![http://grc.com/netpc.gif"](http://grc.com/netpc.gif"){kind=link}
![http://grc.com/darkredpixel.gif"](http://grc.com/darkredpixel.gif"){kind=link}
![http://grc.com/transpixel.gif"](http://grc.com/transpixel.gif"){kind=link}
