Placing this in this forum for lack of knowing correct one.

Is there such a thing as a DSL Sub-seven trogan??
A DSL user can both use a computer and make a phone call off the same line at the same time.....so I understand ??
Earlier I was hit by what was id'ed by the port number as a sub-seven port 27***........but the Thing was not trying to access the os...it was trying to use IE to the Phone....as reveal by the firewall status log ......*this thing never got past the firewall**
Does this make any sense to anyone? No, I am not on DSL.....but from this incident came this post.......
Please offer correction if needed

The implications/complications of a hacker possibly being able to make a phone call is so outlandish that I was embrassed to make the post........but...if there is such a possibly....I for one would like knowing of it.

I could possible understand an attempt to use one of those Netphone type things.....but AN ACTUAL PHONE CALL ON AN ACTUAL PHONE>>>>>>>HUH

Ah, but Snowy, isn't the idea of using the telephone via a piece of malware really just the issue of "premium dialers"? The programs that attempt to dial your modem to some $5.99/minute (or however much) internet connection that the phone companies allow because the user supposedly "agreed" to it via some bogus pop-up?

But, for myself I have not heard of a connection between sub-seven and such a dialer, though that doesn't mean anything. I may just not know this.

What exactly did you see when you say >> "but the Thing was not trying to access the os...it was trying to use IE to the Phone....as reveal by the firewall status log" ?

How did it try to use the phone exactly? Was it a dialer hitting your dialup networking connection or was it something else?

Was it a dialer hitting your dialup networking connection or was it something else? **


LWM

Well now that you mentioned this..I would say that it was the above. Never had anything like this happen...so its very very new to me.........nor was awear of that other $$$ call you mentioned........wow.....now thats downright rude of those fellows!!

For sure my os is clean....no inside dialers......so got to think is was one of the ones you mentioned........an that really makes me smile......cause my private phone wont dial those type numbers......its super restricted

But this is interesting......so what would happen on a DSL connection where a computer had no security??

***What exactly did you see when you say >> "but the Thing was not trying to access the os...it was trying to use IE to the Phone....as reveal by the firewall status log" ?
***********************************************

Several security programs hit the THING at once so really wasn't much left of it that showed much.....but still in the firewall status log was listed the attempt which had been directed to localhost and "hung" there....just ckecked my other firewall log an one odd listing from an AOL url attempt on port 21........to your question: localhost:phone

Well now I can't stop laughing......that poor wantabe hacker had he passed the computer would have met the security on the phone.........an wondered what kind of nut he hooked into.....LOL

{QUOTE-> But this is interesting......so what would happen on a DSL connection where a computer had no security?? <-QUOTE}That is a good question! And the answer is - it depends upon how it's configured. Because of a very, very simple factor in my case, (I have ADSL), I would be 100% protected from any premium dialer... What factor you ask? Simply this - since I only have 1 phone jack in the room where my computer is, and because I didn't want to degrade the DSL signal on the phone line, I am only able to plug the phone jack into the DSL digital modem and not the old analog modem at the same time. Therefore, since I have no phone line in the old modem - no dialer can make expensive phone calls on me!

Sure, I could use a splitter and attach a DSL filter to the cable, and then plug it into the old analog dialup modem, but, that weakens the DSL signal - which isn't too strong in the first place in my home. And since I rarely ever lose my DSL signal, why would I want a weaker signal "all the time" when I almost never use a dialup connection?

I think premium dialers are the worst offense possible in the malware world because they aren't just inconvient, they actually cost people real dollar$. Here's a thread about a friend of ours who did have a dialer problem...

http://www.wilderssecurity.com/showthread.php?t=3782

Quote from a post I made there:
{QUOTE-> Personally, I think a dialer hijack is one of the worst types of malware out there. The absolutely ridiculous pricing they have on them by the minute, resulting in the massive bills people can get stuck with - often without the ability to successfully fight it. >:(

When I switched over to DSL a few months back, I decide to leave my normal analog modem entirely disconnected (i.e. phone line not plugged in.) That’s a real good way to ensure that a dialer won’t work. ;) My DSL service has no variable “dial” (alternate digital connection ID, as some ISDN lines have), so that is safe. Many people I know that have dedicated modem phone lines have them set up with no long distance access service, at all, another good way to help limit the exposure, as is the blocking that Primrose mentions above. <-QUOTE}The whole thread is worth reading for people who wonder what a dialer is and if they are dangerous. They are!

LWM


GOSH....now those things really are dangerous!! I am sure out of the know on this was.....so really this will prove very helpful.......very! I know several people who use both modem/phone off the connection. Mostly for their kids.......an just about all are using file sharing......
Thank you LWM......tomorrow I'll spread the word.....well..really I'll tell one.....bet everyone in town hears of it after that LOL

Just remembered that just prior to being hit by that Thing I was doing research on keyloggers an had accessed keylogger sites..........would bet my comfortable old sneakers that was where it came from.
well where ever it came from...it was a swift lesson in why to use security......an un-protected computer would have been in serious trouble.......