Hi Tom,
I forwarded your email question to the owner of my Internet Service Provider.
I live in Elko, Nevada and Pete owns our local ISP elko.net. This is his
response to your inquiry. I hope this helps. tannis zamora
Tom McCoy wrote:
> Can someone comment on what the guy (late-nite, unsupervised) at the ISP is
> capable of? Not long ago, as I was reading my mail at 3:30am, my Zone
> Alarm started alerting me that my ports were being scanned progressively,
> and that the probe was apparently originating one step upstream from my
> machine (at my ISP's DNS address). After about 150 alerts, all in about a
> 2min timeframe, I disconnected. I printed out the ZA logfile and appended
> to it a "What's this?" message and sent it in with my monthly payment, the
> outer envelope marked "Attn: Management", with a request "Please reply to
> this inquiry", and never received any kind of reply (it's been around 90
> days now).
>
> While I don't really expect them to admit to any hanky-panky, other
> questions are raised here:
>
> Can they enter my machine (especially when I am FTP-connected to their
> server)?
> Can they reproduce my screen for their viewing when I am browsing the web?
> If so, can they view transaction details generated from my end (credit card
> info) when I'm connected to a secure server?
> What exactly are they capable of, as far as compromising a dial-up
> subscriber's security?
Subject:
questions
Date:
Mon, 12 Feb 2001 06:34:03 -0800
From:
"Pete" <[log in to unmask]>
To:
"tannis zamora" <[log in to unmask]>
The first and most needed understanding is:
The only secure computer is in fact one not on a network, and under lock and
key.
>>>Can someone comment on what the guy (late-nite, unsupervised) at the ISP
is capable of:
If they are nefarious (if term proper here) almost anything.
>>>While I don't really expect them to admit to any hanky-panky.
You should be answered fully to the best of management's knowledge. Try and
call if no response, and find a different provider. Don't
threaten them the first time; if no response then kindly inform them you will
be telling any other people you know using them of this
situation and post it on discussion boards that you use.
>>>Can they enter my machine (especially when I am FTP-connected to their
server?
If you have your harddrive set with shares with proper permissions, however,
with proper software an upload maybe possible.
>>>Can they reproduce my screen for their viewing when I am browsing the
web?
Not unless you have open software sent that allows this to take place.
>>>If so, can they view transaction details generated from my end (credit
card when I'm connected to a secure server?
Sniffer software can catch data however under secure server situations unless
they are within that unit most likely not, again refer
to the only secure computer is one not on a network.
>>>What exactly are they capable of, as far as compromising a dial-up
subscriber's security?
With a grand desire.... anything
Now there are a couple of company's that are hired to keep track of another's
Network.
I ran across a Virus (worm is the term as it works into your system) my thought
anything that messes with your software is a
virus, This virus uses part of one of the above company's program to scan IP's
and then look for a C: drive that is shared, to do this
is must scan computers, once it finds an IP number with a shared C: drive it
will upload it self to that computer, infest the unit and
then do the same thing from that unit.
It's name
W32.HLLW.Bymer
To check on this and check you security
http://www.symantec.com/avcenter/
is one place to go
http://www.mcafee.com
may also give you more knowledge
Also it is not good to do forwards the email address can be picked up and used
for spamming purposes. As you can tell I highlighted
and then copyed the information. Then did a reply.
Pete
PCSOFT maintains many useful files for download
visit our download web page at:
http://freepctech.com/downloads.shtml
|
