Network Attacks!

  • Thread starter Thread starter ronscores
  • Start date Start date
  • Replies Replies 37
  • Views Views 6,521
R

ronscores

Newbie
Messages
58
Location
NA
hi,

have XP with SP2..
installed Kaspersky Beta 2006 and was shocked to see abt 2 network attacks per hour of logging on to the net..
I mean 'twas only kaspersky which detected it and repelled it..
I'm thankful i d'loaded Kaspersky..
BTW.. i'm attaching the screenshot..
http://img298.imageshack.us/img298/3502/attack26ol.png
Here's the thumbnails..
http://img298.imageshack.us/my.php?image=attack26ol.png
are network attacks common in Airtel Broadband? and any other antivirus program would surely not have recognized it!
 
3 of those IPs resolved to Airtel addresses, i'd say they are prolly infected with some worm and looking for company 😉A decent firewall (Zonealram or similar) should be good enough to deal with it.
 
hey .. dont u ppl in bangaore have such problems?And aint these harmful?lovesan & LSASS exploit are frequent!Would anyone here recommend the inbuilt Windows firewall (inbuilt in XP with SP2)??i thought only kaspersky detected it!and btw is ZoneAlarm free?
 
I'm not seeing this attack as i'm using the ethernet modem they gave me. It's set up to work as a NAT, ie it doe snot allow anything form the outside in unless the connection was previouslyt initiaitef form the inside. This has proven to be a problem for ppl that want to setup servers as the Airtel modem does not port forward properly. THe ports mentioned in ur pic are for netowrk shares on windows, very common for them to be attacked for vulnerbilities.I'm not sure if the USB version acts as a NAT. Zonealarm is free for personal use and is regularly updated., quite easy to setup and works well. I hear Kapersky is good as well.I would disable the XP firewall, and instead rely on either of the above two for sake of your sanity.
 
lsass - lsass.exe - Process Information

Process File: lsass or lsass.exe
Process Name: Local Security Authority Service

Description:
lsass.exe is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies.

Note: lsass.exe also relates to the Windang.worm, irc.ratsou.b, Webus.B, MyDoom.L, Randex.AR, Nimos.worm which spread via floppy disk drives, mass-mailing and peer-to-peer sharing. Please review file path for clarification of this.


Author: Microsoft Corp.
Part Of: Microsoft Windows Operating System

System Process: Yes
Background Process: Yes
Uses Network: Yes
Hardware Related: No
Common Errors: N/A
Memory Usage: N/A

Security Risk (0-5): 0
Spyware: No
Adware: No
Virus: No
Trojan: No

so i really wonder if it's really a security threat 🤔

but "helkern" for sure is something you should worry about...

know more here
 

well if u have xp sp2then u r protected against lsass exploitand these cases are just are worm trying to spread itself so my suggestion is just have a firewall like the one u r using or zone set to highest level and just relax
 
almost forgot this kaspersky thing is way better than zoneatleast it tells people which exploit is being targeted than the zone alarm which just gives the technical infodoes it comes bundled with that antivirus or just the firewall alone
 
You be on any network , attacks are bound to happenBetter to keep the system fully patched, have an antivirus & firewall updated. Stop all services you dont require.It is not that a LAN is insecure, rather if you have a public ip you are more insecure.
 
mhm.... lan makes ur pc always available to the people in your lan. public ip would require a random guy on the net actually target ur IP 😛
 
The same thing goes for LAN a random chap has to target you. Not everyone on LAN can know some other's IP. In a LAN number of attackers is going to be limited.But for a public ip the whole world can be the attacker. Also normally for DSL ip is static,(dont know of airtel), so a person can be easily identified.Each type has its own benefits and disadvantages.There is no use arguing over this.The thing is on any type of network u are, never lower the guard of your security.You just dont know from where the attacker will come and how.
 
well, in LAN, u can browse anyone's contents (if the security is not there)...in WAN, u'd have to first find the target!!!unless u opt for static IPs, no one provides them for free (as much i know)...they only give u dynamic/global IPs... 🙂
 
just thought of somethin' else now..Could be that i'm the brunt of Network attacks since i have a security vulnerability??i have only xp pro with pre installed SP2 and nothing else.. And i havent updated my XP (turned auto updates off)Do i need a security patch to download from MS?I remember reading an MS article sometime ago.. that not installing some security update would leave my network ports open.. thus rendering it easy or making my system vulnerable to hackers...Is this the issue? can someone direct me to an update or patch from MS
 

Top