I hadn't noticed anything wrong. If you are concerned about a virus or trojan on your computer do an online scan here:

http://www.pandasoftware.com/activescan/

or here:

http://www.ravantivirus.com/scan/

or here:

http://scan.sygatetech.com/prestealthscan.html

or here:

http://security.symantec.com/sscv6/default.asp


You can also run a security check here to see if you have any open ports:

https://grc.com/x/ne.dll?bh0bkyd2
The Common Ports Scan should be sufficient.

John

Actually I've noticed the same thing in the last few days. Topics don't seem to be sorted correctly. I've looked at one that was like 8th down the list but the last post in it was weeks ago. It has happened more than once.

SoFo/Sony has mentioned moving the forum over to a Sony forum, keeping all our profiles, etc. intact. Do you think that might have anything to do with it?
Also, I'm aware that when someone posts after me it blackens the lettering. That's how one can tell there was a new post. It also blackens if the last post was mine. This was completely different. I had previously checked out threads, and when I exited out of a thread back to the main listing, everything was black again. The funniest part is that, like I said, I was still shown as logged on.

Come to think of it though, I doubt SoFo is working on the forum architecture on a Sunday.

M

PS: Thanks for the link craftech. I did the common ports scan and all ports were stealth, except one that was closed.

"Closed" is not a good thing. That means it is vulnerable. You need to fix that.

John

I think you need to allow cookies, or to trust the SF site, in Options | Security.


geoff

Marquat -

I'm curious. What does your procedure above with saving the picture do? Was that to check something about his cache?

Thanks,

G

Marquat, thanks, so much to learn.

G

OK,

Cookies are enabled.
Cache isn't full...I empty it regularly.

Craftech, how do I fix this?

I wish I could give more info as to when and under what circumstances it happened, but it kinda caught me off guard. It's not a big deal, I was wondering if this had happened to others. Although craftech has me wondering about my vulnerability.
Some info about my web connection... I'm connected via cable. I have the cable from the wall through a router to the PC. This part I'm not too sure anymore if I should be doing it. When I'm away from the PC for any length of time, I turn the power off on the router. Since I tested it and couldn't get my e-mails or connect to the web, I figured this was a safe way to disconnect from my cable service. Is it?
I was thinking maybe if this had happened after turning it back on, maybe it would have been the new IP adress thing. However, it happened DURING my viewing threads. Again, I find it strange that all was black, but I was still logged on.

Strange.

M

If you are going through a router, my guess is that Shields Up found Port 113 vulnerable. If you are running Windows 98, it probably found a vulnerability in Port 135 or 139.

Please tell me which Port is not "stealthed" and I can tell you how to stealth it.

Did you run one of the online virus scanners I suggested above?. Panda is pretty good. They keep up with their virus signatures very well (even on Sundays).
One you have ruled out a virus, then you can address the other possibilities.

John

"If you are going through a router, my guess is that Shields Up found Port 113 vulnerable."

Damn your good! 113 it is.


"Your computer has responded that this port exists but is currently closed to connections."

Doin' the online scan next. I have Norton which hasn't shown anything, but I'll give another one a try.
I was still hoping SoFo might step in and say that they were working on something. However, since it seems I'm the only one that noticed this on the week-end, it must be on my end.

M

PS: Windows XP Home is my O.S.

UPDATE: Panda online scan shows no viruses.

Port 113 is a 20 year old protocol which was designed to automate the process of remote servers identifying the users trying to contact them. Nice idea but easy to fool.
Stealthing Port 113 is not a problem for modern servers, but in theory can cause some very old servers to hang while they are trying to authenticate the user. IDENT-dependent e-mail servers are REALLY rare, but if after stealthing Port 113 you suddenly experience problems retrieving e-mail (as I said....highly unlikely) find out if they are using that protocol and complain to them that they need to spend their money on an upgrade. I doubt that that is the case. Most likely, if you stealth Port 113 you will have no problem.

NAT routers are usually good firewalls by themselves because they drop unsolicited packets, but they "close" Port 113 instead of "stealthing" it. Routers have a "Port Forwarding" configuration in which you can configure the router to forward any port to another address. You need to set up "Port Forwarding" to have the router forward Port 113 requests to a non-existent IP address. Pick one up near the end of the address range.

Use the router's web based utility to make the change. If you have never used it, create a user name and password while you are at it for security purposes. Assuming you have never created one. Type the URL for the router (Example: for a typical Linksys router this would be 192.168.1.1). In the name field leave it blank and in the password field type "admin". That will bring you to the "setup" page. Don't change any addressing, etc if it is working. Just go to the Password page and set a password for the router. Log out and go back in to make sure the user name and password are working. If you don't have "Block WAN Request" checked....check it. You probably do however. It is check marked by default. Go into the "Advanced" configuratin page (for a Linksys router) and find "Forwarding". Under Service Port enter 113 and under the place to Forward it to enter an address at the upper end of the range such as 192.168.1.254 The first three sets of numbers may already be filled in and you only have to enter the last.

After you logout, turn off the computer, the router, and the modem. Wait a few minutes and restart the whole thing. Go back to the site you used to test the ports and Port 113 should now be "stealthed".

If anyone reading this is using Zone Alarm as a firewall, that firewall has its own way of denying IDENT requests and will probably block Port 113 quite well.

John

Thanks John. I've printed out your instructions and I'll give it a try as soon as I can.

M

UPDATE:

I haven't had time to try out the router suggestion yet...been pretty busy.
However, this is starting to look like my Windows XP configuration might be at fault. My cache doesn't seem to empty properly/completely when I select TOOLS/INTERNET OPTIONS to delete my historic/cookies/temp files.
Just now I went through my routine to empty the cache and if I click on the little arrow next to address box, nothing shows up. So far so good. BUT! If I sart to typ "www. sonic..." I notice adresses from past visits to various SoFo pages pop up. There's like 20 pages still listed. Webpages I hadn't visited in weeks! I'd visited the Cakewalk site a few weeks ago, and if I start to type the address, Windows remembered it and completes it! You know, when Windows shows a previous address below what your typing in the address box.
I hope this makes sense...I'm kinda tired.

So, I gather my question becomes... What's the best way to delete all historic/temp files/cookies from my PC?

M

PS: Would this have anything to do with having multiple accounts (3 total) on my PC? I know for a fact that the others aren't visiting SoFo's site.

Ah... don't delete the SoFo cookie (on any other site you DO want to visit) or you won't get back on the forum without setting your user and password again.

Hint: You can go to the cookie folder and delete cookies selectively. They should say where they came from.