This is VERY difficult to detect and wipe, it's the reason people say never to accept attachments from even those that you know unless it has been pre-confirmed. Even if it has been pre-confirmed then viruses can still be spread in the same way. Our advice is to purchase a good virus and Trojan scanner/remover such as AVP (http://www.avp.com) which may be slow but that's only because they check EVERYTHING.

The same goes for IRC and Newsgroups, Trojans are the chief way in which wannabe-hackers try to gain access to your system by masking one program under another, ALWAYS beware of net downloads.

The BIG Issue

The biggest risk doesn't come from Trojan horses or wannabe-hackers, no; the biggest risk comes from yourself if you fail to protect your system(s). For the purpose of this exercise we'll focus on those using the 'MS Windows9x' operating system(s) (O/S), easily the most insecure piece of software ever devised. It houses some 65,555 ports and numerous methods for gaining access to them.

A port is best explained as a definition of data transfers, for example; systems such as FTP, WWW and IRC each have their own unique port for working in conjunction with your system. However many of us will never use more than 5% of the sixty five thousand that exist within a modern O/S because most ports aren't even bound to a particular system yet, this leaves the rest vulnerable.

Thankfully Microsoft hasn't be totally naive and their software keeps ports in a status of open or closed. A closed port such as that used to access FTP is often safe from outside access, however an open one means people can intercept the data stream and gain information or access into your system. Since most of the 65K ports are not used, they are also kept closed, however there are some to watch for.

The hidden opening (port 139 - NetBIOS)

There are several things you should NEVER do; one is to be running a LAN in your office and using a Windows9x PC as the server while also connected to the Internet. By nature a server has to deal with multiple styles and directions of traffic, by using the server on a small LAN as your host you are also leaving all the doors open for malicious use.

The key most important door (port) being number 139 of 65K, NetBIOS. The Network BIOS is the controller that exists even on those systems that aren't servers; accept a server is more at risk, but not much more. As you might have guessed it controls certain network activity and as such the port is almost always open, especially on servers. If you're intent on running the server then we suggest you disable 'File & Print Sharing', having these two options on means even the most novice of hackers can access your files and printers through 139.

In order to test your primary ports to see which is open and how to solve the problem then we suggest you go HERE:

https://grc.com/x/ne.dll?bh0bkyd2

This site will also perform a controlled HACK on your system to determine just how open you really are, be prepared for a shock when you find out how open to malicious use you can be.

[Page 3]>>