At the risk of sounding like a paid-for Zone Labs tool, I *strongly*
recommend it too. The number of attempts to scan for Trojans will amaze
you. One note if you're on a dialup with dynamic IP allocation, it is
common for the first couple of minutes to get the previous guy's TCP timeout
traffic; you often see this coming up as hits from a http port to some
random TCP port on your IP. These don't mean anything (although it can be
fascinating doing a tracert on the numeric IP to find out what websites the
previous owner of your IP was visiting :) )
On my dialup ISP IPs I get several scans a day on trojan ports or attempts
to touch NetBios - I think everyone should be running ZoneAlarm.
> Post from and followup to microsoft.public.win2000.general
> > 1. I want to scan my ports on a fairly vanilla W2K Pro install to see
> > what is listening.
> From a command prompt, enter "netstat -a" or "netstat -an" to see all
> your open ports. Then search deja.com to read the threads in this
> group on all those mysterious ports above 1024 that you don't
> > 2. I then want to install/setup a personal firewall/port blocker to
> > patch up what I can't kill from services and 3rd party and also
> > allow/deny on an ip by ip basis (without IPSEC).
> That sounds like BlackICE.
> > 3. I then want to set up a port watcher to tell me what the baddies
> > are trying to do.
> Once you close down your dangerous ports, do you care if you are
> being scanned?
> But what about what the baddies put on your system when you
> innocently install freeware? No firewall, per se, will watch that
> stuff. Get ZoneAlarm to watch what evil things your own Windows tries
> to do.
> Kent W. England
> For a step-by-step guide to installing your own small
> office network and shared Internet access safely and
> securely using TCP/IP and NetBEUI, see www.SOHOinter.net.
> Email technical support is not available. Post Qs here.