Sygate crashes in AM, online unattended 24hrs, risks?

Archived from groups: comp.security.firewalls (More info?)

I had left the computer on, online, all night and the next day. When I
came to use it again I noticed Sygate had crashed but I was still online.
Obviously, I'd been unprotected the whole time. I get port scans all damn
day long, and I'm even on dial-up! How likely is it somebody got in and
did something, and what should I do to check?
I'm going to run Spybot, AdAware, and AVG again, but I'm wondering if
that's enough. I'm also wondering if anything's insidious enough to screw
with the def. files for any of these programs and if I should reinstall
the update files before I scan, and if that'd even protect me if somebody
had go in. Theoretically, I suppose they could have substituted another
exe for any of those programs that'd miss whatever they put on.
Any thoughts?
2 answers Last reply
More about sygate crashes online unattended 24hrs risks
  1. Archived from groups: comp.security.firewalls (More info?)

    see.my.sig.4. wrote:

    (snipped)

    > I noticed Sygate had crashed but I was still online.
    > Obviously, I'd been unprotected the whole time.

    > How likely is it somebody got in and did something,

    Highly unlikely. Not impossible but low probability.

    > and what should I do to check?

    Easy enough to run some basic checks, by hand.

    Profile your files by date. Any files date stamped after
    your crash, those are files to inspect. Chances are good
    there will be some system files which are automatically
    generated. Be careful to not delete valid files; this
    may cause serious problems.


    > I'm going to run Spybot, AdAware,

    You have to install malware, yourself, to have problems.
    What I mean is the greatest source of problem "ad ware"
    is from your downloaded executable files, which you
    open and install. Those scanning programs will not catch
    classic hacks, such as backdoors and malicious trojans.


    > and AVG again,

    Yes, run your virus scanner. Should do this anytime you
    download, after unpacking a file and after installation
    of any programs. Your virus scanner "should" catch any
    problem files. If your virus scanner will not run, you
    have some problems.

    On your virus definition file, simply look at the last
    modified date stamp. If after your crash, be suspicious.

    > Theoretically, I suppose they could have substituted another
    > exe for any of those programs that'd miss whatever they put on.

    Zone Alarm is an excellent program for personal computers.
    Almost no program can be executed, which accesses the net,
    without Zone Alarm popping an alert. Zone Alarm tags files
    you ok for access, tags them with a "label" of sorts. If
    the label doesn't match, Zone Alarm catches this. Part of
    that label is time sensitive.

    No firewall overnight, I would not wig out over this.
    Just make a cursory check and call it even. It is
    a good practice to shutdown your system when you are
    not actively using it. That is the best protection
    short of pulling (air gap) your internet connection.


    Purl Gurl
  2. Archived from groups: comp.security.firewalls (More info?)

    see.my.sig.4.addr@nowhere.com.invalid wrote in
    news:fe335d31ce9af430710df99693d275d3@news.1usenet.com:

    > I had left the computer on, online, all night and the next day. When
    > I came to use it again I noticed Sygate had crashed but I was still
    > online. Obviously, I'd been unprotected the whole time. I get port
    > scans all damn day long, and I'm even on dial-up! How likely is it
    > somebody got in and did something, and what should I do to check?
    > I'm going to run Spybot, AdAware, and AVG again, but I'm wondering if
    > that's enough. I'm also wondering if anything's insidious enough to
    > screw with the def. files for any of these programs and if I should
    > reinstall the update files before I scan, and if that'd even protect
    > me if somebody had go in. Theoretically, I suppose they could have
    > substituted another exe for any of those programs that'd miss whatever
    > they put on. Any thoughts?

    What O/S did this happen on?

    Duane :)
Ask a new question

Read More

Firewalls Dial Up Connection Networking