Editorial: Hackers Infect Circuit City's Forum

[Tom Andry]

<P><A href="http://www.audioholics.com/news/editorials/CCHack.php"><FONT face="Arial, Helvetica, sans-serif" size=2><IMG style="WIDTH: 99px; HEIGHT: 100px" alt=[new_logo1] hspace=10 src="http://www.audioholics.com/news/thumbs/new_logo1_th.gif" align=left border=0></FONT></A><FONT face="Arial, Helvetica, sans-serif" size=2>A mega-retailer that needs no introduction to Audioholics readers was the victim of a hack during the last couple of weeks. Circuit City's Home Theater message boards was unknowingly spreading a virus to anyone that browsed the forum's Home Theater pages. This is just another reason to give your local hi-fi shops a chance; friends don't let friends do HTIB at Circuit City.</FONT></P>
<P><FONT face=Arial size=2>[Read the Editorial]</FONT></P>

 

[b_panther_g]

Never Surf Without Protection

Excellent article.

Thanks for the information.

IMHO, everyone using the Internet should take the following basic steps to stay relatively safe.

1. Use a router - update the firmware - turn off UPnP

2. Use a software firewall (Not the Win XP firewall)

3. Use virus protection – and have it auto update daily

4. Get your windows security updates

5. (Optional but recommended) Use Firefox as your default browser​

These steps make it A LOT more difficult for hackers/viruses to control/infect your system.

Thanks again for the article.

Enjoy,
Panther

 

[Nick250]

]1. Use a router - update the firmware - turn off UPnP

What do you recommend? In case it makes any difference I connect with a Motorola SB5100 cable modem.

Nick

 

[Tsunamii]

Even easier, run a Virtual machine for web activity. Recreate a new one everytime you logon. Presto Chango problem resolved, your desktop does not get screwed up from script kiddies...

 

[b_panther_g]

What do you recommend? In case it makes any difference I connect with a Motorola SB5100 cable modem.

Nick

Any modern router will do. Linksys, Netgear, and DLink are very popular.

You can find then in just about any larger store with a computer department.

 

[mustang_steve]

Excellent article.

Thanks for the information.

IMHO, everyone using the Internet should take the following basic steps to stay relatively safe.

1. Use a router - update the firmware - turn off UPnP

2. Use a software firewall (Not the Win XP firewall)

3. Use virus protection – and have it auto update daily

4. Get your windows security updates

5. (Optional but recommended) Use Firefox as your default browser​

These steps make it A LOT more difficult for hackers/viruses to control/infect your system.

Thanks again for the article.

Enjoy,
Panther

I say go for a HARDWARE firewall first. Software ones only protect against the "nicer" viruses/malware/etc.

Best place to look for one is Ebay of all places, and there are some Cable/DSL routers meant for "buisiness use" that offer decent integrated firewalls.

Once the hardware one is installed, get a list of TCP ports....figure out which ones you will never use through the external network (internet)...block all incoming AND outgoing traffic from those. Then find out what UDP ports some of the nastier programs use, and block those.

Software firewalls are great for keeping things from spreading in the local network....hardware firewalls are great for keeping a problem contained within your your local network in case the particular malware has a way around your software firewall. Both protect to some extent, but just like a car...a lock by itelf, or an alarm by itself are not adequate when compared to having both.

 

[b_panther_g]

I say go for a HARDWARE firewall first. Software ones only protect against the "nicer" viruses/malware/etc.

Best place to look for one is Ebay of all places, and there are some Cable/DSL routers meant for "buisiness use" that offer decent integrated firewalls.

Once the hardware one is installed, get a list of TCP ports....figure out which ones you will never use through the external network (internet)...block all incoming AND outgoing traffic from those. Then find out what UDP ports some of the nastier programs use, and block those.

Software firewalls are great for keeping things from spreading in the local network....hardware firewalls are great for keeping a problem contained within your your local network in case the particular malware has a way around your software firewall. Both protect to some extent, but just like a car...a lock by itelf, or an alarm by itself are not adequate when compared to having both.

Agreed!

I just put up some general rules that I believe everyone should follow.

As you stated, there are more robust firewalls and routers.

I guess a good rule of thumb is…

Always use a little more security than you think is necessary.​

Good post.

Enjoy,
Panther

 

[Vart]

Any modern router will do. Linksys, Netgear, and DLink are very popular.

You can find then in just about any larger store with a computer department.

Yeah, like Circuit City...

 

[pikers]

Just goes to show how little CC understands about technology in general, top to bottom.

 

[mustang_steve]

Thanks man,

Yeah, computing was my obsession way before audio. I've been around back in the times where viruses went from just being minor annoyances into the huge problems they are now....I remember when Tentacle first came out, and was discovered on some retail software produced by a very big and well known software maker....I ended up becoming an expert of sorts at removing it. That was one of the first viruses (I guess virii is the right term, but oh well) that was considered catastrophic as far as cleaning the drive went.

By the way, Neatgear FM114p....router with integrated basic firewall (just simple SPI, flood detection, and port blocking), 802.11b, and an integrated print server that needs no special software to use other than the drivers on your Operating System CD, if you are running windows NT/2000/XP, Linux/BSD, or MacOS that is.

Good luck finding one though....Netgear axed the model a year ago...but I still think it's a must have unit.

 

[JeffD2.]

Ditto the Netgear router. I recently installed an MR814 v3. Just for S&G's I ran a fresh install of Zone Alarm for month. Result- 0 access attempts on my PC.

 

[Hi Ho]

I run AVG and have a D-Link router, no software firewall other than the Windows one, and I use Maxthon as my browser. I have never had any virus or spyware problems. Browsing habits play a big role in this but there are always things like this Circuit City incident that one would never suspect. I too got into PC's before audio and I'm glad I did. Being informed has kept me out of a lot of trouble.

 

[mustang_steve]

Oh, and if it was not already obvious...steer clear of those porn "thumbnail galleries, or link galleries"....many of those are crawling with malware, and many aren't even on AV lists yet.

Same for Warez sites. Again hotbed of malware.

Pretty much if it's something that should be for money, but is not...that site needs to be kept away from.

I had to disinfect a flatmates computer at one time...she insisted she wasn't on porn sites (her being religious and all)...but I was pretty sure she was when I went to type in some URL and saw someting like "hotnudestuds...." show up in the autocomplete

...ahh nothing wrong with a woman wanting some eye candy....I thought the entire thing was pretty funny though.

 

[Wayde Robson]

That's interesting you guys that got into PCs before audio, very opposite for me.

In the "olden days" before the PC, I had made a pirate box with a kit that allowed me to steal ON TV. I was just a kid then a proud of myself even though it was a kit and you would have had to really screw up some soldering for it not to work. (does anyone remember ON TV?)

I'm legit these days. But hi-fi was thing. Simple circuits, big circuit paths for high current goodness. When the first digital decoding systems came along I scoffed like the elitist I was in those days.

"You'll have to pry my separate two channel pre-power amp kit from my cold dead fingers!" I would defiantly yell to the encroaching status quo.

Two things happened. A friend that knew I could fix TVs, stereos and VCRs gave me something called an HP 486/66 to fix. It was broken, no sound.

It was a classic case of the rat/trigger/treat experiment. I didn't leave the aquarium for 48 hours. You see I had just gotten a taste of a brand new game called DoomII at the time. My neurons were on high addiction mode ...

MUST ... FIX ... FRIENDS COMPUTER ... MUST .... PLAY ... DOOM!!!!!

I fixed it after learning about something called a config sys and what driver were and what a sound card was. I also made his modem work but I don't think he knew it was broken. Started lurking BBSes. I was fast on my way to being a PC fiend.

Oh, yeah I played Doom after fixing it for so many days without eating or sleeping that I was actually falling asleep at the keyboard dreaming I was still playing then I'd wake up and continue my game.

 

[Sheep]

Ditto the Netgear router. I recently installed an MR814 v3. Just for S&G's I ran a fresh install of Zone Alarm for month. Result- 0 access attempts on my PC.

Um....

Attempts means they tried. If they didn't try, then how do you know it worked?

SheepStar

 

[mustang_steve]

haha, doom was the game that got SO many into computers.

I was in it since I was 5 years old.....I wanted to mess with the computer, and my dad told me "not until you can read"....so I spent every last day trying to read those little comic books that came with my he-man action figures (my mom used to read them to me, I was a HUGE he-man junkie)...well I knew so many of those books by heart, that I just matched the words up with my mom's voice, and no more than two weeks passed...I walked up to my dad, jumped up next to him, and read out the first 4 lines of the newspaper....something about Regan....and then asked him if I could use the computer now

....the look on his face was priceless....that was also the last time he ever tried making an empty promise with me, since he knew I was going to hold him to it.

BTW, the first game I played....Questron, on the Apple //c....it was 1984.

 

[mtrycrafts]

- turn off UPnP
Enjoy,
Panther

What's this? Where is it? How?

 

[b_panther_g]

What's this? Where is it? How?

Hello mtrycrafts,



What is UPnP?

Universal Plug and Play (UPnP) basically turns your computer into an open Internet server.

Microsoft decided to include it into Windows XP, turning your personal computer into an open Internet server. But (here’s the bad part)…

Hackers are very good at taking over and controlling Internet servers.

So UPnP is bad news for you.

After international security experts raised hell and hackers had a field day destroying systems, Microsoft finally patched the holes. So make sure you keep your copy of Windows up-to-date.

But your router can be UPnP aware. This opens up holes in your security; it leaves you open to be attacked.




Where is it?

In Windows and in your router.



How to turn it off?

For Windows…
Just make sure you’ve downloaded the latest security patches for Windows. Then your OS is safe (at least from that threat).

For your router…
Every router is different. You have to check the manual for your router. Check the index for UPnP and you’ll know how to turn it off.



I hope this helps.

Enjoy,
Panther