October 2nd, 2002, 12:01 PM
thanx buddy, you've mentioned "Telnet must be enabled on your machine, the attacker must have a username and password as well". well would you plz tell me the detail of this plz. I m using windows98 and logon using default user without any password. I don't have any port blocker installed. again i repeat from conneting through telnet i don't mean to connect to some server like www.yahoo.com, instead i meant if anyone is able to connect with my pc using telnet. Can he connect at any open port using telnet, or there is a single port associated with my system, and plz explain me what do you mean by "attacker must have a user name and password". i'll wait for answer. and thanx for such help.
October 2nd, 2002, 12:15 PM
If you're using Windows 98 and you aren't using it to run a web site or a mail server (or similar service), you've got nothing to worry about. He can only connect at a port which is running a service which telnet can connect to, for instance an SMTP service running on port 25 (or another port if this has been reassigned). If you are running a telnet service on port 23, and you have logins set up on this service, and he has a valid username and a password, then he will be able to connect to your computer with whatever permissions the account has. Basically, if you are a normal computer user with a fairly standard Win98 installation, you don't need to be too worried about telnet attacks, unless your friend has a trojan installed which allows remote administration over telnet, or something similar. If you want to check your computer for trojans, head over to http://www.moosoft.com and download The Cleaner.
Hope this helped you out
October 2nd, 2002, 12:40 PM
I'll say get some firewall to protect your pc I didn't mean that it will protect you all the way but it might help you to know what ports on your pc is currently running try to get some if you want maybe you can use Zone Alarm or Agitnium Personal firewall you can download it on this links
www.download.com or try to search for Zone Alarm on google or yahoo search engine and try to read some tutorial on telnet maybe it can help you im not very familiar about telnet try antionline tutorials
hope this info help you
October 2nd, 2002, 01:04 PM
Just thought I'd clarify something else for you, too. A person doesn't have to have a username and password on your system for them to connect to a port other than the telnet port (23), nor does the telnet service have to be running either. I can connect to any system that has the SMTP service running (or any other service I can communicate with using telnet) without having an account on that system. That's exactly how computers themselves connect to each other. As long as the service is up-to-date with the latest security patches, however, I probably won't be able to get into your system beyond that port.
/* You are not expected to understand this. */
October 2nd, 2002, 01:59 PM
Ug, just realized you have two threads open...really should avoid doin that. I answered your question in the other thread located here.
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)