Novice struggling with Security!

Discussion in 'Computer Support' started by Jon Watson, Oct 12, 2003.

  1. Jon Watson

    Jon Watson Guest

    Hi. I have had to reinstall the Tiny Personal Firewall 2 onto my Windows XP
    Home machine.
    Reason? I performed the Shields Up test at GRC.com, only to find I had 2
    ports open. I therefore had a fiddle and made a mess resulting in no
    ability to access web pages. I downloaded a new set-up file for PF2,
    disconnected from the web, and used ADD/REMOVE to uninstall PF2.

    Having reinstalled the new copy, I now find that on reboot I get the
    following message in a yellow pop up
    !Windows - Fatal Application Exit
    Tiny Personal Firewall: KernalOpenFile: strlen(filename) <2?!?

    Web pages are slow to access, or not at all, and I am constantly hounded
    with: -
    MgsDigestComputeMD5:Unable to open

    Dos anyone have any answers please???

    Regards,
    Jon.
     
    Jon Watson, Oct 12, 2003
    #1
    1. Advertisements

  2. Jon Watson

    Brian H¹© Guest

    Jon Watson said:
    How do you think you accessed GRC in the first place if you didn't have at least
    1 port open, ie your browser.
    I would strongly suggest you get someone who knows what they are doing to tackle
    this problem for you, because, unless someone comes up with a really really
    simple answer to your problem, you risk getting into deeper sh... trouble.
     
    Brian H¹©, Oct 12, 2003
    #2
    1. Advertisements

  3. Jon Watson

    Jon Watson Guest

    I actuall yhad all ports on 'stealth, bar 1 which was closed. This caused
    GRC to proclain my FW had failed due to solicited TCP packets! This caused
    me to check my FW config. Heaven knows why it then refused to access all
    pages after I hadnt made any permanent changes.


    sorted asap!!! Things to do....
     
    Jon Watson, Oct 12, 2003
    #3
  4. Jon Watson

    Mara Guest

    Yes. Uninstall it again, and afterwards use a registry cleaner to clean up the
    debris. Then, install a different firewall, such as Outpost or Sygate.

    "Check C: drive for debris, too."
     
    Mara, Oct 12, 2003
    #4
  5. Jon Watson

    Jon Watson Guest

    Thanks, I'll have a look and see if I can find a suitable registry cleaner
    ( never used one, so we'll see what happens! - any do's or don'ts?)

    I assume then that my uninstall has left data that has critically impacted
    the reinstall?

    Any reason for the change in firewall? are they just particularly good, or
    is PF2 particularly bad?

    Thanks for you help!

    Jon :)
     
    Jon Watson, Oct 12, 2003
    #5
  6. Jon Watson

    Boomer Guest

    Hi Jon

    Here's a good link that has some good freeware and tips listed.
    Compliments of °Mike°.
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html

    I found Outpost very easy to setup and use. It's a good firewall.

    Also
    Hi
    Could you please include some of the message you are responding to,
    in your reply?
    (Tools> Options> Send tab, tick the "Include message in Reply" box.)

    Thank You Very Much :)
     
    Boomer, Oct 12, 2003
    #6
  7. Jon Watson

    Mara Guest

    Yes. Go here:

    http://uk.geocities.com/personel44/maintenance.html

    and download EasyCleaner. When you have more experience, get Jv16 Power Tools.
    Power Tools has a registry cleaner that will list out the entries and allow you
    to remove them.

    Also, download, update, and then run Spybot Search & Destroy:

    http://www.safer-networking.org/index.php?lang=en&page=download

    (scroll down the page.)

    "Everyone should run this program, along with HijackThis, AdAware,
    SpywareBlaster, and a _good_, low-resource, well-written antivirus program."

    It is possible. It is also possible that it's a trojan or some other form of
    malware.
    Tiny stinks. It can fark a system all on its own. I recommend either Sygate
    Personal Firewall or Outpost. I personally run Sygate Personal Firewall Pro.
    YW. :)
     
    Mara, Oct 12, 2003
    #7
  8. Jon Watson

    Mike0000 Guest

    Brian H¹© wrote:

    Browsers do not listen on ports. They GET data. At the very least the
    user had 135 or some other microsoft networking/rpc port open.
     
    Mike0000, Oct 12, 2003
    #8
  9. Jon Watson

    Mike0000 Guest

    Mike0000, Oct 12, 2003
    #9
  10. Jon Watson

    Miggsee Guest

    Miggsee, Oct 12, 2003
    #10
  11. Jon Watson

    Jon Watson Guest

    Thanks Mara. Quick update, used reg cleaner, cleaned debris from C:
    installed V5 of the sygate firewall. Ran NAI Stinger and Trend online AV to
    check for Trojans (all clear). Already using Spybot and Spyware blaster, so
    ran again.

    Was up to 3am, due to annoying problems like losing the ability to scroll up
    and down!, Monitor settings messing up, loads of apps went missing etc
    (thank god for System Restore!) and the Tiny Personal Firewall wouldn't
    allow me to Add/Remove it, so I has to do a full reinstall and then
    uninstall! God, my eyes are tired this morning!!!

    I have one last worry now having checked back on GRC Shields UP, that port
    1025 is now open, but I'll post that further down for added attention!
    (hopefully).

    Thanks to Mara and to all others who have given me valuable pointers and
    advice in my hour of need.

    Regards

    Jon
     
    Jon Watson, Oct 12, 2003
    #11
  12. Jon Watson

    Mike0000 Guest

    Miggsee wrote:

    So? That's not what he's asking for and arguably its needless complexity
    for a simple home machine for a non-tech user.

    Run AV and do spyware checks from time to time.
     
    Mike0000, Oct 13, 2003
    #12
  13. Jon Watson

    Miggsee Guest

    I was stating a simple and important fact. My machines are as protected as
    possible in today's world of computing.

    There are new users reading this newsgroup, that do not know about all
    malware, nor about Trojans. XP won't always protect them.

    A decent firewall is configurable against out going *transmissions* from the
    user's computer: Personal info spread; virus; worms; malware; relaying,
    etc..............................

    I would rather refer users to alternate methods of protection, than
    suggesting they trust the complete reliability of XP's firewall.

    I work with non-tech users every day! I teach them, not mislead them!
     
    Miggsee, Oct 13, 2003
    #13
  14. Jon Watson

    Mara Guest

    Firewall.com is an interesting place to visit. :)

    http://firewall.com/cgi-bin/jump.cgi?ID=1286

    [Emphasis mine]

    "An Internet firewall examines all traffic routed between your network and the
    Internet to see if it meets certain criteria. If it does, it is routed between
    the networks, otherwise it is stopped. ****A network firewall filters both
    inbound and outbound traffic.**** It can also manage public access to private
    networked resources such as host applications. It can be used to log all
    attempts to enter the private network and trigger alarms when hostile or
    unauthorized entry is attempted. Firewalls can filter packets based on their
    source, destination addresses and port numbers. This is known as address
    filtering. Firewalls can also filter specific types of network traffic. This is
    also known as protocol filtering because the decision to forward or reject
    traffic is dependant upon the protocol used, for example HTTP, ftp or telnet.
    Firewalls can also filter traffic by packet attribute or state."
    XP won't protect them at all. Only knowledge, and the right tools, will protect
    their systems.
    This is exactly right. These days it is becoming increasingly common for boxes
    to suffer infection attempts within minutes, and sometimes even seconds, of
    connecting. Users may not become aware they are infected until their firewall
    alerts them of *outbound* connection attempts. Since there are so many software
    firewalls available that do in fact alert on both incoming and outgoing
    attempts, a single-direction firewall such as the one built into XP should not
    even be considered an option if security is a consideration - and if security
    isn't a consideration, that box should not be allowed to connect to the
    internet.

    "Why take such a large risk when it isn't necessary?"
    If you can read this, thank a teacher.

    "And I do. :)"
     
    Mara, Oct 13, 2003
    #14
  15. Jon Watson

    Miggsee Guest

    Great link! I think :) Thanks!
    He can think of it as *insurance*.
     
    Miggsee, Oct 13, 2003
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.