Best of the Australian Flexible Learning Community 2001-2004

Technologies for Learning
Teaching, Training & Learners
Professional Development
Managing Flexible Delivery
Global Perspectives

 

Print this article
Free for education
2 October, 2003
Protecting yourself from hard drive invasion

This article is based on an interaction that took place in the Ask a Techo forum.

Once upon a time a home computer user found himself occasionally denied access to the internet. Either the dial-up connection failed, or the connection was made but email and browser wouldn't connect. This user was running XP Home with service pack 1. To solve his problem he simply system restored to an earlier period. No problem.

In an effort to protect himself, the user installed Sygate Personal firewall, Lavasoft AdAware, and Scottie the watchdog as he’d read that XP's own firewall is switched off by default and switching it on can create problems of its own.

Not long later the gremlins were back. He tried the restoring to an earlier period again only to find all his restore points had disappeared. He created a new one, cleaned out all of the temp internet files and cookies, and did a Trojan search. One Trojan port was found, Port 2000, so he trashed that.
 
When he tried to open Sygate to view the log, the whole program has been deleted except for the icons. AdAware had't found any updates and Scottie hadn’t 'woofed' for ages. Our friend tried to reinstall AdAware, and Sygate, but nothing changed. He even tried to switch on XP's firewall to find that option was no longer available.

Nest time he couldn't connect again he went to System Restore, certain DLL files were missing, and all sorts of unusual messages started popping up on the desktop. The last message was that he needed to reinstall the OS.

This is a true story.

To avoid problems like this you should have a firewall set up with no open ports that alerts you when it detects suspicious network traffic to and from applications on your computer, and you should have a virus scanner working in real time on files you receive via email, which you regularly update with the latest virus definition files.

If you have all these set up, the only thing you need worry about is firing off a trojan program by clicking on an attractive executable in an email. There are some beauties floating around at the moment disguised as patches from Microsoft, returned e-mails and account verification notices from PayPal, all of which need to be treated with a high degree of suspicion.

For the budget conscious, Microsoft have some free stuff: A lockdown tool which will scan your computer for open ports (amongst other things). And a free firewall. Here's a microsoft article on enabling the XP firewall, it also has some good links to related information. Alternatively, you could run some free third party software, like Zone Labs ZoneAlarm which is pretty easy to install and configure, and does a bang up job of monitoring ports. It is amazing how many intrusions it blocks, and how persistent the person, or apparently party of persons are in trying to hack in. Although Sygate gets a good rave in the tech magazines the hackers seem to have found a way of getting around it.

Of course, the ultimate back up is to back up regularly to some external/removable media.

 

Links used in this article:

Lockdown tool - http://www.microsoft.com/downloads/details.aspx?FamilyID=dde9efc0-bb30-47eb-9a61-fd755d23cdec&displaylang=en

Microsoft article - http://www.microsoft.com/windowsxp/pro/using/howto/networking/icf.asp

Zone Alarm - http://www.zonelabs.com/store/content/company/zap_za_grid.jsp

Sygate - http://www.sygate.com/

http://flexiblelearning.net.au/ about the community | about this site | copyright & disclaimer
This project was an initiative of the Australian Flexible Learning Framework 2000-2004 Webmaster: flexiblelearning@educationau.edu.au