ONLINE SPORTSBOOKS
Forums Reviews and Ratings Archived Chats News Mediations Blacklist Links

June-09-2005,
Have You Been Hacked?: A Poor Man`s Approach...By Dr. Java

Between friends, neighbors and relatives, I run into people that are not running anti-virus programs or haven`t stayed up to date. Also, some viruses, worms, trogans and spyware can infect your system, before the antidote is available. So, some viruses aware of Norton will infect Norton itself and remain invisible. This article will detail a few methods built into the operating system to reveal unusual activity. In some cases, they are running older systems (Win95) that can`t run the lastest protection software.

The key program is "netstat" and you run it from the command line (the DOS- prompt). This program shows you to which sites you are connected and which ports are in use. The output shows you the ipaddressort. Here is a small sampling from running "netstat -an" (all ports, numeric values) after I surfed to majorwager.com.

Proto Local Address Foreign Address State
TCP 11.1.100.11:1259 208.254.1.86:80 ESTABLISHED
TCP 11.1.100.11:1260 208.254.1.86:80 ESTABLISHED
TCP 11.1.100.11:1267 209.200.153.10:80 ESTABLISHED
TCP 11.1.100.11:1268 208.254.1.86:80 ESTABLISHED
TCP 11.1.100.11:1269 208.254.1.86:80 ESTABLISHED
TCP 11.1.100.11:1272 206.191.21.67:80 TIME_WAIT

Proto is short for protocol. 11.1.100.11 represents my connection, and the foreign addresses are from MW and some advertisers. Port 80 is the standard web port (along with 443 for https). Other interesting ports are: 25 (send mail), 110 (pop mail), 137 (microsoft netbios/file sharing) and 5190 (AIM). Netstat has several options and I recommend netstat -h or netstat /? to view the list and experiment. If you see "127.0.0.1", don`t worry. That is a dummy address used internally by your machine.

You should run netstat as soon as you connect to Internet, and BEFORE you start browsing. A few months ago a friend of mine`s computer was acting very slowly as soon as she dialed into AOL. Even after reinstalling newer AOL from a CD, the problem persisted. I decided to dial into a different ISP using Dial-Up Networking (another free built-in). Netstat revealed communication to IP addresses beginning with 82.x.x.x (Russian IP`s). Fortunately, for my friend, the virus used an unusual port, and I was able to identify the particular virus on the symantec.com site. For some viruses, you can download (for free) a one-shot program for that single virus (or learn the name of the files to remove). This trick worked because the virus used the available Internet Protocol functions just like all your legitimate Internet programs.

http://www.sans.org/y2k/ports.htm Is one of many site that lists ports commonly probed to break into your machine or used/exploited once you`ve been hacked. WinXP users should be using the free built-in firewalling software to block some of the probing.

BTW, how did I know the 82.x.x.x address was in Russia? Another built-in called "tracert" (trace route) will follow the internet path from you to the destination. You can type "tracert ipaddress" or "tracert majorwager.com". Many of the connection points along the path contain city or country abbreviations.

Sometimes, you have annoying adware slowing down the machine as much as a virus. Since some of this adware installs without your knowledge, I`d thought I`d include it in this discussion. Though there are many programs out there you can download, there is a very useful command that was added in Win98 called "msconfig". It shows you the programs that run during startup. Most of the ones listed, are print drivers and other good programs, however, the adware is listed as well. You can expand the column with the path to see if the directories belongs to programs you recognize. You can uncheck the programs you don`t like and reboot. Be careful you don`t delete something important.

Finally, there is a good (and FREE) anti-virus program out there: AVG Free (at grisoft.com).

Next Week: A look at Teaser Odds and Hold Percentages.



US CITIZENS PLEASE NOTE:THE INFORMATION CONTAINED AT THIS SITE IS FOR NEWS AND ENTERTAINMENT PURPOSES ONLY. ANY USE OF THIS INFORMATION IN VIOLATION OF ANY FEDERAL, STATE OR LOCAL LAWS IS PROHIBITED.
� majorwager.com inc


Please be advised that if you are wagering over the internet, this is illegal in many jurisdictions. A wagering site may be operating legally at their location but it may still be illegal for you to wager from your location. We suggest you check on the legal situation from any jurisdiction in which you may wager.

MajorWager.com - Your Information Source for Online Sportsbooks, Industry Information, Online Handicapping.
Sport News - NFL, NBA, NCAA, MLB, Football, Basketball and Baseball.


Site Map | Contact Us | Forums | Scores | Stats | Resources | Glossary | Gamblers Anonymous | Online Guide
Majorwager is part of the Major Network
Best View: 1024 by 768
Home Live Lines Contact Us Recommended Mediation Requests Chat