[mcornbill]

Hi all

I am being hit with this pop up every 10 minutes every bloody day for the last week!!!! The forum won't let me attach a file so here's what it looks like: http://www.ultrabrightleds.co.uk/pop_up.JPG

Is there anyway I can stop this?

Mark

 

[johnwill]

Configure your firewall to block ports 135, 137-139, and 445. This is a standard messenger NETBIOS message, usually used for stuff like the NET SEND command. Those ports have no reason to be open to the Internet, and that will kill off the capability of anyone outside your local LAN sending you messenger messages.

This is a wake-up call that your firewall protection is substandard, I'd consider what you're using and how it's configured. This one is just a bit annoying, but you could be open to a lot more serious threats that aren't so obvious!

 

[mcornbill]

Hi

I am not running any firewall software. CAn you recommend a good one?

Mark

 

[Drupy]

First of all anyone following this post DO NOT go to that site. I went there just to see what it was and when I went to get out of it all [email protected]#$ broke out. It downloaded a virus to my computer and also imbedded settings to its website in alot of different locations on my harddrive. It wouldn't let my computer get back online and evertime I got it to go online it kicked it offline and dialed the server in the UK. Well after two long hours of work not only am I back up but I'm getting ready to do something none of you have ever seen me do. I'm getting setup now to show them what happens when you screw with the wrong person. Give me a few days and see what happens when you try to visit there site.

 

[shawnbowski]

I'm not feeling that!!! I use zonealarm at www.zonealarm.com
its a real good firewall easy to use too.....

 

[mcornbill]

Drupy

Are you talking about the link to a jpeg I hosted on my site!?!?!!? If so then there is no way that I have deliberately sabotaged your computer because I know nothing about that side of things. I have over 100 posts on Tech Support Forums so do you honestly think I'm out there do **** you guys over - ask Speedo I'm sure he'll vouch for my credibililty.

The link is a screen capture picture of the pop up I'm getting as Johnwill has already seen. Also I have had nearly 5000 hits on my website and not one person has contacted me with relation to this so called virus so if there is any truth in it then it's the first I know of it and i guess i'm going to have to investigate it.

Yours
Mark

 

[Drupy]

I know it wasn't you. I went to there website to see if I could get in and maybe grab the text files that was sending you the pop-ups.

There's 2 parts to this. Here's the info on who's sending the pop-ups:

Registrant:
Weiland, Jens (URORNSLDZD)
Berliner Strasse 33
Berlin, NA 10171
DE

Domain Name: JANITA.CC

Administrative Contact:
Weiland, Jens (DGFBRDFYZI) [email protected]

Berliner Strasse 33
Berlin, NA 10171
DE
0307676222
Technical Contact:
Weiland, Jens (PRUAFLDQNI) [email protected]
Organization
Berliner Strasse 33
Berlin, NA 10171
DE
0307676222

Record expires on 12-Mar-2003.
Record created on 12-Mar-2002.
Database last updated on 1-Mar-2003 17:16:46 EST.

Domain servers in listed order:

GREEN.IDIRECTIONS.COM 216.148.221.141
ORANGE.IDIRECTIONS.COM 216.148.213.142

 

[Drupy]

And here's a picture of our lovely lady I just happen to find floating around there database. It's the closest thing to a G picture I could find!

 

[Drupy]

sorry guys it's not letting me post it!

 

[Drupy]

now!

 

[shawnbowski]

I hope she can visit me bed

 

[mcornbill]

Sorry Drupy got my wires crossed. Right then I'll have to get some firweall software then.

 

[mcornbill]

Just been looking around and found this extract on a bulletin board:

"I'm getting ready to install a firewall now,(I just reformatted) and I can't wait. In fact, I wouldn't even have my cable internet plugged in if it wasn't for the built in Windows XP Pro firewall that I'm using now until I get to it. At least that does some protection"

I didn't know about this is this true cos I have XP Pro.

Yes it is true I have just found it and activated it. I need to find out now where to configure the port settings that Johnwill mentioned.

 

[shawnbowski]

I would not trust microsoft, for safety there the ones who leaves
file sharing on. If I was you I would get a "REAL" firewall program.
Microsoft is not known for safety:no:

 

[shawnbowski]

here's a couple,
www.zonelabs.com
www.free-firewall.org
www.networkice.com
www.mcafee.com

 

[johnwill]

FWIW, I believe the default settings for the XP firewall would block the ports we were discussing, though I'm not absolutely sure. I've never used the XP firewall, since Microsoft's record on security doesn't give me a warm, fuzzy feeling! I think the firewall list previously presented is a good start, make sure you have something blocking access from the network soon!

BTW Drupy, who's the foxy chick? :winking: I didn't see an explanation of her picture, not that I'm complaining!

 

[Drupy]

I don't anything trust Microsoft has for protection. Read an article a few weeks back about them. They can't even keep their wireless network secure at their Corp. Headquaters and with something that simple, I'm not sure how they can help keep my information safe.

 

[johnwill]

Drupy

Are you talking about the link to a jpeg I hosted on my site!?!?!!? If so then there is no way that I have deliberately sabotaged your computer because I know nothing about that side of things. I have over 100 posts on Tech Support Forums so do you honestly think I'm out there do **** you guys over - ask Speedo I'm sure he'll vouch for my credibililty.

The link is a screen capture picture of the pop up I'm getting as Johnwill has already seen. Also I have had nearly 5000 hits on my website and not one person has contacted me with relation to this so called virus so if there is any truth in it then it's the first I know of it and i guess i'm going to have to investigate it.

Yours
Mark

I think he was talking about the site that was listed in the pop-up you got, not your site. I didn't go there, but I liked the sample!

 

[mcornbill]

Cheers lads have got myself Zone Alarm. And Johnwill yep you're right since activating xp firewall those messages have stopped.

Mark

 

[johnwill]

Good to see you practicing safe computing.