I'm now a threat to Time Warner??? - testmy.net resource / tool

dukebettrthanunc

New Member

Offline

Gender: Male

Posts: 17

I'm now a threat to Time Warner???

« on: January 06, 2007, 12:36:41 PM »

I received the following letter from Time Warner today:

Road Runner has received reports of suspicious probes being issued by your computer targeting port 445 on other systems. These probes may be an attempt to exploit a known security issue in many versions of Microsoft Windows to compromise computers. A Microsoft security bulletin located online at http://www.microsoft.com/technet/bulletin/MS04-011.mspx describes this vulnerability.

We need this activity to stop immediately. Please ensure that no one is using your computer to perform port scans. If you are running Windows NC, 2000, XP, or Server 2003 and have not patched your system against the vulnerability described above, please do so immediately by downloading the appropriate security updates from http://windowsupdate.microsoft.com/.

Unless someone at your location is initiating these port scans, your computer is likely infected by a virus that needs to be cleaned up. If you have anti-virus software installed on your computer, please take a moment to run a full scan of your hard drive and clean any viruses or Trojans that you find. You can also run a free online virus scan by visiting http://housecall.trendmicro.com/.

If you do not have anti-virus software or a firewall installed, the easiest way to protect your system is to download and install EZ Armor, a leading anti-virus program and firewall from Computer Associates, free of charge from the Road Runner website (http://www.rr.com/). In any case, you should visit Microsoft's Windows Update website once you have cleaned any viruses from your system to download any outstanding security updates and prevent future re-infection.

Since port scanning is a serious threat to Internet security, please be aware that further complaints may, after review, lead to temporary suspension of your service until you can secure your system. If you have any questions, feel free to e-mail us at support@twcarolina.com or call us at (704) 943-4427. Thank you in advance for your cooperation.

Alright...what the heck is this about?
Who's been complaining?
What does port 445 do?
How do I get rid of this problem without an anti-virus software, because anti-virus software renders a computer useless?

I'd rather get some real answers on here than to have to listen to a bunch of bullcrap from the TW people.

--Matt


	Logged

Doomsday

Sr. Member

Offline

Posts: 130

Re: I'm now a threat to Time Warner???

« Reply #1 on: January 06, 2007, 01:09:08 PM »

http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm


	Logged

::::::::::.. testmy.net test results ..::::::::::
Download Connection is:: 3766 Kbps about 3.77 Mbps (tested with 5983 kB)
Download Speed is:: 460 kB/s
Upload Connection is:: 363 Kbps about 0.4 Mbps (tested with 579 kB)
Upload Speed is:: 44 kB/s
Tested From:: http://testmy.net (Server 1)
Test Time:: 2006/12/08 - 8:57am
D-Validation Link:: http://testmy.net/stats/id-M62KQEFXR
U-Validation Link:: http://testmy.net/stats/id-0REA4PHKM
User Agent:: Opera/9.02 (Windows NT 5.1; U; en)

tommie gorman

Sophist Member
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 10136

"OLD GLORY"

Re: I'm now a threat to Time Warner???

« Reply #2 on: January 06, 2007, 04:02:28 PM »

Quote from: dukebettrthanunc on January 06, 2007, 12:36:41 PM

How do I get rid of this problem without an anti-virus software, because anti-virus software renders a computer useless?

Welcome to the forum dukebettrthanunc wave

So why not use online scanning then. You just will not have any real time protection. There are several out there. '

And why do you figure this on becoming useless. Mine still works fine. Lost


	Logged

IF YOU DON'T STAND BEHIND OUR TROOPS, PLEASE, FEEL FREE TO STAND IN FRONT OF THEM !!!

"an old country hick from america"

Sprint EVDO Rev. A * AMD 64 3500+ 2.2 GHz cpu Ram 2GB/XP Home * TCP Optimizer

Swimmer

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 6393

Re: I'm now a threat to Time Warner???

« Reply #3 on: January 06, 2007, 09:48:16 PM »

Quote from: Doomsday on January 06, 2007, 01:09:08 PM

http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm

That is pretty much the best explanation...

As far as the letter goes... I dont know how, other than an abuse email from a system admin, they would know that it is your machine. The only other way that they could know is if they were running port scans and found that 445 was open and thought you were trying to set up and SMB share. Which would be a violation of the RR TOS.

If you are not running any anti-virus I would run an online scan just to check.. There are a few program out there that dont cripple a computer. AVG, Trend Micro, and a few others. The other thing that you might want to do is install Zone Alarm for a little while and make it so that programs have to ask permission to access the internet. If it is your computer sending out 445 requests then you would have to approve the request for the internet.

I am going to guess that you are behind a router of some sort as most people are... So if infact you are not trying to set up and SMB server or connect to an SMB share, then the only way for your IP address to show up on a server log is if you had a compromised machine on your network.


	Logged

TimPawlak

News Anchor
Expert

Offline

Gender: Male

Posts: 1540

Comcast 20/2 --- Telia 100/75

Re: I'm now a threat to Time Warner???

« Reply #4 on: January 06, 2007, 10:22:33 PM »

here's a pic of port scans from different ip's scanning my server pc

portscan654989.JPG (226.98 KB, 1024x768 - viewed 135 times.)
	Logged

Swimmer

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 6393

Re: I'm now a threat to Time Warner???

« Reply #5 on: January 06, 2007, 10:26:53 PM »

Most of the time UDP is just garbage.. as UDP doenst require reply if the packet was received or not. Seeing how you are behind a router the ports that that traffic are coming in on most likely are related to your server some how.


	Logged

TimPawlak

News Anchor
Expert

Offline

Gender: Male

Posts: 1540

Comcast 20/2 --- Telia 100/75

Re: I'm now a threat to Time Warner???

« Reply #6 on: January 06, 2007, 10:45:43 PM »

yeah.. it wont stop

portscan6549899.JPG (154 KB, 1024x768 - viewed 129 times.)
	Logged

php

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 5127

Re: I'm now a threat to Time Warner???

« Reply #7 on: January 06, 2007, 11:21:49 PM »

is the server in a DMZ? and if so, why?


	Logged

Shug7272

I Kick Ass
Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 6056

My winkie hurts when I wee wee.

Re: I'm now a threat to Time Warner???

« Reply #8 on: January 06, 2007, 11:27:26 PM »

Welcome to the forum man. Unless I have already welcomed you.. then I take it back. cheesy

Anyway I just wanted to come here to tell you not to worry. ISP's talk out their ass all the time, as long as you are being good your ok (you are being good arent you). Oh and Im a threat to Chineese food buffets but that dont stop me. I just have to rotate to give them time to hire new staff that dont know to lock the doors on site. azn

Me iz so smert. uglystupid2


	Logged

dlewis23

Global Moderator
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 9755

HEY! ill put it down when im good and ready.

Re: I'm now a threat to Time Warner???

« Reply #9 on: January 06, 2007, 11:30:42 PM »

tim here is your problem, your running a vent, teamspeak, CSS, ISI dedicated and god knows what other sever program on 1 computer, your going to have a ton of connections like that no matter what. You leaving your self open to so many possible attacks.


	Logged

TimPawlak

News Anchor
Expert

Offline

Gender: Male

Posts: 1540

Comcast 20/2 --- Telia 100/75

Re: I'm now a threat to Time Warner???

« Reply #10 on: January 07, 2007, 10:05:21 AM »

Quote from: dlewis23 on January 06, 2007, 11:30:42 PM

yup, true

Quote from: php on January 06, 2007, 11:21:49 PM

is the server in a DMZ? and if so, why?

no, port forward


	Logged

php

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 5127

Re: I'm now a threat to Time Warner???

« Reply #11 on: January 07, 2007, 01:29:10 PM »

those connections shouldn't even be making it to your computer then... or are those ports forwarded for something?


	Logged

Swimmer

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 6393

Re: I'm now a threat to Time Warner???

« Reply #12 on: January 09, 2007, 06:52:05 AM »

The ports are forwarded.. He customized what ports the programs use.


	Logged

dlewis23

Global Moderator
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 9755

HEY! ill put it down when im good and ready.

Re: I'm now a threat to Time Warner???

« Reply #13 on: January 09, 2007, 08:15:46 AM »

another thing, xp isn't exactly the best OS to be doing that on.


	Logged

Swimmer

Vice Admin
TMN Seasoned Veteran

Offline

Gender: Male

Posts: 6393

Re: I'm now a threat to Time Warner???

« Reply #14 on: January 09, 2007, 09:47:16 AM »

Quote from: dlewis23 on January 09, 2007, 08:15:46 AM

another thing, xp isn't exactly the best OS to be doing that on.

I think it is 2003.. Dont know if it is a legal copy but from my adventures onto that machine I am pretty sure that it is running 2003.


	Logged

Recommended Tests

Test PC Performance:
Click here to run a free Performance Scan

Test PC Stability:
Click here to run a free Registry Scan

Note: The links above are sponsored links

Recommended Tests

Recommended Tests Test PC Performance: Click here to run a free Performance Scan Test PC Stability: Click here to run a free Registry Scan Note: The links above are sponsored links

Recommended Tests

Recommended Tests

Test PC Performance:
Click here to run a free Performance Scan

Test PC Stability:
Click here to run a free Registry Scan

Note: The links above are sponsored links