Why do some people get such a kick out of scanning the ports on other folks' systems? I have a Sygate firewall on my computer; about once a day (more often on weekends and holidays), the status indicator in the system tray turns red with a little white flashing "x" in the middle. This tells me that someone, somewhere, is scanning the com ports of my system, but I'm darned if I know who is doing the scanning or from where--all the firewall will tell me (by way of a popup message when I double-click on the status indicator) is that "someone" is scanning my computer.

In this day and age of identity theft and other types of cybercrime, such a warning cannot (indeed must not) be taken lightly or ignored. I have avast! antivirus and the Sygate (now a division of Norton, IIRC) firewall, but every time the status indicator gives me that flashing white "x" in the middle of two blood-red arrows, I wonder if someone may be out there somewhere, trying to get heaven only knows what information from my computer's com ports. I have sensitive information stored in password-protected databases (in application programs--one is a password file, one is an address book) and wonder if someday, who knows when, where or even how, someone might somehow get hold of the passwords (by hacking the .pwl, or password list, file on my hard drive), and then...

I hate to think of the horrible way this scenario could play out. I don't want to have my password or address file databases accessible to just anyone, but in these days of very Internet-savvy people (some as young as nine or ten years of age), anything is possible. I have a rather intricate password protecting my password file, but it can still be hacked by someone skilled enough in such matters.

I am not necessarily waiting for the other shoe to drop, as the expression goes, and am not necessarily worried about anyone snatching my personal data from my system, but as I said earlier, I have to wonder whenever I see my firewall indicating that someone, somewhere in cyberspace is scanning my computer's com ports. Does anyone else use the Sygate firewall (the status indicator for which looks like two arrows, one pointing upward, the other down) and if so, have you seen the indication of a port scan attack (the two arrows turning blood-red--the international symbol meaning "warning!"--with a little flashing white "x" between them)? Does the firewall actually block the port scan or does it simply log same to a log file, while the port scan goes on unfettered?

Welcome to the world behind the computer...
This is a very complicated subject.
First, do we know that the Sygate program really detects "Port Scanning"?
Everything on the Internet uses a port. From web browsing to the agent that sets the time on your OS. Some use what are called the "well known" ports (0-1024) whose uses are supposed to be defined and some use their own random ports.
A true malicious "port scan" will be directed at each of your devices and cascade up and down from port 0-65535, looking to see which ones respond (open) and which ones are quite (dead or blocked).
Sometimes you have a single machine or piece of software that hits a single port on your machine and the firewall calls it out as a port scan because it seems to verify that you "need" the firewall software.
Other firewalls (like Microsoft's) simply block the ports to communication and never notify you if the port is knocked on.
Why are some so alarmist and some quiet? No one really knows the best way to treat the issue. It goes back to the days of the first network viruses (Blaster comes to mind) which were able to ride the internet and company networks (which were all pretty much open at the time) and spread like wildfire, contacting a machine with an open port, dowloading itself through that port and taking the machine over.
There were so many infected machines and so many ways of infecting with the Blaster virus that Microsoft crippled it instead of killing it. They simply closed the ports that Blaster used. The infected machines are still out there in some cases, scanning up and down for machines to infect but only find closed ports.
Slowly Blaster will die off as it cannot reproduce (unless you put an unpatched machine on the internet, takes about 20 minutes for it to be infected, don't ask me how I know... :(
So a lot of the port scans are just viruses looking for unpatched machines.
Then you do have a lot of malicious folk ( Russia is the current hot spot right now) who like to make botnets, an army of quietly infected machines that can be used to send spam, pound a website to oblivion or harvest the usenames and passwords of the careless. These users do scan all day long looking for easy access machines. The open machine numbers are compiled into a list by the scanning software and then the operators try to manually hack into them.
So the question comes back to whether the company wants you to know that machines are knocking on your machine's doors (which are closed if you have the current patches and a firewall) or keep quiet and keep you from worrying about that which you don't need to know...
In the end keeping your machine patched, your firewall, anti-spyware and anti-virus updated and being careful what you click on (be especially wary of messages that say your machine is infected, it usually isn't until you click on the window) is the best protection and will keep your info safe.
Hope this helps...
Rob

The best advice is keep your machine updated with all the latest patches and system updates from Microsoft. Keep your antivirus and anti-spyware software updated with the latest definition files. Not only that, but run the antivirus and anti-spyware scans regularly. If that software is updated but never scans, then it isn't being used to its full potential. I myself use a Macintosh, so I'm immune to a lot of that... but over time that has been changing and I'm starting to see more and more of it.

The best advice is keep your machine updated with all the latest patches and system updates from Microsoft. Keep your antivirus and anti-spyware software updated with the latest definition files. Not only that, but run the antivirus and anti-spyware scans regularly. If that software is updated but never scans, then it isn't being used to its full potential. I myself use a Macintosh, so I'm immune to a lot of that... but over time that has been changing and I'm starting to see more and more of it.

Thanks much for the advice.

However, I can't get current patches for my computer anymore (I don't think), because the machine is too old (IBM Aptiva 595, 600 MHz CPU, 128 mb RAM). The computer is running the Windows 98SE operating system. I cannot afford a new computer, as I live on a fixed income. I don't want to change operating systems at this time if I can avoid it (although I am considering eventually trying to install Linux Ubuntu) because my word processor (Lotus SmartSuite, which came bundled with my computer when I purchased the system a decade ago) and other applications (such as Winamp 5.34 and my Radio Shack digital camera's imaging software, et al.) may not work with anything other than Win 98 and 98SE. I am currently in the process of writing a document that is some 700 pages long(!) and is stored on both my hard disk and a CD-R; however, I am not sure any other modern word processor designed for Windows XP, Vista, Windows 7 or Linux would read Lotus SmartSuite (.lwp) files. I don't want to have to rewrite the document from scratch, if I can avoid it; it has taken me quite a while to write it.

My antivirus updates itself automatically every few days (a popup message on my desktop announces that "a new version of virus database has been installed. ... Click here for information" just after the new database has been loaded). As to anti-spyware programs, I have System Mechanic 5.0 (the last version that will run under Windows 98 and 98SE) which incorporates a spyware scanner; however, the latter's definition files must be downloaded manually each time the program is run, so I guess I can be fairly sure of having up-to-date spyware information every time I use the scanner.

BTW, I've been watching my firewall's status indicator all day (whenever I'm using the system and am online) and the "someone is scanning your computer" warning hasn't appeared once....knock on wood. Maybe the Russians and others responsible for the dissemination of botnets and other Internet nasties are taking off the week between Christmas and New Year's......? :scratch2: If they are, it would make sense, as I had quite a few such warnings over the Christmas holiday--on average about one every day, with the most appearing over that weekend; I've heard and read (the latter in newsletters I get in my inbox daily from ZDNet, CNet and other computing publications--I don't get their print magazines anymore) that long holiday weekends (weekends in general) are prime time for unwanted port scans, viruses and other things bent on invading innocent computer users' online privacy.

Shhhhh......I'd better hush up. The Russians, et al. might start up their monkey business again at any time. I'm watching my firewall as I write this; so far, no indications of port scans or other security breaches, but one can never tell.

Thanks much for the advice.

However, I can't get current patches for my computer anymore (I don't think), because the machine is too old (IBM Aptiva 595, 600 MHz CPU, 128 mb RAM). The computer is running the Windows 98SE operating system. I cannot afford a new computer, as I live on a fixed income. I don't want to change operating systems at this time if I can avoid it (although I am considering eventually trying to install Linux Ubuntu) because my word processor (Lotus SmartSuite, which came bundled with my computer when I purchased the system a decade ago) and other applications (such as Winamp 5.34 and my Radio Shack digital camera's imaging software, et al.) may not work with anything other than Win 98 and 98SE. I am currently in the process of writing a document that is some 700 pages long(!) and is stored on both my hard disk and a CD-R; however, I am not sure any other modern word processor designed for Windows XP, Vista, Windows 7 or Linux would read Lotus SmartSuite (.lwp) files. I don't want to have to rewrite the document from scratch, if I can avoid it; it has taken me quite a while to write it.


If you are considering Linux, Ubuntu is a great choice. Linux has become more user friendly and easier to install software on than it once was. As to your Lotus document issue, save a copy of your document in Rich Text Format (.rtf) Almost every word processor out there regardless of computer platform or operating system version can read that format.

Well, I'll chime in with this unbelievable tidbit:

My desktop caught a virus early Christmas morning (after I got home from work.) I mis-typed a url and was quickly forwarded to a page advertising phonographic chat rooms. Concurrently there was a pop up ad image of a naked girl that I clicked off before closing the browser window.

Well, today my friend who I gave the hard drive to called and said that he found the virus originated through the Java program, and that most likely I caught it when I "moused over" the pop-up ad to close it.

This is the second trojan virus I've caught in six months, after going for years without any troubles. These b*atards are getting clever. I'm thinking about installing a "kill switch" behind the keyboard that will cut off the physical connection to the internet. Perhaps if I could kill the internet connection quickly (as soon as something illicit appeared on screen) I could mitigate the damage before these things had time to load.

Or maybe we're all screwed - I dunno...

Ugh. I've been hearing to many of these stories lately! I got hit myself a few weeks ago despite having AVG Anti-virus running. I tried getting rid of the virus using Malwarebytes and a few other utilities but I couldn't get rid of every last bit of it. After a couple days trying, I gave up and restored a full drive backup from before the infection.

I run a full weekly and incremental daily backup to an external drive. USB drives don't cost much these days and neither does the backup software so do it if you can.

I like the Linux option but part of my job involves writing and testing Windows software so I'm stuck with it :sigh:

I run a full weekly and incremental daily backup to an external drive. USB drives don't cost much these days and neither does the backup software so do it if you can.

I like the Linux option but part of my job involves writing and testing Windows software so I'm stuck with it :sigh:

Wise words!!! Back up often. I learned the hard way once and was stuck with a crashed hard drive an no backups. Never will let that happen again.

You may want to try the WINE Windows API's in Linux. That's pretty cool and does an ok job most of the time allowing one to run windows software in Linux.

Wise words!!! Back up often. I learned the hard way once and was stuck with a crashed hard drive an no backups. Never will let that happen again.

You may want to try the WINE Windows API's in Linux. That's pretty cool and does an ok job most of the time allowing one to run windows software in Linux.


matt_s78mn:

I had an experience similar to yours back about 25 years ago, on an old Atari 400 computer. I had written a ham radio database program; took me two weeks to write the whole thing. I got it working, all was peachy, then, I entered the wrong disk command (or maybe it was the right one entered in reverse -- I don't remember anymore); I wanted to look at the disk directory before saving my program. I entered the command, the disk drive started whirring; I thought nothing of it, but then when I went to start the program again it was gone. What must have happened was that I either entered the disk read command backwards or mistyped it; the computer interpreted the mistyped command as a reformat command to the disk drive, and that's exactly what happened -- I lost everything on it, including that huge database program I did not back up to the (at that time) 5.25" floppy disk (the computer's internal 8-mb RAM somehow got cleared as well, so I lost this huge program forever). :eek:

That experience taught me a lesson I have not forgotten and will never forget: always back up important programs and data to disk before doing anything else with the system. Now, 25 years later, I back up regularly everything on my Windows computer, especially programs and documents I cannot afford to lose. I am currently in the process of writing an adventure story that is 700+ pages long (and has taken me just about 25 years to write, so of course I do not want to lose it if I can avoid it), most of it now stored on my computer's hard drive and on CDs. I also saved the entire story as a .rtf file as well as an .lwp, so that if and when I decide to switch to Linux, any word processor I may use under that OS (or Windows) will read the file.

Thanks for the tip about saving documents as .rtf files; I will note and file it for future reference. I did not realize (until now) that most word processors can read these, even if they cannot read (or make gibberish of) other file formats. I checked the compatibility of that .rtf using three different word processors: Lotus SmartSuite (with which the file was originally created), OpenOffice Writer (a component of Sun Microsystems' OpenOffice® open-source office suite; www.openoffice.org), and AbiWord. All three processors successfully saved and read the entire file.

matt_s78mn:

I had an experience similar to yours back about 25 years ago, on an old Atari 400 computer. I had written a ham radio database program; took me two weeks to write the whole thing. I got it working, all was peachy, then, I entered the wrong disk command (or maybe it was the right one entered in reverse -- I don't remember anymore); I wanted to look at the disk directory before saving my program. I entered the command, the disk drive started whirring; I thought nothing of it, but then when I went to start the program again it was gone. What must have happened was that I either entered the disk read command backwards or mistyped it; the computer interpreted the mistyped command as a reformat command to the disk drive, and that's exactly what happened -- I lost everything on it, including that huge database program I did not back up to the (at that time) 5.25" floppy disk (the computer's internal 8-mb RAM somehow got cleared as well, so I lost this huge program forever).

Ahh an Atari 400. I haven't seen one of those in ages. A friend of mine had one back then, but I had an Apple IIe. I miss the days of playing around with BASIC. That was always fun.

My crashed hard drive experience was with a Macintosh Powerbook 170 laptop. It had just a 40MB hard drive. After that happened I went out and bought an Iomega Zip drive for backups. Unfortunately I had to deal with the click-of-death problem that was notorious with those drives!