Post by *NastyJeff* on Mar 4, 2005 20:39:01 GMT -5
server is up.. found all kinds of people trying to access me still...after I put in ZoneAlarm. Uninstalled it of course... turned off auto download.... I wish I could find software that actually LIMITS the amount of requests.... I am new to this spoofing thing... but I learing!
Maybe u should try Outpost pro firewall, it got a good attack detectin plugin & is my fav firewall, zonealarm just slows U down
Look into processguard seriously m8, when u got a clean system, it can stop a lot of trojan like changes & protects specific parts as u can see in the screenie, anythin changes or trys to install behind Ur back, it lets u know & blocks it
Post by *NastyJeff* on Mar 4, 2005 22:02:56 GMT -5
Can it limit the amount of requests? I am only getting them on port 27960-- however, it seems to have settled down.. if people would test it for me, I would know...hint hint.... I need to leave that port open... I thought maybe, just possibly, it could be my ISP.... not suppose to run servers.....
Idont know if it can do that m8, but U can easily make a rule to allow incoming UDP only on Ur q3 port, if it detects a lot of request then it should treat it as a attack & the attack detection plugin can block it (U can tweak the plugins properties, ie how many reqests before it should block it, etc)
Processguard has a learning mode, install it on a fresh install, then after reboot run all Ur secutrity apps & net apps & fav progs for a hour or so, then reboot again & run anythin else U will need, than after a another reboot it detects what needs what access & turns learning mode off.
From then off it will block any ofthe four options in the screenie (physicla mem, block driver/rootkit, etc) & if any exe has changed or tries to run, it will prompt U to allow or deny (it can rem Ur changes till it changes again)
BaNzI ;D
PS looked for server last night after u said it was up, but couldnt find it
Ouch, thats a lot of nasties U got there Jeffy, notice that a lot of them are java types, if U not already done so update to Java 1.5.0 as it fixes a lot of the holes that let these thru, here's the link
Best to uninstall the old one & then install the new one, also use the java cpl in control panel to regualry clear Ur java cache.
Nortons might be ok at detection, but it mince for actually removing stuff cleanly, hence the fact symantec has to make individual removel tools for most viri/trojans.
Might be a idea to uninstall Nortons & try out Kaspersky Personal, that has a 99.99% detection & removel rate & if U use the extended dayabases it then checks for riskware, malware, adultware & dialers etc, U can always put norton back on after u know U clean.
If U do try KAV, then U might have to not use the Istream feature & maybe have to turn off the network attack feature as it can conflct with some firewalls.
Also an idea to empty Ur norton protected recycle bin as there 2 still in there.
U might also want to check out SpywareBlaster to stop spyware gettin in & also a spyware scanner like SpybotSD or Ad Aware or even MS Antispyware (carefull what U remove with it tho, i heard it actuallt flagged IE as spyware & removed it in the past lol
Post by *NastyJeff* on Mar 5, 2005 11:35:16 GMT -5
Already did all that.. you forgot to say, turn off system restore, boot up XP in safe mode, then run all scanners and delete what needs to be, then reboot and turn back on system restore.. For those of you that don't know.. if you run XP home or pro, you need to have system restore turned off. It keeps an image of everything, so, you may delete what you are running, but you still have the image, so, you still have the problem. The only way after you turn off system restore to completely, absolutely make sure all the stuff is gone.. boot up in safe mode as Admin... after you are done, you can restore system restore....
Post by *NastyJeff* on Mar 5, 2005 11:36:47 GMT -5
Oh great, server was doing great, then the Man Boob man had to come in and clean house....scared em all off.... lol... wtg dude, you are really good! Yes, that is a compliment
Post by *NastyJeff* on Mar 5, 2005 19:32:22 GMT -5
I had myself a thought... after checking the logs and speeds again...
and realizing all is right in line.... we never had this problem with the old server, ever, did we? Ran good all the time.... minor spike once in a while, but that was about it if I remember correctly. So, my thought... could it be the server itself? At first I would say no, because Missy and I can still play just fine... but I don't know what else to do... besides check the wiring... Could the modem interfere with the router? possible... I didn't replace the modem, but that shouldn't be it. It's an electronic device, if they go bad...they go bad... I've always had my router and modem right next to each other.... If it is the server, could it possibly be ok for me and Missy because there is no real distance for the info to travel? I just dunno.... so, simple I figure... she's getting ripped apart right now..... if this doesn't do it... LONG LIVE GIMPS!!!! ( snow, you too...) *NastyJeff*<---- hides in the corner and cries...
Last Edit: Mar 5, 2005 19:33:13 GMT -5 by *NastyJeff*
Jeff don't like snowballs...grrrrr hmmm, idea. The server wasn't great, but I had a lot of issues with my isp today, so, can't truly test it... however...if anyone knows about an "Fam-3 3db Attenuator"? from what I can tell...they cut down the bandwidth 1/2 in hopes of funneling it better...am I correct? Cable company had one my one line.... like I said..."had".....
Attenuator's don't cut down bandwidth - they cut down signal strength. If your cable connection's signal strength is too high at your modem then you can have problems. Hence the need to use an attenuator to cut the "voltage" (pedants take note, it's not strictly voltage) down a little.
Your cable modem should have a diagnostics page, probably accesed something like http://192.168.100.1/ or something similar, the manual should tell you.
On this page you should see some reference to "signal", go here and check your values, in the ideal world they should be something like:
Downstrean Signal to Noise: Should be 30db or higher Downstream Received Power: Should be between -15 and +15, closest to ZERO the better.
Upstream Transmit Power: Should be between +8 to +58, ideal values are below +55. Values in the 40s most common and good.
Post by *NastyJeff* on Mar 6, 2005 17:02:26 GMT -5
Unfortunitly, my cable modem does not have a diagnostics page. Router? Yes... Modem? No.... Turns out, Blade crashes from time to time, so he might have been the issue....silly boy.. if not, I buying a new modem!