If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#11
|
|||
|
|||
In article .com, randau
says... I've been faithfully installing Windows'ME Critical Updates for some time now and my system seems to be getting more and more unstable. I now get a blue screen crash almost every day and sometimes more than one a day. They are randomly erratic having no particular pattern or cause. Critical Updates appear to consist of an endless number of security updates to protect against hackers or deviant web sites accessing your computer. I'm not aware of there ever being an attempt to hack into my computer nor am I aware of anyone I know having had that experience. With the millions of web sites and hundreds of millions of users online everyday, the probability of getting hacked must be pretty low (especially for an on and off dial-up connection). Hmmm. Watching my router logs, normally a useless exercise, I see numerous attempts at infecting my computer; even when I use a dial-up connection instead of my DSL connection. It only takes a few seconds before the probes start coming in for assorted nasties that attack vulnerable system ports. Consider these entries from a Level3 dial-up session for an SBC customer (me): 2004-12-22 10:38:22 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.48.209:1388]-localhost:445, Owner: no owner 2004-12-22 10:38:22 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.201.50:2165]-localhost:135, Owner: no owner 2004-12-22 10:38:28 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.108.174:3233]- localhost:445, Owner: no owner 2004-12-22 10:38:28 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.108.174:3233]- localhost:445, Owner: no owner 2004-12-22 10:38:39 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.126.85:1054]-localhost:445, Owner: no owner 2004-12-22 10:38:43 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.126.85:1054]-localhost:445, Owner: no owner 2004-12-22 10:39:03 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.237.75:3350]-localhost:135, Owner: no owner 2004-12-22 10:39:06 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.237.75:3350]-localhost:135, Owner: no owner 2004-12-22 10:44:14 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.105.214:3531]- localhost:135, Owner: no owner 2004-12-22 10:44:17 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.105.214:3531]- localhost:135, Owner: no owner The "localhost:port#" lines are the destination; my computer. The IP address is the source of the probe. Port 135 probes are likely messenger spam. The Sasser worm is one of the common Windows infectors which attacks port 445. The endless succession of Critical Updates never seem to offer fixes for known system bugs, which I would appreciate. Most Critical Upadates patch security problems. If you have never had a site attempt a drive-by download, you haven't been around the Internet block. I've seen numerous attempts at sleazy, underhanded system takeover. I don't normally use MSIE, but I have tested it against such a site, on occasion, when I find it; so far, with the latest Critical Updates, and proper security settings for the "Internet zone" of MSIE, nothing bad has happened. But who knows, if I hadn't kept MSIE current. I'm wondering if there isn't a connection between the endless procession of Critical Update patches and the increasing instability of the operating system. Might I be and have been better off ignoring the Critical Updates? Definitely not! I have no stability problems with Windows Me, except for some random flakiness that seems to be a result of overheating the RAM when a P.S. fan died. I figure the hardware was seriously cooked and I am running on borrowed time. Symantec products are notorious for causing problems. I have learned which ones don't affect Windows Me, and avoid the ones which do. When I had paid for a year of NAV, I never let it scan my email. Much flakiness seems to attend to either Norton Anti Virus, or McAfee Anti Virus, scanning email. Another Norton utility created problems, and never really did anything. I find a handful which are useful, though. -randau Oregon, USA You need to use a proper signature separator; dash-dash-endline. Doesn't Google Groups provide one in the compose window? I read and post from the Google Groups web site... My condolences. A proper news client is much superior. Even MS Outlook Express is better than any web access to news groups. The only web-to-news interface worse than Google Groups is "Microsoft CDO for Windows 2000", commonly used by posters in these groups because they stumble on the groups while searching the MSFT web site for assistance. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#12
|
|||
|
|||
Thanks for your informative and insightful response Norman.
I read it with great interest and thought. Norman wrote: The "localhost:port#" lines are the destination; my computer. The IP address is the source of the probe. Port 135 probes are likely messenger spam. The Sasser worm is one of the common Windows infectors which attacks port 445. Most Critical Upadates patch security problems. If you have never had a site attempt a drive-by download, you haven't been around the Internet block. I've seen numerous attempts at sleazy, underhanded system takeover. I don't normally use MSIE, but I have tested it against such a site, on occasion, when I find it; so far, with the latest Critical Updates, and proper security settings for the "Internet zone" of MSIE, nothing bad has happened. But who knows, if I hadn't kept MSIE current. Are we talking about attempts to access your computer for the purpose of "Live Hacker" mischief as apposed to preprogrammed Viruses and Email Worms, which can be protected against with Anti-Virus programs? randau wrote: I'm wondering if there isn't a connection between the endless procession of Critical Update patches and the increasing instability of the operating system. Might I be and have been better off ignoring the Critical Updates? Definitely not! I have no stability problems with Windows Me, except for some random flakiness that seems to be a result of overheating the RAM when a P.S. fan died. I figure the hardware was seriously cooked and I am running on borrowed time. Symantec products are notorious for causing problems. I have learned which ones don't affect Windows Me, and avoid the ones which do. When I had paid for a year of NAV, I never let it scan my email. Much flakiness seems to attend to either Norton Anti Virus, or McAfee Anti Virus, scanning email. Another Norton utility created problems, and never really did anything. I find a handful which are useful, though. These random crashes occur when I'm not even running an email program. There appears to be no correlation with running any particular program or performing any particular operation. What Anti-Virus program would you recommend? I read and post from the Google Groups web site... My condolences. A proper news client is much superior. Even MS Outlook Express is better than any web access to news groups. The only web-to-news interface worse than Google Groups is "Microsoft CDO for Windows 2000", commonly used by posters in these groups because they stumble on the groups while searching the MSFT web site for assistance. I've used several news clients before, but I found Google Groups more useful for a number of reasons. 1) The terrific search capabilities of their extensive Archive of past postings, especially computer related groups. 2) All my stuff is archived at their site instead of my having to store it. 3) Direct random access to any thread rather than the chronological serial access that was used by news client programs. If I posted to a highly active group and missed a day or so of checking it, I had to download and wade through enormous numbers of headers in order to get to what I was looking for, using a news client program. -- Regards, randau (is that better) :-) |
#13
|
|||
|
|||
Thanks for your informative and insightful response Norman.
I read it with great interest and thought. Norman wrote: The "localhost:port#" lines are the destination; my computer. The IP address is the source of the probe. Port 135 probes are likely messenger spam. The Sasser worm is one of the common Windows infectors which attacks port 445. Most Critical Upadates patch security problems. If you have never had a site attempt a drive-by download, you haven't been around the Internet block. I've seen numerous attempts at sleazy, underhanded system takeover. I don't normally use MSIE, but I have tested it against such a site, on occasion, when I find it; so far, with the latest Critical Updates, and proper security settings for the "Internet zone" of MSIE, nothing bad has happened. But who knows, if I hadn't kept MSIE current. Are we talking about attempts to access your computer for the purpose of "Live Hacker" mischief as apposed to preprogrammed Viruses and Email Worms, which can be protected against with Anti-Virus programs? randau wrote: I'm wondering if there isn't a connection between the endless procession of Critical Update patches and the increasing instability of the operating system. Might I be and have been better off ignoring the Critical Updates? Definitely not! I have no stability problems with Windows Me, except for some random flakiness that seems to be a result of overheating the RAM when a P.S. fan died. I figure the hardware was seriously cooked and I am running on borrowed time. Symantec products are notorious for causing problems. I have learned which ones don't affect Windows Me, and avoid the ones which do. When I had paid for a year of NAV, I never let it scan my email. Much flakiness seems to attend to either Norton Anti Virus, or McAfee Anti Virus, scanning email. Another Norton utility created problems, and never really did anything. I find a handful which are useful, though. These random crashes occur when I'm not even running an email program. There appears to be no correlation with running any particular program or performing any particular operation. What Anti-Virus program would you recommend? I read and post from the Google Groups web site... My condolences. A proper news client is much superior. Even MS Outlook Express is better than any web access to news groups. The only web-to-news interface worse than Google Groups is "Microsoft CDO for Windows 2000", commonly used by posters in these groups because they stumble on the groups while searching the MSFT web site for assistance. I've used several news clients before, but I found Google Groups more useful for a number of reasons. 1) The terrific search capabilities of their extensive Archive of past postings, especially computer related groups. 2) All my stuff is archived at their site instead of my having to store it. 3) Direct random access to any thread rather than the chronological serial access that was used by news client programs. If I posted to a highly active group and missed a day or so of checking it, I had to download and wade through enormous numbers of headers in order to get to what I was looking for, using a news client program. -- Regards, randau (is that better) :-) |
#14
|
|||
|
|||
In article .com, randau
says... Thanks for your informative and insightful response Norman. I read it with great interest and thought. You're welcome. Hopefully it provided some kind of starting point in isolating your problem. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#15
|
|||
|
|||
randau wrote:
Thanks for your informative and insightful response Norman. I read it with great interest and thought. You're welcome. Hopefully it provided some kind of starting point in isolating your problem. -- Norman Sorry for the prior redundant posting, it was unintentional. But, I did have some comments and questions laced into your text in the initial transmission that I think you may not have noticed. Would you mind taking another look at it. -- Thanks, randau |
#16
|
|||
|
|||
I'll no longer be watching this thread for replies. So, if
someone wants me to see their reply or wants to contact me, please cleanup and use the Spam resistant Email address below. randau2...(at)...proaxis.com -randau Oregon, USA |
|
Thread Tools | |
Display Modes | |
|
|