Re: Re[2]: No NetBios share + No Open Port = Safe Win98?

["Frynge Customer Support" <frynge () frynge com>]

GMX said
> Erm what ? As far as i know, no private firewall is able to stand
> against a strong DDOS, and corporate firewalls are only able to
> mitigate it, not more.
> Having a nice firewall set up will not save no one from a serious
> ddos, maybe just from some attepts of unexperienced scriptkiddies...


FRYNGE:

I never said it protects you from getting DDOSed.  The firewall protects you 
from getting used in a DDOS attack.  Port 139 is commonly used by viruses 
and trojans as "sleeper DDOS attackers" or ghost attackers.  Some type of 
linked trojan is installed, (sometimes from downloading software or visiting 
certain sites OR through file sharing) and once installed your computer 
becomes a sleeper.    When the hacker is ready, your computer is used to 
DDOS attack other websites through the port 139.

Sorry if I wasnt clear.

The firewall is used so that hackers cannot see the computer in the first 
place to hack it through port 139.  When the firewall is up, even if the 
trojan is installed, it will warn you, that your sending out packets.

Kelly Sigethy
Frynge.com



----- Original Message ----- 
From: "gmx" <pal_adam () gmx net>
To: <security-basics () securityfocus com>
Cc: "Frynge Customer Support" <frynge () frynge com>
Sent: Wednesday, September 27, 2006 12:50 PM
Subject: Re[2]: No NetBios share + No Open Port = Safe Win98?


> Hello Frynge,
>
> Monday, September 25, 2006, 6:11:13 PM, you wrote:
>
> <==============Original message text===============
> FCS> I dont know if anyone has replied to this yet, but here is some 
> advice.
>
> FCS> The port 139 exploit was usually used for file and printer sharing 
> hacks.
> FCS> Having that port open will allow someone to see your computer online 
> with
> FCS> programs that will check for file and printer sharing vulnerabilities 
> and
> FCS> also, possibly use your computer for DDOS attacks or flood your 
> computer via
> FCS> that port.
>
> FCS> I would make sure file and printer sharing is not on (you may not 
> have set
> FCS> it on, but sometimes its on by default and with no password)
>
> FCS> YOU SAID "I used winipcfg.exe to obtain my IP address (192.168.1.101) 
> "
>
> FCS> It tells me you are on an internal network and that is not your real 
> ip
> FCS> address but an internal address.  You will have another ip that is 
> your real
> FCS> ip address, you can find this by googling it and looking for online 
> ip
> FCS> finders.
>
> FCS> For DDOS and flood attacks make sure you have a nice firewall set up 
> and you
> FCS> should be fine.
>
>
> Erm what ? As far as i know, no private firewall is able to stand
> against a strong DDOS, and corporate firewalls are only able to
> mitigate it, not more.
> Having a nice firewall set up will not save no one from a serious
> ddos, maybe just from some attepts of unexperienced scriptkiddies...
>
> FCS> Win98 closed that port in later additions and service packs, so you 
> may want
> FCS> to update your windows at windows update if you can.
>
> FCS> Kelly Sigethy
> FCS> Frynge.com
>
> FCS> ----- Original Message ----- 
> FCS> From: <gohyongkwang () hotmail com>
> FCS> To: <security-basics () securityfocus com>
> FCS> Sent: Friday, September 22, 2006 9:01 PM
> FCS> Subject: No NetBios share + No Open Port = Safe Win98?


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------