I went to the free tool site mentioned by Thelonius and my Norton firewall blocked and warned me of a Sub Seven Trojan Horse trying to connect using the back door. As the free tools carried a message stating that if anybody knew any of the tools to be copyright to let them know, I had decided I personally would not feel happy downloading from the site. I feel that permission should be obtained before placing items of any description on a site. I went round various other sites and no further problems occurred with the firewall. I decided to try the free tool site again after some time to see what happened and again I got a Trojan Horse alert and the firewall blocked it. Both remote addresses recorded by the firewall are different but have similarities whether that means anything I have no idea. It may also have no relevance to the site, but I suppose its possible a hacker could be using it as with all the stuff available people might spend some time there. This message is just to put people on alert if you have no firewall you may be at risk.
Dave

Thanks for the heads-up, Dave…
Better safe than sorry…

if you feal you been violated file a complaint to have the site tooken down and legal action to file if any of your comp or personly file has been damaged…
i smell a ppunk.zip shareware it was P some thing shareware file to be infected along with C:\windows Wscript…
no one come to my back door because i watch both ends… you want to play you will PAY.
and anyone to put a trogen on a website to mark there trace’s are not very bright anyways

DM: Thanks for the info The link has been removed.
-ZuZu

I think Stonecutters right better safe than sorry, so thanks ZuZu for removing the link it would seem the safest bet. Thanks for your suggestions EZ, as far as any damage goes, the firewall blocked the Trojans access, of course there is no way of knowing if it is pure coincidence that it happened twice on the same site at different times. A friend has also suggested reporting the incidents with the relevant address details of the machines involved in the attempts, I’m looking into that so if anybody knows a site that accepts these reports I would be grateful for the information. I once said if you are on a dial up Internet connection that firewall’s were generally not necessary I think that’s changing fast.
I often think that as the hackers are obviously very clever people, why don’t they put their knowledge to some useful contribution to life.
Dave

DM, hackers ARE clever people, it’s just that the ones who create virii and trojans are malicious A**HOLES. I used to know a guy who just thought a virus was the coolest thing, describing it as a created life form, replicating itself and spreading all over the place. Yeah, you could say the same thing about a forest fire, destroying everything in it’s path.

The people who create virii could care less about what damage they do to nice people’s computers and lives.

I went thru a virus delima this week…the sofunny.exe and the Hibius virus…sofunny is a worm that steals passwords…don’t know who or how I got it…but it’s all cleaned now…I think the little buttholes that create them should be burned at the stake and prosecuted to the fullest extent of the law…why they do it? Technology without conscience in the hands of a young person…though I guess there are old farts like me that create em too…maybe they have small egos and wee wee’s to match and hae the little man syndrome and have the need to have that pseudo power trip

Sometimes i think hackers can be smarter than actual software developers. If they put their skills to good use, we could have some crack free programs and stuff for once.

<BLOCKQUOTE>quote:</font><HR> Sometimes i think hackers can be smarter than actual software developers. If they put their skills to good use, we could have some crack free programs and stuff for once. <HR></BLOCKQUOTE>

The problem is that no matter how the program is written, it will always be no more than lines of code… and whether they were on floppy disks ten years ago, or on 50 gig hard drives today, or on bioelectric worms 10 years in the future, they will still be those instructions, and it seems that there is no way to make sure that a computer knows that those particular instructions are the not-buggy ones without more or less saying that “this program” is it, that nothing else is safe. There goes any flexibity.

An update, I’ve been on to the Symantec site which is Norton, they have a traceroute system. I fed in the hacker’s computer addresses, which as I mentioned were similar; they both traced to the UK London suburb of Brentford. The website where it happened is in Frankfurt; it is possible that the site has been hacked and again possible that it was pure coincidence that both incidences occurred on the site. At the moment I’ve found no website that collects the information on would be hacker’s computer addresses but I’m sure there must be. Anybody with more knowledge on the subject than myself would be a great help, because if we could all learn more about it we might more easily combat it. A program that would bounce back their Trojans and wreck their machines would be fantastic. To comment on the last posts it just seems that whatever is created, that malicious element in society just has to find a way to corrupt and subvert it. They probably love their machines so let the punishment fit the crime, when they are caught wreck their computers and all service providers ban them for life.
Dave

good hacker would know to hide his ip so the traceroute wont do you any good if he has a (anoynomizer)
second of all its more kids play then anything and most of your hackers can push a button but know nothing about programing or even lil old HTML for that matter…
you can make stuff in VB thats undetected as a virus there is even java script virus and applet virus even a pic of another formatt can do damage…
that site thats posted is linked up all over on differnt pages… best to file a complaint and let some one take care of it…
you go poking around try to run a check on some one ip they might get YOURS and poke you back before you know it.
i dought it tho but you never know…

Yes DM, when I installed Norton firewall a year ago I got into it as well. The first thing you notice is that about 30 attempts are made every day to ‘hack’ into the computer. Of course one gets very paranoid. And then you check out some IP lookup address in google. Then you get fascinated by all the special warnings that Norton provide. And you start looking up the addressess of all the hack attempts.

Then you see that a lot come frome china and taiwan. After about 3 months of all this it becomes very tireing as you realise that no one is trying to hack your machine. What is happening is that you are just being automatically pinged along with hundreds of millions of other people who surf the web.

After a while it dawns on you that the firewall stops everything, which is exactly what it should be doing. I get frequent ‘hacking’ alerts at the ZBrush forum just like everywhere else. Or at least I used to before I turned off the alert message and just let it run in the background.

If everylink was removed when you got pinged then this site would be removed as well! Don’t worry the sky isn’t falling, welcome to the real world.

BTW I got no alert from my firewall and I’m accessing from the uk as well. Also regarding your comment about the copyright the author of the site clearly stated that all tools were supplied from public domain, he was just being extra polite by suggesting that if by some chance something did sneak in then to let him know. I really think you are making a big deal out of nothing. IMHO

Everyone should have a firewall and they do their job well. Just remember before you got your firewall you were being pinged regularly anyway.

<BLOCKQUOTE>quote:</font><HR> and warned me of a Sub Seven Trojan Horse trying to connect using the back door. <HR></BLOCKQUOTE>

Yes it all sounds very Blade Runnerish and very impressive but this is a standard window warning on the norton firewall and it is just to let you know that you’ve been pinged by something which is looking for a trojan horse which you might have already picked up. I get about 10 of these a day including while accessing ZBrush forum.

PS how long have you had your firewall

Hi Thelonius,
Though the Norton is new, I did have Zone Alarm which I uninstalled because of clashes with some of my other software. For a while I didn’t bother because so many people were saying it didn’t matter because hacking was exaggerated, BBC south news have been picking up on it and pointing out how frequent the problem is. They were giving a number of examples of people having Trojans placed on their computers and their machines being remotely controlled without their knowledge. Through a friend, I have been given a contact who is a qualified Microsoft Engineer, and he agreed that you can get alerts from ping scans, but they should not register as Sub Seven Trojan Horses. What he did say was that some marketing firms use methods to obtain information that can give the Sub Seven Trojan Horse response. His advice was, if this happened more than once at different times on the same site, avoid it, if you weren’t getting persistent alerts everywhere, which might suggest that your firewall might be to fault. As with mine, I have only had the two alerts and, as I said, they happened when I was on that one particular site. I have spent quite some hours since the firewall was installed on the internet and have not had your problems, Thelonius, Symantec may have improved the 2002 version. I did make a particular point of making sure that my firewall harmonised with my virus scan they are both Norton. Past experience showed me that my MacAfee virus scan clashed badly with a number of things, including my scanner. Obviously, with Zone Alarm, again another software manufacturer, lack of harmony was possibly the problem there. I had been advised that with virus scans and firewalls, if they did clash you obviously could get false readings.
Regarding the free models, I did state that it was my personal feelings, as from all the free downloads I have seen , either the site gives information on how they are to be used or the Readme file from the originator usually stipulates that the items may be used in your images, but if you wish to place them on another site, you must get their permission. It is just my feelings that if these people are kind enough to give some of their work away free, I must do everything in my power to ascertain that their wishes are being complied with. Apart from the fact that I think anybody involved in any form of art work would like their copyright to be respected, I treat others with the same respect I would expect. With regard to the free tools on the site we are talking about, I would not feel confident that anything I downloaded would necessarily have the permission of the copyright owners to be on that site. It’s all well and good to say that it’s out in the public domain, but the originators of the items, in my opinion, still have rights.
Dave

This link goes to the meat of the matter.

If you really want to know about security, what will and will not work, this is the place for an answer.
http://www.interhack.net/pubs/fwfaq/

Chapter 2 Background and Firewall Basics is a great one stop chapter if you are limited on time.

As far as pings go, the only way to fight those is to operate stealth.

Those sitting on cable internet are exposed 24/7 (unless your computer is removed from the cable modem, or turned off) If you take a static IP address your exposure is even greater mathematically.

End User error is the largest cause of successful virus transmission. If you get email which has a sender you do not recognize or did not request…delete it (out of the inbox and the delete bin).

Another good practice. Do not utilize the “mass email” or “group email” function in outlook. It just ups the risks. I always request that my friends NEVER include me on their group lists.

Thanks for the link and the info Kathy. I’ve had a quick look and I think some time there would be worthwhile. Useful input is always appreciated, as Stonecutter said, "better safe than sorry.
Dave

I hear so much about viruses attacking email programs (like outlook) and sending nasty stuff on through the addresses in it. For the past two years or so I have used only internet based services which don’t involve any programs on you computer. I hope that protects me (and the people who I email) some!

Ever since i installed ‘evidence eliminator’ i havent had any problems with those elusive trogan messages.
http://www.evidence-eliminator.com/main.shtml

Thanks for the info Muvlo and Evoken and the link.
Dave