ip rules help (urgent)
Results 1 to 4 of 4

Thread: ip rules help (urgent)

  1. #1
    Join Date
    Feb 2003

    ip rules help (urgent)

    this morning i realized my windows 2000 system has around 20 (yes 20) tcp connctions established to various web sites and irc servers

    it's probably a trojan or a worm of some kind....

    before i investigate i'd like to cut off all access on all ports besides http access (wanna still be able to browse)

    how can i make that happened either from within the OS or open source solutions only

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    The Great White North
    Have you got a firewall? If not, look into something like ZoneAlarm or Outpost. Both easy to install and free versions are available.


  3. #3
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002


    Download Only
    Easy, Always-on Protection

    ZoneAlarm provides solid PC protection for the home user. It's free for personal and non-profit use (excluding government and educational entities). ZoneAlarm is compatible with Microsoft® Windows® 98/Me/NT/2000 and XP. More Information

    System requirements: IBM PC or 100% compatible 486 System processor (or higher), Windows 98/Me/NT/2000/XP, 8MB RAM, 3MB Hard disk space.

    * ZoneAlarm is free for individual and not-for-profit charitable entity use (excluding governmental entities and educational institutions).

    ZoneAlarm End-User License Agreement
    free version of zonealarm http://www.zonelabs.com/store/applic...Vt2Rle1Rh0iBTr!1149884956!173109956!7511!7512?namespace=zls_main&origin=global.jsp&event=link.skuList&&zl_catalog_view_id=201
    yeah, I\'m gonna need that by friday...

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    First, go to www.moosoft.com and download the trojan cleaner. Next, you can get tcpview from www.sysinternals.com and look at a realtime view of what is happening on your box. Follow up with process explorer to see what processes are participating. Once you hae a good idea, run the trojan cleaner and then install one of the many free personal firewalls and consider this a nice learning experience.

    Best thing to do is not panic. Go through the above light remediation to determine exactly what is happening, then clean your box if it does turn out that you have a trojan, then protect it from future attacks with a personal firewall.

    This is the best I can do for you with the info you provided. Hope it helps out.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts