SECTION6

page 14

SECTION 8

Useful links for online virus scans, virus removal tools, and security.

Online Virus Scan & Virus Removal Tools: Symantec the seller of "Norton's Anti-Virus Program" offers a free online virus scan of your computer. This is very useful for when the viruses that infect your computer disable your virus scan program. Here you can do an online scan and go to their "Virus Removal Tools" webpage to download the tools and instructions that remove the virus(s) that were found on your computer.

Go here for online scan: http://securityresponse.symantec.com/

On this page scroll down and look for a bluish world with a yellow zig-zag line running horizontal with the words "check for security risks" and CLICK ON THIS (see picture at right)
The next webpage is called "Symantec Security Check" CLICK on the words in BLUE saying "Test your computer's exposure"
Now on the next webpage you will see two Start buttons:
Under VIRUS DETECTION click on the RED START BUTTON
This will scan your computer for viruses (see picture at right)
Have a pen and paper ready to write down the information that is displayed of the viruses found. This will help you in the selection of the "Virus Removal Tools" needed to fix your computer.
Here is the link for the "Virus Removal Tools" http://securityresponse.symantec.com/avcenter/tools.list.html
Now look for the virus name(s) you wrote down, click on the link and download the tools. Symantec also offers on line tutorials for manual removal of many threats at this link - http://www.symantec.com/techsupp/virusremoval/virusremoval_info_tutorial.html

Virus

Detection

IS YOUR COMPUTER FREE

OF VIRUSES?

Online Security Scan: Symantec the seller of "Norton's Anti-Virus Program" offers a free online security scan of your computer. Is your computer safe from online threats? The Security Scan performs the following tests and offers recommendations based on the results:(* Requires Microsoft Internet Explorer 5.0 or higher with ActiveX and scripting enabled.)

Hacker Exposure Check: Checks whether your computer allows unknown or unauthorized Internet communications.
Windows Vulnerability Check: Checks whether basic information about your computer, including your PC's network identity, is exposed to hackers.
Trojan Horse Check: Checks whether your computer is safe from Trojan horses.
Antivirus Product Check*: Checks whether you're protected by a commonly-used virus protection product.
Virus Protection Update Check*: Checks whether you're safe from the latest viruses. Applicable if you have a virus protection product.

Go here for online security scan: http://securityresponse.symantec.com/

On this page scroll down and look for a bluish world with a yellow zig-zag line running horizontal with the words "check for security risks" and CLICK ON THIS (see picture at right)
The next webpage is called "Symantec Security Check" CLICK on the words in BLUE saying "Test your computer's exposure"
Now on the next webpage you will see two Start buttons:
Under SECURITY SCAN click on the ORANGE START BUTTON
This will scan your computer for viruses (see picture at right)
When the Security Scan is complete, you will receive a detailed analysis of your results.
This will state you analysis. By clicking on Show Details, it will give you a description & analysis as in the example below:

Security

Scan

IS YOUR COMPUTER SAFE

FROM ONLINE THREATS?

Security Status: Safe!

You are protected against most common security threats.

= At Risk!

= Possible Risk!

= Safe

	Hacker Exposure Check		Hide Details
	Description: Tests your TCP ports for unauthorized Internet connections. Analysis: Your computer appears safe from most common intrusions. To learn more about the threats you are protected against, view a detailed analysis of your test results.
	Windows Vulnerability Check		Show Details
	Trojan Horse Check		Show Details
	Antivirus Product Check		Show Details
	Virus Protection Update Check		Hide Details
	Description: If you have a virus protection product on your computer, this test checks the date of your most recent virus protection update. If the updates are more than two weeks old, they are not considered current. Analysis: Your virus protection has been updated recently and you are at low risk for virus attacks. However, viruses are constantly evolving, and unless you keep your defenses current, you're not completely safe.

If you look at the Hacker Exposure Check(above), there another link view a detailed analysis of your test results. If you click on this, the following webpage displays the following information. Example below:

More about your Hacker Exposure Check results

The Hacker Exposure Check tests whether ports commonly used by Internet applications are open, closed, or stealth

Understanding your results:

	An open port responds to port probes and acknowledges the port's availability. Open ports are dangerous because they're an easy and attractive means of entry for hackers.

	A closed port is visible but not open to attack. Although this is a safe state, a hacker can use closed ports to detect the existence of your computer and potentially target it for attack.

	A stealth port is safest of all. Stealth means your computer doesn't respond to port probes and you are virtually invisible to hackers scanning the Internet for potential targets. Although this is a very safe result, a stealth port may cause performance problems for some Internet applications.


Your Results:
Port	Description	Status

ICMP Ping	Ping. Ping is a network troubleshooting utility. It asks your computer to acknowledge its existence. If your computer responds positively to a ping, hackers are more likely to target your computer.


21	FTP (File Transfer Protocol). FTP is used to transfer files between your computer and other computers. Port 21 should be open only if you're running an FTP server.


22	SSH. TCP connections to this port might indicate a search for SSH, which has a few exploitable features. SSH is a secure replacement for Telnet. The most common uses of SSH are to securely login and copy files from a server.


23	Telnet. Telnet can be used to log into your computer from a terminal anywhere in the world. This port should be open only if you're running a Telnet server.


25	SMTP (Simple Mail Transfer Protocol). A protocol for host-to-host mail transport. This port should be open only if you're running a mail server.


79	Finger. Finger is an Internet utility that allows someone to obtain information about you, including your full name, logon status, and other profile information.


80	HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web pages over the Internet. Port 80 should be open only if you're running a Web server.


110	POP3 (Post Office Protocol). Internet mail servers and mail filter applications use this port. This port should be open only if you're running a mail server.


113	Ident / Authentication. This service is required by some mail, news, or relay chat servers to allow access. A stealth result on this port could cause performance problems.


119	NNTP (Network News Transfer Protocol). A service used by News servers to distribute Usenet articles to newsreader applications and between other servers.


135	Location service (loc-srv). This port is used to direct RPC (Remove Procedure Calls) services to the appropriate dynamically mapped ports. Hackers can use this to determine which port is used by several Windows services. This port should not be visible from the Internet.


139	NetBIOS. NetBIOS is used for Windows File & Print sharing. If port 139 is open, your computer is open to sharing files over the Internet. Other components of NetBIOS can expose your computer name, workgroup, user name, and other information. To learn more about preventing connections to your NetBIOS ports, see: NetBIOS Information and Configuration Instructions


143	IMAP (Internet Message Access Protocol). IMAP is a sophisticated protocol for electronic mail delivery. This port should be open only if you're running an IMAP server.


443	HTTP over TLS/SSL. A protocol for providing secure HTTP communication. It should be open only if you're running a Web server.


445	Windows NT / 2000 SMB. A standard used to exchange Server Message Blocks, and can be exploited in multiple ways, including gaining your passwords.


1080	SOCKS. This protocol allows computers access to the Internet through a firewall. It is used when one IP address is shared among several computers. Generally this protocol only allows access out to the Internet. However, it is frequently configured incorrectly to allow hackers to pass traffic inwards through the firewall.


1723	PPTP (Point-to-Point Tunneling Protocol). This service is used for virtual private networking connections.


5000	UPnP (Universal Plug and Play). This service is used to communicate with any UPnP devices attached to your network.


5631	pcAnywhere. This port is used by Symantec pcAnywhere when in host mode.

Previous Page

Return to Index Page