Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Should I be worried?

  1. #1
    larick Guest

    Default Should I be worried?



    First time posting so I hope I m in the right place

    The last two days The vsmon.exe has been a pig and eating 50%+ of my CPU, After reading the forums I placed my computer in safe mode and removed both backup.rdb and iamdb.rdb in Windows/internetlog. After placing my computer back into normal startup the same problem persisted. So I attempted to Re-Install Zone Alarm. (Unplugging from the internet first) After reinstalling it seemed to work fine (this is where I should have stopped). But I decided to roll back my system to three days before
    (when Zone alarm was working fine) After the Successful Roll back an error message came up. (I forget the name of the message) after several messages of the same error I decided perhaps a Repair from the Zone alarm installation would fix the problem
    (seeing how it looked almost identical to one of it s processes). But after several minutes of the installation sitting still another error message came up and said that the installation program wasn t able to login into True Vector . I gave up at this point and undid the System Roll back. But once again I had to remove Zone Alarm and Reinstall it. After Repluging my router in a message saying Found new network Came up and asked me where to place it Internet Or Trusted . I chose Internet but after 10 failed attempts in 15 mins I felt something was a miss. So I looked into my Alert/Log and all the source IP s seemed to be coming from my router. So I allowed my router in the Trusted Zone and not one attack has been able to reach my Firewall. My question is Through this whole series of unfortunate events dose my computer require a Reconfiguration? And should I be worried about my security with the router being in the Trusted Zone? When I reinstalled Zone alarm several programs required access to the internet (some windows process, I allowed most of them)
    I apologize for the long description and I hope it makes since. Thank you in advance for the help



    Operating System:Windows XP Pro
    Product Name:ZoneAlarm Pro
    Software Version:6.5

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Should I be worried?

    Hi and welcome to the forum!

    http://forum.zonelabs.org/zonelabs/b...ssage.id=51253

    http://forum.zonelabs.org/zonelabs/b...ssage.id=51227

    are the method that I would have personally followed and then just installed the latest version. It does clean up some remmants and provides a possible solution for the vsmon issue as well as just knowing the PC is squeaky clean and the new install should be perfect.

    Any router is providing an excellent shield from the WWW to your LAN/PC. The NAT feature is doing this alone and if there is a SPI feature in the router, then so much the better. In fact, the router address should be placed in the Trusted Zone, as well as 127.0.0.1 form the loopback. This is perfectly safe and normal for most people. If there is any doubt, please be assured that this is not a security risk. Oldsod

    AlphaShield
    Netgear router
    Dell 2x160 HDD, P4 HT 3.0 , 2 G DDR2, Windows XP SP2
    ZA Antispy v6.5
    KAV 6
    Spysweeper
    Opera v9
    Ewido and ASquared (on demand scanners only)

    Message Edited by Oldsod on 06-27-2006 07:24 PM

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Anti-Spyware
    Software Version:6.5
    Best regards.
    oldsod

  3. #3
    larick Guest

    Default Re: Should I be worried?

    Yes my router is SPI and I wouldn't have it any other way . But taking the action that I did. Is their just cause for my concern about Hackers or Viruses? Or am I still good to go? Thank you for the links. I will defiantlytake that action instead next time.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Should I be worried?

    The only worm/virus/trojan that can possibily enter the PC are those that you let in, such as opening unknown email attachments, allowing downloads from strangers/strange unsafe sites, exchanging files on P2P (movies, music, etc), setting the IMs to risky security, using infected media (USB, CD, DVD, Floppy. cards, etc), and unsafe sites.

    The biggest threat on the internet for many people is actually the unsafe sites; browser have exploits all the time for good reasons. Trojans amd all sorts of malware can enter the PC just through the browser it self. The best safety for security while browsing the Internet is using FireFox or Opera( both alternative browser have options or addins to control PopUps, Refer, Java, Javascripts and neither ever use ActiveX). OR use IE6 with the Active X, Java and JavaScripts all disabled, plus get all the lastest patches for the IE6 (as well as for Windows). The options in the Zone Alarm Pro does provide strong control of WebBugs,Java, Cookies, JavaScript and ActiveX in the Privacy section. I strongly suggest that you use this feature to it's full potential to help secure the browsing.

    As far as setting the router in the Trusted Zone? You are good to go. Strange some people never use a router. They are missing one of the very best hardware for securing the home LAN!!


    http://www.practicallynetworked.com/...g/securnet.htm

    http://en.wikipedia.org/wiki/Router

    and a little bit of detail, plus the extreme double NAT system:

    http://www.grc.com/nat/nat.htm

    more hardware router tips/info

    http://www.tomsnetworking.com/2006/0..._to_know_2006/

    and what NAT is about:

    http://www.howstuffworks.com/nat.htm


    Take care and enjoy!

    Oldsod

    AlphaShield
    Netgear router
    Windows XP SP2
    ZA AntiSpy v6.5
    KAV 6
    SpySweeper
    Opera
    Host list by MVPS, BlueTack and hpGuru

    Message Edited by Oldsod on 06-27-2006 09:32 PM
    Best regards.
    oldsod

  5. #5
    larick Guest

    Default Re: Should I be worried?

    Thanks a bunch! I am a extremely concerned with privacy/viruses/hackers ect. That is why I use FireFox and I love the browser to death. I do not dowload movies,music, or any questionable mediaCDs jumpdrivesDVDs ect I dont have a PS2. I also am very picky about where Igo on the net. I'm a gamer so Active X seems to be required for most games. I'm not too clear on what the security risk is of using Active X. I am alwease wiling to learn more about Security seeing how it is extremely important tome. I have everything on Zone Alarm (except forthe cookies blocker) set on high.Many people have expressed their disliking on how Zone Alarm asks youfor "Every little thing" personally that is why I like it so much. Besidesthe recent problem Zone Alarm has been very good to me and I thank you once again for your help.

    P.S I figure that seeing how I am behind a SPI router that the chances of me being "Hacked" are extreamly low. right?

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Should I be worried?

    Well, we both think the same- more alerts the better and popups the better. After a while when the system is nicely settled in and the PC setup is unchanging, try the Smart Defense Advisor at off and Program Control at high and Alerts Events Shown at high. Opera is preferred over FF, but I like the fireFox as well.


    To lessen the threats from java exploits, it is adviseable to eliminate the caching of internet files. Start> Control panel> Java> General > Settings in Temporary Internet Files> view Applets> uncheck caching in the bottom left corner and OK and close the application.

    Some old but still valid for today articles:

    http://www.networkworld.com/newslett.../1129sec2.html

    http://www.cs.princeton.edu/sip/faq/java-faq.php3

    ActiveX:

    http://www.webopedia.com/TERM/A/ActiveX_control.html

    http://en.wikipedia.org/wiki/ActiveX

    Remove software that uses activeX controls ( which is no longer needed) by C:\Windows\Download Program files and use remove on the right click.
    Several applications such as CCleaner ( cleans out unwanted ActiveX, really cool feature) or SpyBot S&D (contols ActiveX installation) or Windows Defender ( blocks ActiveX installs) are handy for user mistakes. There are regisrty hacks for the ActiveX, but I do want to get into that aspect of this issue.



    Javascript console can be shown when finished browsing and just clear it is good advice. Any good cleaner such as CCleaner or a web washer will do this as well and much more.

    Okay the "PS" is answered by the "ElCheapo Router Challenge" and it is lengthy, BUT will answer your question and not leave any doubts in your mind.Read the first page well and follow all the links in the first page and just read through the next 17 pages. The challenge is to "hack' a cheap and ordinary plain router- all comers, challengers and takers were accepted! The PC address was made public and the contest began!

    http://www.dslreports.com/forum/remark,14671194

    Take care
    Oldsod

    Message Edited by Oldsod on 06-27-2006 11:12 PM

    Message Edited by Oldsod on 06-27-2006 11:21 PM
    Best regards.
    oldsod

  7. #7
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Should I be worried?

    Other recent poster questions about SPI/NAT routers

    http://forum.zonelabs.org/zonelabs/b...ssage.id=39592

    http://forum.zonelabs.org/zonelabs/b...ssage.id=39813

    Oldsod

    Message Edited by Oldsod on 06-28-2006 01:03 AM

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Anti-Spyware
    Software Version:6.5
    Best regards.
    oldsod

  8. #8
    larick Guest

    Default Re: Should I be worried?

    Looks interesting that's for sure. I have the WRT54GS linksys myself.... I paid $100+ dollars for it and they said it was one of the lower end routers? That was the most expensive one I could find!

  9. #9
    larick Guest

    Default Re: Should I be worried?

    This is what my current setup is. By the way.

    Linksys WRT54GS router.
    Avast Anti Virus
    Sunbelt Software CounterSpy.
    Lavasoft SE-Personal
    Zone Alarm Pro. (full Version)
    and Spybot Search and Destroy.

    P.S Their is this opption in my Router security that says "Filter Internet NAT Redirection" That is currently UNchucked. Should that me checked or just leave it?

    Message Edited by Larick on 06-27-2006 10:31 PM

  10. #10
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Should I be worried?

    The setup looks good! If using Avast! free version, there are no script blocker with it.So to compensate this weakness, a free script blocker is available from:

    http://www.analogx.com/CONTENTS/down...em/sdefend.htm

    Please make sure the wifi is WPA, MAC'd in, and the SSID is changed, along with changing the default password to ensure proper encrtption and prevent network intrusions as well.

    http://en.wikipedia.org/wiki/Wireless_LAN_Security

    CounterSpy is nice, but uses to much resources. My alternative is SpySweeper ( almost as bad as well, but not that bad). Windows Defender is still a close cousin to CounterSpy and is available for free as well.

    Unchecked seems the right way according to the advice given by this site,

    http://www.linklogger.com/wrt_setup.htm

    Apparently enabled prevents proper logging.

    Oldsod

    Message Edited by Oldsod on 06-28-2006 01:55 AM
    Best regards.
    oldsod

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •