This is one of those sites that makes you realise just how vulnerable we all are on the net to invasion of our privacy.There are so many details logged on to most of our computers that theives would have a field day with some of the information if they hacked into one of them.Bank Account details,credit card numbers and other personal details are all there if someone who knows what they are doing goes looking. www.grc.com is a very useful site that will tell you just how much information you are leaking to the world every time you log onto the internet. It is really simple to use, go to the home page and click onto the test my ports button.grc will then ask for your permission to probe you (sounds painful but it isnt) They will then run a series of tests on your ports to see how much information you are giving away to everyone and some of the results can be quite alarming. The whole process takes less than five minutes and it gives you an information page listing every port your computer has and how much has been gleaned by grc.There is also a statement from grc saying that any information it has found out will not be used and destroyed immediately. The site also gives you tips on improving your internet security and quite a few pages of F.A.Q.s to help you understand what it all means to you and your personal details. After it has finished you will probably want to install a firewall to protect you and i can recommend a good free one at www.zonelabs.com. hope this helps. I have written about this bfore on another consumer site and was amazed by the replies
Grc.com is the homepage of Steve Gibson, a famous security guru. As well as adverts for SpinRite (a hard drive diagnostics tool), there are several utilities to test your firewall (if you're using one). These are written in Assembly, so are really small and quick to download. They pass your IP address to grc.com, which then probes your computer to see if you've got any open ports which could be a security risk. Until a few months ago, that was all the site was about (well, there are a few other things on there such as demonstration of ClearType, which makes text look better on LCD displays). Recently, though, Steve's worked himself into a frenzy over Windows XP, which includes 'raw sockets'. This means that people can launch attacks on other computers by faking packets, which cannot be traced. It's been around in UNIX/Linux since time immemorial, and in Windows 2000, but until now it hasn't been possible to create raw sockets in the most popular version of Windows, Win9x/ME. Steve predicts Armegeddon once everyone's running XP, with any Trojan that gets run by anybody being able to send out anonymous data packets - Steve predicts an Internet catastrophy. This has been really divisive, with some people saying Microsoft have gone too far in actually following the standard (Win9x's sockets implementation was non standard; broken in effect), while others say it's a big fuss over nothing (and that you can get raw sockets by installing software on Win9x any way). Personally, I agree with the 'load of hype over nothing' folks - indeed, grc.com is the subject of several anti-grc sites, which give the other side of Steve's arguments. Around this time, Steve suffered badly at the hands of 'script kiddies', which made him take his site offline several times. More topical still, Steve predicted a huge amount of disruption from Code Red, the worm which he said would clog systems all
over the world this morning. At the time of writing, nothing much has happened - it seems that people had installed the patch from Microsoft that fixes the issue (and again, it's been blown out of all proportion as only Web servers running IIS are affected - i.e. not the vast majority of people). Sadly, I can no longer recommend grc.com due to Steve's over-hyping of current events. I'd change my opinion if all Hell did break loose, but based on past experience (and an article he wrote 9 years ago claiming there would soon be virii that would be unstoppable) I'd say he's making a mountain out of a pimple.
OK. So you run a firewall . You think that your computer is 100% safe from hackers. Think again. What you didnt realise is that small , secret programs are hiding somewhere on your computer and cause you lot of unknown havoc. And all long you didnt know that there were there. What these smart little utils do, can vary. But in their simplest form. They are litteraly "SPYWARE" . Yes, they spy on you, your computer, and any important files that you have, eg. addresses, bank details and so on. Now depending on their particular nature they use internet explorer or some form of internet related program you have running, to send information back to a database on the internet. Now all the smart guy at the other end has to do, is uise this information to break into other people's computers, steal your money and much more. ALl in a mtter of seconds. Now you might think, Why me? and How did I get these? Well the first answer is that youa re not being targetted as a individual, but the "hacke" is simply runnign a computer that can scan thousands of computers in seconds. SO dont think that anyone is out to get you diliberately. The second answer is that these programs can easily be put on your computer in a vareity of different ways. One might be that you have downloaded something from a not well - known site, stuff that claims to be freeware or shareware might have these "SPYWARE" hidden in them. Even though this is still Ilegal, it is still done. Also you might have an unsuspecting friend , say your mate sends you n email a few days after he has downlaoded such software. Well you can probably be sure that the "SPYWARE" attached itself into his addressbook. But before you start getting angry with him, or yourself, or just get so worried. I must explain to you the whole intention of this Opinion. Out there, amongs the internet, there are good guys also. Some people have dedicated their
whole job to saving you. That's where Opt Out comes into this. Optout is a currently a "freeware" tool that you can download from www.grc.com. Once the small file is downloaded. It can quickly scan your computer for these "SPYWARE" tools. Once it has found them, you are given a whole report on the status of them , and what you could do. One of the options is a large button, that will delete the files, and sort out your system. Once this is doen, you can be sure that all known "SPYWARE" tools have been removed from your system. Working with a Firewall, and running this product frequently, you can easily create a much more safer and secure system for you to use. So, this free tool is downloadable from GRC.com, I really reccomened this to all internet users, and you dont need to be an expert to use it. If you downlaod this product, you will be very surprised at how many "SPYWARE" tools, such as Parasites are running on your computer. A handy tool, for free, than can really make you feel safer.
Anyone who has installed a personal firewall like ZoneAlarm will have been amazed at the number of times the firewall rejects a connection attempt. So much so, in fact, that they tend to select the option not to pop up messages and just let the firewall quietly go about its business. Anyone who hasn't installed a firewall, and regularly connects to the internet, really ought to go and do it right now, then come back and read this. grc.com, the home pages of Gibson Research Corporation would probably linger in the depths of internet obscurity were it not for the useful ShieldsUP service provided by the site. This part of the site provides two services; ShieldsUP itself and Port Probe. Both attempt to test for known vulnerabilities of computers running Windows that are connected to the internet and are regularly exploited by "script kiddies" who run scanners that seek them out. Running Port Scanner checks how your computer responds to a small selection of known IP ports (there are 65536 ports available at any given IP address; most of these are unallocated but there are a few allocated to specific services, for example web servers usually listen on port 80). The ports scanned are 21, 23, 25, 79, 80, 110, 113, 139, 143 and 443 because these ports correspond to services that are regularly attacked. Note, though, that these are only a tiny selection of the available ports, so Port Probe won't find trojan horses that listen on other ports. Each of these ports will be given a status of Open, Closed or Stealth. Open means that the computer has software running on it that responds to requests on that port. Clearly, on some computers this is essential - a computer running a web server, for example, has to respond to port 80! However, if any ports are open unnecessarily, it would be as well to close them to remove vulnerability. A closed port means that the computer has responded that the port is not accepting connections, and a ste
alth port means the computer has not responded at all. One nice feature of the site is that you're not left in the lurch if a vulnerability is found - there's information about what the implications are and how to close it. Mostly the recommendation is to install a personal firewall such as ZoneAlarm which of course everybody reading this far has done. The other tool, ShieldsUP, is similar but checks for a specific vulnerability of Windows machines, the NetBIOS port. Again you are informed in clear language what the result of the scan was and what action needs to be taken. Another useful security program provided by grc.com is LeakTest. Unlike ShieldsUP, you have to download this software and run it on your computer. Most firewalls protect against malicious trojan horses by only allowing certain, user selected, programs to access the internet. However, if a trojan copies itself over one of the trusted executable files, your firewall may not notice and allow the trojan internet access. LeakTest allows you to check this by renaming it to a trusted program and seeing if it is permitted internet access. These utilities are all free, and are a great service. However, GRC exists to sell its products, and so you are exposed to marketing hype and adverts thoughout your visit. It has been suggested that Steve Gibson is deliberately stirring up paranoia to create a market for his products. However, that is a little harsh since all he's done provided several useful free tools in exchange for a opportunity to direct some marketing at you. Fair enough, I say! It is true though that he seems to get overly paranoid sometimes - at the moment he's on a one man crusade against various download utilities that apparently track your download usage. And, of course, he has a product that allows you to disable this! In summary, this is a very useful site for internet security so long as you take the marketing hype with a pinch of
salt and don't have nightmares!
When I first made a visit to grc.com I thought it was fantastic, best thing since sliced bread. Being a novice at computer security I scanned my machine with the port probing facility to find that my port 139 NetBIOS session was open, this caused me to panic. But luckily, I thought, Steve Gibson (author of the site) had left a link with various instructions for removing this 'security threat' and off I went to study 'unbinding my netbios from my TCP/IP' I managed to complete this task and felt rather pleased with myself as the scan at grc now shown no open ports, however being the type of person I am I wanted to know more about NetBIOS and its threats to security and having read several other sources regarding this issue it became apparent that this is only a problem if you are openly offering shares (folders or drives) on a networked machine without a password. Now at the time I had no network so the only thing that was visible in information terms with port 139 open would be NetBIOS and workgroup names, the names that identify your computer to others on a network or at times the internet itself, this is not a security threat and you cannot be hacked or cracked via the knowledge of your netBIOS or workgroup names. I feel the fact that this port is open by default on any windows machine should be known to people and Steve Gibson should make a point of this on his site. And the unbinding process I went through should only be offered should there actually be a security threat to the PC involved. Other than that this is a great site for testing firewalls as a stealth reading from the port probe results means the firewall is set-up correctly and you are totally protected, the official news groups at news.grc.com (my favourite section on grc) are excellent offering help on issues regarding security, firewalls and spyware. Overall I feel grc.com isn't a bad site but newbies to system security could get dragged into
paranoia, use the port probe by all means but make decisions using research from other sites too
Hardly a day passes without stories of hackers, virus outbreaks and online banking sites giving out customer’s details. But despite all of this coverage in the media the average Web user sees security as something only large companies need worry about. That may have been true to some extent with the vast majority of users having dynamic web addresses (a different IP address for each session). But with the arrival of un-metered Internet access we are all spending longer online and this is where potential problems begin. It seems unbelievable maybe because it’s so sad, but there are large numbers of people who spend all day every day trying to get into online PC's. What are they looking for who knows! my PC would reveal a thirst for Real Ale, a love of fast cars and when I’m having my next haircut! However there are plenty of people out there dying to find out if I’ll go for a centre parting or a crew cut. They attempt this by scanning all the open ports on your PC, each machine has thousands, of which only a few are needed for normal internet browsing the rest are an open invitation for so called "script kiddies". Now I am not going to even try to explain this in any further detail but point you in the direction of the clearest most user friendly site for this subject on the web. GRC.com is a site owned and run by Steve Gibson a sort of "security guru" while some aspects of his work and ideas border on paranoia, the basics of security are covered in detail with simple advice. The site contains a port scanner to give you an idea of how secure your PC is and then unlike many similar sites provides information on what to do about it. Please don't panic you are not under siege from hackers and crackers but it seems sensible to take some precautions after all you wouldn't leave your house with the backdoor open! ***** Update **
*** Steve Gibson has just released his latest project and yes he's definitely getting more paranoid! He has uncovered that several major Internet companies like Real Networks and WinZip are keeping individual records of everything you download. Great yet another way you can be tracked on the net and with the government about to push through new internet interception laws you will have to treat the net like having a secret conversation on the radio! Also by following his instructions I found some spy ware on my system that was uploading my net logs to Aureate/Radiate, check it out. Search your disk for a dll called "advert" if you find it chances are that you have this software, it’s normally included in freeware programmes and utilities. Its very easy to remove and all explained in very straightforward language on GRC.com
Go to: http://grc.com and click on 'Shields Up' You will then be presented with two options: (1) Test My Shields: This will check your Internet connection security. It tries to connect to any hidden servers on your PC. Hidden servers can be dangerous as they can allow anyone to have access to your files..!! So by checking you will have peace of mind if it doesn't find anything suspicious on your PC. (2) Probe My Ports: This is when the site uses its server to try and connect to the ports on your PC. It will then tell you which of your ports are open, or visible over the Net or are in stealth mode (stealth mode basically means your safe). This is a handy experiment and you will know if you are at risk when connected to the Internet. Some suggestions are given on some ports. In other words if one of your ports is open, it'll give a solution on what you can do to safegaurd it. If the ports are open then you will know that you are at risk (from hackers) when connected to net. It's a trusted site and you don't have to worry about what other things this site could be doing. It merely checks to see if the ports are open and that's it, it wont try to enter your computer. I tested my computer and nearly all my ports were visible over the net and one main port was extremely in danger of attacks (if anyone wanted to attack me). I then carried on with the web site and followed up their suggestions, one suggestion was installing a firewall. So I installed ZoneAlarm (you can read experiences of ZoneAlarm In the antivirus and security section of DooYoo). Once the firewall was installed, I went back on to this web site and hey presto, non of my main ports were visible over the net and was completely safe. Unfortunately site only checks the main ports, not all!! However at the time of updating this opinion, I know that the sites author
is currently working on something more advanced and will do a thorough search of your PC's security.