[Dshield] blocking the DSL hacke

Deb Hale haled at pionet.net
Sun Jan 22 13:14:26 GMT 2006


Mel,  It is highly unlikely that you will get rid of all the bad stuff
without a spending a lot of time.  I recommend for a computer that is this
badly compromised that it be backed up, reformatted and reloaded. You don't
know what backdoors have been left by the malware.  Some may over ride the
protection that the firewall and antivirus offer.  When you reload - install
the antivirus software, Spybot Search and Destroy, and AdAware SE and update
these and all of the Microsoft updates before installing any other software.
Make sure that your firewall is setup from the beginning.

Just my 2 cents.

Deb 

-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Vinod Kumar
Sent: Saturday, January 21, 2006 5:22 PM
To: General DShield Discussion List
Subject: Re: [Dshield] blocking the DSL hacke


On Sat, 21 Jan 2006, Mel wrote:


> 
> 
> My friends Earthlink DSL account has become useless lately.
>  As soon as the computer is turned on a constant barrage begins coming 
> from diverse machines on the Verizon network.(70.20.x.x)  Most attempts
seem to be netBIOS in nature, but it isn't very long, maybe as short as ten
minutes, until my friends machine is full of viruses and begins acting very
unstable.
>  We tried to get to the AVG website to update the anti-virus but always
get infected before we could wend our way to the AVG site in Germany.
>  We have a linksys router on hand but don't know anything about putting it
to use. I remember reading on the Dshield forum that a router would be
helpful in stopping intrusions. We are using a Netopia modem.
>  Can someone please point us in the right direction. Thanks many many in
advance.
>                                       Mel. 
>  
> 

First and perhaps easiest thing to do is to burn a copy of avg off of a
different computer perhaps yours and run it with out plugging into the
internet.

Your friend is most likely infested with all kinds of nasty spyware and
worms etc.

Run AVG, then get online, run AVG again after getting all the latest
updates.

Run spybot Search and Destroy, I believe Microsoft has a spyware removal
program.

The netgear is most likely not going to help, because your attacks are
coming in from your own infections.



_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list