AOL 7 and ZA

Discussion in 'other firewalls' started by zarzenz, May 20, 2002.

Thread Status:
Not open for further replies.
  1. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Using ZA free version with AOL 7, and running the GRC probe ports test, I get a result of port 113 open. But if I run the same test with AOL 6, all ports are stealthed.
    Is this a known issue as I'm very new to all this stuff and need to know if this open 113 port presents a serious problem as I'd quite like to use AOL 7 for a while. But just now I daren't. Anyone out there had a similar dilema and know what is the answer.
     
  2. snowman

    snowman Guest

         imo your port should not be open......I've never used aol......an would not do so....personal pref.....

        may I respectfully suggest that you go to the free services page here at wilders......an take the tests offered by pcflank.....stealth test..advance test....may even want to do the broswer test while you are there....all of which wont take long.......see what turns up...     by the way...do you have a virus scanner and trojan scanner?

                                snowman
     
  3. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Thanks for the tip to give the pcflank tests a try snowman...I'm only just starting to find all the good places on this site...will check it out.

    I do an online virus/trojan scan often and thats how I got interested in all this security stuff when I got a trojan a while back so now run ZA all the time and thats why I'm concerned about the open port with AOL 7.
     
  4. snowman

    snowman Guest

       Z

          You are most welcome.   Z..don't rely "only" on online virus\torjan scans.......if you are....may I suggest that you install a virus scanner........there is a decent free virus scanner in free tools  called AVG.......there are others there also..........

          since you already have had a trojan....may I ask how you removed it??    reason being...are you sure its removed.  
           if using aol is leaving your port open....thats inviting to any hacker....port should not be open....
           the tests at pcflank will offer you more details that could alert you to possible dangers in you set-up......an from there you can begin closing the holes.
            an please don't hesitate to post if you need help.....there is always someone at the BB willing to assist
                            snowman
     
  5. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    I just checked out all the tests on pcflank snowman...wow, what a site. I can see I'm only starting to scratch the surface on all this stuff but I ran all the tests and everything is safe...no trojans...all ports stealthed (that confirms GRC tests) with AOL 6, I'll have to reinstall AOL 7 later and recheck the port tests to see if it throws up the open 113 that GRC did when I tested it there last time, that will be interesting to compare. The only problem it gave me was browser privacy due to cookies enabled but my problem with that is I think I need cookies enabled so that various other forums I visit can tell me what new posts are to be read, I guess this forum does as well so not sure what can be done about that as thats so useful to keep.

    Anyway...as regards the trojan I had. Well I use the Trend on line scanner about once a week as I find the automatic updates that it provides very good and it was a few months ago that it said I had a trojan. It gave me an option to clean it out and this I did and a rescan confirmed I was clean. Then a few weeks later I installed MSN after a MS update said I needed it but after contacting a buddy on there I got another trojan and I think it was called brain. Anyway, Trend was unable to clean that one but I managed to find an article in a PC mag on it and followed the advice to rid it but it involved dumping my system restore data so I dont want another of those. BTW...got rid of MSN that night as well...its too easy to get infected with it.

    Thats why I dont want to run with AOL 7 just now but I would like to use internet sweeper but I think it only works on AOL 7 (see my recent post on the IS forum) so I'm between a rock and a hard place just now.
     
  6. snowman

    snowman Guest

         Zzzzzz

         nice job!!   thought you might enjoy pcflank..an now......if I may be allowed to offer a few suggestions for your consideration....

         Install a virus scanner IMMEDIATELY!!    Z you need protection before the fact...that after the fact....otherwise..in less than a second your computer could be on its way to the garbage dump......no fooling..no dramatics......plain fact.  you need a "resident scanner" which simple means that its working constantly as you work\surf.............an STOPS viruses in their tracks.........(this is simplified)
        install a virus scanner IMMEDIATELY!   for the time being consider installing Ants 2.0 free...at the freetools section here.......its not as current as could be..but a newer version will be out soon...until then it will offer you some protection whereas now you have none......its very easy to install and use..........
        install Adaware...an run a scan immediately...if you have cookies enabled there is a very good chance you have spy cookies that track your every move....if adaware locates any...FOLLOW THE README INSTRUCTIONS........if any questions arise....post back here in the correct forum.....answers will be forthcoming to help you...
        What browser are you using..internet explorer or netscape......my guess its netscape.......ok...either case you are emitting "referrers"...which tells one website which website you just left....TRACKING Z...
        if you use internet explorer....use the "ZONES"  the cookies you need to keep..place the that website in the trusted zone......everything else goes either to the internet zone ..restricted zone..local zone..   the restricted and internet zones will need to be (shut-down) as much as possible...no cookies..no activeX...an a few other "no's which can be discussed later....
       netscape..be awhile since I looked at it..but it does offer some security features I would think...you no doubt see the point here.
       consider installing Cookie Wall or whichever cookie manager you prefer......these allow you to trash which cookies you want...an keep which cookies you want...
        internet sweeper to my understanding now works with IE or netscape....CAUTION:  you are using zone alarm...there may be a conflict issue which would require zone alarm to be temp disabled while using the sweeper.....post in the sweeper forum requiring this...I am not the person to help with the sweeper...but others can...
        browser privacy.....well thats a subject all its own...lots of ways to improve browser privacy....but take this one step at a time......you have some holes to plug first.....lOL
       Z you want to keep port 113 safe....that should be a major priority.....you may like aol 7...but you need a computer to use it on....an if you leave ports open....you may not have a computer....plain and simple as that...
        being this is the Firewall forum I may have already over-stepped the bounds of what should be posted in this particular forum......therefore..if you decide to install a scanner (an I most strongly suggest you do) then please post hereafter in whichever would be the aprepo forum....this gives others a chance to help you plus keeps everything on subject .
        Z it would also be extremely helpful to those offering help if you advise which OS you have...ex: win95  win98  w2k  XP......
        the folks will have your computer tighter than   (hee hee..well I best not say)

                               snowman
     
  7. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    First of all snowman...thanks for taking the time to post all the advice there...much appreaciated.

    My OS is WinME. As regards my browser, its IE but because its intergrated into the AOL system its not really the normal IE but a modified version that comes as a part of the 'AOL Experience' so to speak. It is possible to launch the normal IE from the desktop but only if AOL is up and running and even then it still has to go via their servers. From what I understand (and I really am only just starting to pick up this stuff as I go along) its this intergrated/modified browser within the AOL system that makes most of the pop up killers (spyblocker and proxomitron and the like) not able to function and it was this reason that I was so interested to see internet sweeper developed to work with AOL but as far as I can tell, only V7. Now as you rightly said snowman, its best not to discuss that bit of software here so I'll leave that there but just to come right back on topic here...that was the very reason for me starting this topic in the firewall forum because as you can now see from my last post...ZA is doing a fine job of holding my ports intact at the moment...but untill I get a chance to reinstall AOL 7 and then rerun all the pcflank tests I just cant risk, not for any longer than the time it takes to do them port scans, to use V7.

    I may well take your advice and load up a virus scanner but I never open Emails from unknown sources and so I dont think I'm at too much risk there as long as my firewall is keeping me in perfect stealth, I should be ok, but then again...you do say good words of wisdom...I get the feeling you've probably had loads of experience of these problems, so your advice is not being taken lightly here.

    OK snowman, I'll cut free here for now, and maybe tomorrow I'll have thought of some issues that will be relevant, and therefore may post as such under the various forum topics as required.
     
  8. snowman

    snowman Guest

          Zzzzzz

          my sincere compliments on your interest in securing your computer...........

          Zzzzz.....firewalls are not virus scanners....an e mail is not the only means of getting trojans and viruses....never ever assume that for even a moment.....the other day just going to a website I was hit by a trojan......yup..just visiting a website....a security website at that............ a virus scanner....its a critical part of security..........the choice is entirely yours naturally......I just want to insure that you realize that the purpose of a firewall is not to scan for viruses
           
                   snowman
     
  9. snowman

    snowman Guest

       Zzzzzz

       before I say goodnoght.....one lil bit of info.....be very careful never to use winMe system restore to restore your computer PRIOR TO THE DATE YOU REMOVED THE TROJAN....otherwise system restore......will restore the trojan...


                            snowman
     
  10. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Snowman...you have really opened my eyes now!!!

    I thought the only way you could get a virus was indeed if you got an email that had an attachment that then had to be downloaded (at least via the AOL email client anyway...as I dont use outlook or anything like that) and that trojans came via hackers that creep into a non-firewall protected computer whilst connected online.

    Hmmm...ok.. am now in think again mode.
     
  11. snowman

    snowman Guest

          Zzzzzzz

          thats a very smart move you made...deciding to think the situation over.........ok, lets try to make this even easier for you..........why don't you make a post in the anti-virus forum......something like  "should I use a virus scanner"  an see what replies you get.......

          Firewalls are wonderful.......unforunately the purpose of firewalls are often mis-understood....afterall its not like information about firewalls can be found in the local sunday newspaper......its at a BB like wilders where people gather to share info...an grow in knowledge.......an hopefully pass it on

          an Zzzz let me encourage you not to take my suggestions on anything without getting suggestions from others also......an then...use your own good common sense.

           so  consider your decision very carefully....ask others.....then its you and you alone who makes that decision..........
         
           please excuse me now....I've had food poisoning for the past couple of days.....makes it kinda difficult to type......so will close this out now..........now Zzz don't be shy about asking questions at the other forums...you will find very sincere people here who take computer security seriously......an the are intelligent....anything you don't understand they can explain....

         wishing you a most enjoyable day

                   snowman
     
  12. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Thank you snowman...you have been a great help to me. I will now take time out to look over some of the boards on this excellent site and may well post some queries dependant on what my re-assessment comes up with. I also need to do the re-install of AOL 7 to conduct the firewall test on pcflank...I will post the result of that test on here to keep it on topic with this thread. That'll be ASAP.

    I wish you a speedy recovery from your food poisoning there, hope its not too uncomfortable for you.
     
  13. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    I have now run the pcflank tests with AOL 7 and to my surprise it passed all the stealth tests. I couldn't understand this because GRC tests reported port 113 open but all the port scans with pcflank were stealthed.
    Then I noticed that port 113 was not included in pcflancs tests. So I then did a dedicated 113 scan, and it came back as open but with the added info that it was N/A.  So I then ran the same dedicated 113 scan on AOL 6 and it also shows open yet with GRC it shows stealthed

    This is getting really complicated.

    So my conclusions are this:

    pcflanc dont reckon port 113 as anything to be concerned about in their tests and pass both AOL 6 and 7 as ok with ZA free. But if I request 113 to be checked it fails both 6 and 7

    GRC reckon port 113 is a valid port to scan and pass it in 6 but fail it in 7.

    So the question is simple...run with pcflanc and forget all about port 113 or run with GRC and dont use AOL 7.  
     
  14. FanJ

    FanJ Guest

    Hi Zarzenz,

    You could try it also here:

    http://www.dslreports.com/scan

    In case you have blocked ActiveX, Java etc., it could be possible that you need to lower your setting for that scan.

    On the free-service page of the Wilders-site you can find more sites where you can do portscans.
     
  15. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Thanks FanJ...thats a good idea. I could try out different port scanners out there and build up some sort of idea of what is actually going on here...I guess there will always be differences between the various sites offering this service, but by doing more tests it should be possible to get a slightly more unified result.

    Nice one.
     
  16. snowman

    snowman Guest

    Port number: 113

    Common name(s): identd

    Common service(s): identd

    Service description(s): provides the username/account ID associated with a given port in use on a system, allowing remote systems to detemrine which user is responsible for a connection

    Common server(s): identd, midentd, pidentd, oidentd

    Common client(s): IRC servers, Email servers, other daemons that try to report the user that made the connection from a remote system.

    Common problem(s): Information disclosure, i.e. account name, should consider only showing account numbers. Denial of service attacks are possible as well as using it to identify operating systems and other useful information

                     *************************

    Zzzzzzzzzz.....by chance are you using a messenager or chat program
     
  17. FanJ

    FanJ Guest

    If I remember me well (but I could definitely be wrong) there was an issue with port 113 on the PCFlank port-scan-test.
    At the moment I don't know whether I can find more info on that and whether I'm right or wrong on this.
     
  18. FanJ

    FanJ Guest

  19. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Snowman...thanks for that info on port 113. I dont have MSN messenger installed on my system now but I did have it a while back (thats were I got the brain trojan) but maybe its something to do with AOL instant messenger which comes as a part of their system and which is quite useful to have instant comms with fellow AOL or AIM users.

    FanJ...I just had a look at the forum messages you linked and although they are refering to a dodgy port 139 scan it does however highlight the fact that maybe these port scans cant be fully relied on...hmmm...I think the idea of doing as many of these scans as one can find from as many scan providers as possible looks like a good way to go.

    Hey guys...really appreaciate your input...thanks.
     
Loading...
Thread Status:
Not open for further replies.