It seems that I am getting more and more junk email promoting programs that will spy on users of your computer. One was called InvisiEye. It claims to record all keystrokes, web sites visited, people IM'd, buddy list entries, etc. It also claims that it runs undetectable.
My questions are:
Does anyone have any experience with these programs?
Is there anyway to detect their presence?
Are there programs which counter such programs?
Any comments would be appreciated.
Go to mastergeek.com and download freeware called Ad-Aware. You can clean out spyware with it.
I too use Ad Aware (from Lavasoft), but I got got it from ZDnet or Cnet.
It can create a logfile of the trash it eliminates. I found scads of Doubleclick crap.
Yeah, the doubleclick crap shows up everytime I run Ad Alert
Something weird happened when i logged on to the internet this morning. Juno locked up on me so i tried to Ctrl-alt-del to cancel. The "close program" menu showed an "unknown" I closed it but got a REALONE Player message saying big brother is watching. The pop-ups that i normally get from juno don't have realone frame around it. I rebooted. I'm curious to know how would one know definitively whether one is being spyed on?
VA Gent, thanks for the info i'll try that out just in case.
Though not unlike a virus, the spying and anti-spying software folks are making a fortune playing against one another. Sometimes they are the same people, but they're methods of marketing are unscrupulous. Obviously this program, purposely named "unknown" is designed to bring up the big brother message to make you feel like you have to buy anti-spying software.
not sure where to get it, but look for a program called "zone alert". I believe it can tell if your system is being used to transmit stuff, unbeknownst to you.
good luck.
I use it and I like it. www.zonealarm.com
1. You need to have a solid antivirus program which you regularly update (because it's useless if you don't). I use Norton Antivirus. It seems to catch everything and it does a better job than some other AV programs of nagging you to update your virus definition files.
2. You need a firewall if you have a "always on" Net connection (DSL, Cable) I used to pay for Norton's Personal Firewall but ZoneAlarm is better and it's free for personal use.
3. You need Ad-aware as the gentleman from Virginia suggested. (I feel like I'm on C-SPAN 
Ad-aware finds "spyware" on your HD. You can customize its settings. For instance, set it to autorun at certain times, set it to automatically delete any spyware that it finds (or let you see the spyware list before deletion).
As I understand it, spyware is designed to track your Net surfing. If you're worried about somebody actually taking control of your computer, you need a firewall and an updated AV program. Direct link to Ad-aware is included below.
Good luck!
thirsty
I have a Netgear DSL/Cable router for my DSL connection. Does it mean that I have a firewall protection? Or I still need to use software such as ZoneAlarm?
Thirsty, please help.
You should be all set. I would check the router's documentation to make sure but I would think that any router sold today would also act as a hardware firewall. Please somebody correct me if I'm wrong.
thirsty
-- Modified on 7/13/2002 11:57:53 AM
before some hacker figures a way through it. I got Ad-Alert after I noticed that my laptop was sending and/or receiving over my DSL line even when I had no programs running. Something was transmitting, and I wanted it off my PC.
I have the same one at home. It's pretty basic protection. If you are really concerned you should use Zone Alarm. It's the only progam I've seen that makes filtering comprehensible to the average user. The only negative about it is that it alerts you to everything (except those items you tell it not to alert you to) so it can become annoying. I think they have a 30 day free trial so you can see if you like it.
-- Modified on 7/13/2002 3:54:13 PM
Anyone know what the average time for a brand new computer to be probed and have its vulnerabilities exploited when it first joins the Internet?? 2 minutes.
Hacking into your computer is easier than replying to a message on this board. The tools are that easy to operate! The simplicity is probably the only thing protecting you. It's harder for you to go to your bank's web site and enter your ID/Password and then find you balance, than it is for someone to take control of your computer, watch what you type, see where you go, take any file. Since there's no challenge, they just don't bother.
There are three varieties of Firewall in use today. The type offering the least protection is called a Packet Filter. It simply looks at what kind of a packet is coming or going from your computer and permits or denies it. The next best is a Stateful Inspection firewall. It does packet filtering but understands more about what the basic flow of a conversation looks like and makes sure to deny "bad" packets. The most effective firewall is the Application Proxy that has knowledge of how each application works and denies packets that are not to spec. Zone Alarm is a packet filter with a tiny Stateful Inspection wart added that permits them to advertise.
But far more than all of that, you must realize that no firewall is going to provide any protection for things you tell it to permit. If you tell Zone Alarm that it's OK to permit Instant Messenger, then you are permitting one of the best hacking tools to have access through your firewall. If you tell Zone Alarm that it's OK for Outlook to go fetch your mail, you permit one of the best worm propagation methods through your firewall.
Security of your home system is going to require three levels of protection. First, get that crappy OS updated. I don't care what OS you find to be your favorite, chances are, you haven't ever applied a patch. If you're a Windows fan, you have upwards of 25 open security vulnerabilities that permit anyone to take over your mackine at will. If you don't install the patches at least twice a year, you're just handing your computer over to someone else. If you're actually serious, installing patches should be done as often as you pay your phone bill. Many of you are sitting on the Internet, infected with Code Red or Nimda and don't even know it. How could you? I know this because millions of computers are on the Internet trying to spread the Code Red virus or the Nimda worm. Your computer and mine is being probed a thousand times per day by random Code Red and Nimda infected computers trying to find "fertile ground" to grow in.
This introduces the second level of protection, already correctly mentioned here. Get an Anit-Virus program running and keep it updated. You keep it updated by paying the subscription fee. A properly maintained Anti-Virus program, on top of a well maintained OS, will eliminate all the "fertile ground" that can be eliminated. Do realize though, that both of these protections are "after-the-fact." Both are reactive and will catch and possibly eliminate viruses and worms after they have arrived on your computer.
A firewall is the third level, and personal firewalls like Zone Alarm have some potential to reduce the "size" of your computer on the Internet. Even with the simplest type of firewall, a packet filter, you can deflect 100% of the attempts to connect to your comnputer. You lose the ability for anyone to IM you, and so many of you won't get all the protection possible because you'll turn that off.
If you do this, then when an infection comes along, and 6 did in the time it took for you to read this far, then the patched OS plus firewall will deflect virtually all of the opportunities for it to get in. The Anti-Virus program will capture (quarentene) all that arrive via permitted openings like email, browsing web sites and those handy viruses inside the singing birthday greetings or jokes we get from our unprotected friends.
Spyware is a virus in my book. 8-)
--Just one person's humble opinion.
PacketInspector
Thanks for the info. As you suggested, a firewall can't protect you if you grant access to something "nasty". Just wondering, what firewall do you use. Will you expand a bit on what you said regarding Application Proxy firewall?
thanks
thirsty
I don't know where to begin, thirsty...
There are countless applications, email, web browsing, FTP, ICQ, AOL Instant Messenger, Quicktime, Media Player, on and on. Each is implemented by using some protocol. Some of them are well known and documented, others are proprietary. If the protocol is well documented, web browsing (http) for example, then a program can be written that reads every packet, just like the browser does, but doesn't display anything. Instead, it simply checks to make sure that it meets the protocol's specification. This is called an application proxy. Application, because it understands the protocol of the application and proxy because it prevents a direct connection between your computer and the origin.
You may remember that ending scene in the movie Crocodile Dundee II in which the two main characters are at each end of the subway station and can't talk to each other. They use people midway between them to hear what the one person says and then yell it to the next. Those people in the middle are "proxies" (acting on your behalf) In a firewall, it acts as a proxy so that your computer thinks that the firewall is the website, and the website thinks that the firewall is the browser. Both get "fooled." But it also means that if the someone trys to connect to you, it can't because the proxy won't respond unless the protected computer starts the conversation.
As I said in the previous message, you can be very safe as long as you don't permit any inbound traffic to initiate a connection to you. Packet Filters do a VERY good job at this. However, few people want to restrict themselves that much. The moment you permit someone else to make a connection to you, you place your computer at a much higher risk. And when you do, a more advanced firewall becomes necessary. Packet Filters inspect every packet, but only about 20% of each packet gets checked. Stateful Inspection again looks at every packet but checks about 30% of the data in a packet. An Application Proxy, will inspect 100% of each packet it knows how to inspect. For packets that it doesn't understand, it uses a Stateful Inspection.
For our provider friends, limiting themselves to not using any of the Instant Messaging type programs (AOL, Yahoo, Etc) may be too restrictive. Email may just not be good enough. Me... I don't have any qualms about not using IM. 8-)
As you can tell, I can go on and on. But I'll stop now for both our benefits. 8-) I can get very techie and have it sound "preachy" which I want to avoid.