Guest Doc Posted July 28, 2007 Posted July 28, 2007 I'm using WinXP Media Center, the last few days I've noticed that there's some kind of d/l actitivity showing even when I'm doing nothing online even with the Windows firewall up as well as ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I don't have Windows update on automatic. I ran AdAware with the latest definitions but it's still doing it. Thanks.
Guest Vanguard Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? "Doc" wrote in message news:1185609109.150631.111220@w3g2000hsg.googlegroups.com... > I'm using WinXP Media Center, the last few days I've noticed that > there's some kind of d/l actitivity showing even when I'm doing > nothing online even with the Windows firewall up as well as > ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I > don't have Windows update on automatic. I ran AdAware with the latest > definitions but it's still doing it. Use a software firewall that shows you the current connections and level of traffic. Comodo has a good firewall for free.
Guest John Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine whatit is? Re: Unknown download activity in background - how to determine whatit is? Vanguard wrote: > Use a software firewall that shows you the current connections and level > of traffic. Comodo has a good firewall for free. > > I'm not sure that will show the poster what they want to know. It will only confirm what they already know surely. John.
Guest Vanguard Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? "John" wrote in message news:46aaffc3$0$31730$db0fefd9@news.zen.co.uk... > > Vanguard wrote: > >> Use a software firewall that shows you the current connections and >> level of traffic. Comodo has a good firewall for free. > > I'm not sure that will show the poster what they want to know. It will > only confirm what they already know surely. Mine shows which which process (by applications) is using what port and to where it connects and on what port along with how many bytes came in or went out. Seems what the OP wants to know. I'm using the Comodo firewall (free) right now. As I recall when using the Sygate Pro firewall, it also had decent logging.
Guest John Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine whatit is? Re: Unknown download activity in background - how to determine whatit is? Vanguard wrote: > Mine shows which which process (by applications) is using what port and > to where it connects and on what port along with how many bytes came in > or went out. Seems what the OP wants to know. > > I'm using the Comodo firewall (free) right now. As I recall when using > the Sygate Pro firewall, it also had decent logging. > > That's nice to know, thanks. John.
Guest John John Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine whatit is? Re: Unknown download activity in background - how to determine whatit is? Surely Zone Alarm should tell you that, doesn't it? Reset all your ZA rules to allow nothing and start reapplying the rules as asked when applications want to establish connections. John Doc wrote: > I'm using WinXP Media Center, the last few days I've noticed that > there's some kind of d/l actitivity showing even when I'm doing > nothing online even with the Windows firewall up as well as > ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I > don't have Windows update on automatic. I ran AdAware with the latest > definitions but it's still doing it. > > Thanks. >
Guest BoaterDave Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? Hi Doc I've been led to believe that, just like one should only ever have a single active antivirus programme, one should only have a single software firewall operative. In other words, disable MS Windows firewall if you are using Zone Alarm. HTH David ______________________________________________________________________________________________ "Doc" <docsavage20@yahoo.com> wrote in message news:1185609109.150631.111220@w3g2000hsg.googlegroups.com... > I'm using WinXP Media Center, the last few days I've noticed that > there's some kind of d/l actitivity showing even when I'm doing > nothing online even with the Windows firewall up as well as > ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I > don't have Windows update on automatic. I ran AdAware with the latest > definitions but it's still doing it. > > Thanks. >
Guest JW Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? Could it be Media Center updating your EPG? If you go to task manager you should be able to see what programs are consuming CPU power when the downloading occurs. "BoaterDave" <BoaterDave@nospam.invalid> wrote in message news:O4neV7R0HHA.5644@TK2MSFTNGP05.phx.gbl... > Hi Doc > > I've been led to believe that, just like one should only ever have a > single active antivirus programme, one should only have a single software > firewall operative. In other words, disable MS Windows firewall if you are > using Zone Alarm. > > HTH > > David > > ______________________________________________________________________________________________ > "Doc" <docsavage20@yahoo.com> wrote in message > news:1185609109.150631.111220@w3g2000hsg.googlegroups.com... >> I'm using WinXP Media Center, the last few days I've noticed that >> there's some kind of d/l actitivity showing even when I'm doing >> nothing online even with the Windows firewall up as well as >> ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I >> don't have Windows update on automatic. I ran AdAware with the latest >> definitions but it's still doing it. >> >> Thanks. >> > >
Guest Cyberiade.it Anonymous Remailer Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? On Sat, 28 Jul 2007, "Vanguard" <vanguard.x@comcast.net> wrote: >"John" wrote in message news:46aaffc3$0$31730$db0fefd9@news.zen.co.uk... >> >> Vanguard wrote: >> >>> Use a software firewall that shows you the current connections and >>> level of traffic. Comodo has a good firewall for free. >> >> I'm not sure that will show the poster what they want to know. It will >> only confirm what they already know surely. > >Mine shows which which process (by applications) is using what port and >to where it connects and on what port along with how many bytes came in >or went out. Seems what the OP wants to know. > >I'm using the Comodo firewall (free) right now. As I recall when using >the Sygate Pro firewall, it also had decent logging. That is good to know. It seems to be a good firewall, especially for freeware. I just installed it and it's working great, AFAICT. Here is the manufacturer's link: http://www.personalfirewall.comodo.com/ Ckyp
Guest Andy Walker Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? Cyberiade.it Anonymous Remailer wrote: >>>> Use a software firewall that shows you the current connections and >>>> level of traffic. Comodo has a good firewall for free. Or, you could simply run some simple DOS commands to determine what program(s) are using external connections. c:\netstat -nab > netstat.txt c:\more netstat.txt Look for established connections using foreign addresses other than 127.x.x.x. You should be able to determine what port and what process is communicating, as well as the external IP address. To check the external IP address go to http://www.dnsstuff.com and enter it into the "IP Information" box.
Guest WaIIy Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? On Sat, 28 Jul 2007 00:51:49 -0700, Doc <docsavage20@yahoo.com> wrote: >I'm using WinXP Media Center, the last few days I've noticed that >there's some kind of d/l actitivity showing even when I'm doing >nothing online even with the Windows firewall up as well as >ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I >don't have Windows update on automatic. I ran AdAware with the latest >definitions but it's still doing it. > >Thanks. This might help. It's a very handy program. http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
Guest Vanguard Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? "Andy Walker" wrote in message news:46ab6529.6936765@news.webtv.com... > > Or, you could simply run some simple DOS commands to determine what > program(s) are using external connections. > > c:\netstat -nab > netstat.txt > c:\more netstat.txt > > Look for established connections using foreign addresses other than > 127.x.x.x. You should be able to determine what port and what process > is communicating, as well as the external IP address. > > To check the external IP address go to http://www.dnsstuff.com and > enter it into the "IP Information" box. I couldn't remember the 'netstat' command. I kept thinking 'net' but that doesn't list the current port usage. Thanks for the reminder. One of these, it'll find some better brain cells to stick to.
Guest Vanguard Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? "WaIIy" wrote in message news:7mvma3p34og81q98nm23ga35mqui1uvhce@4ax.com... > > Doc wrote: >> >> I'm using WinXP Media Center, the last few days I've noticed that >> there's some kind of d/l actitivity showing even when I'm doing >> nothing online even with the Windows firewall up as well as >> ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I >> don't have Windows update on automatic. I ran AdAware with the latest >> definitions but it's still doing it. > > This might help. It's a very handy program. > http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx More appropriate would be their TCPview.
Guest Kayman Posted July 28, 2007 Posted July 28, 2007 Re: Unknown download activity in background - how to determine what it is? "BoaterDave" <BoaterDave@nospam.invalid> wrote in message news:O4neV7R0HHA.5644@TK2MSFTNGP05.phx.gbl... > Hi Doc > > I've been led to believe that, just like one should only ever have a > single active antivirus programme, One should only ever have a single *real- time* AV program, if you wish you can have several *on-demand* AV apps. > one should only have a single software firewall operative. In other > words, disable MS Windows firewall if you are using Zone Alarm. > Uninstalling ZA would be an even better solution. It's Phoney-Baloney ware; It gives you a false sense of security. Go to: http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx and scroll down to: Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe. Then read this: ("...the typical form of outbound protection in client firewalls is just security theater.) http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx And this: http://www.samspade.org/d/firewalls.html Read and impelement this: http://www.ntsvcfg.de/ntsvcfg_eng.html http://www.dingens.org/index.html.en And consider implemening Hardening your OS: http://www.5starsupport.com/tutorial/hardening-windows.htm Good luck :)
Guest John John Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine whatit is? Re: Unknown download activity in background - how to determine whatit is? Kayman wrote: > and scroll down to: > Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe. That article itself is baloney. It is true that any malware can circumvent a firewall's outbound protection but it is also true that a lot of malware is detected by firewall outbound monitoring. The outbound monitoring also alerts you when otherwise legitimate software is trying to call home. Perhaps you like it better when things like Media player call home without your knowledge, a pesky annoyance that you should be aware of things like that. The article states: "Speaking of host firewalls, why is there so much noise about outbound filtering? Think for a moment about how ordinary users would interact with a piece of software that bugged them every time a program on their computer wanted to communicate with the Internet..." What a pile of baloney!" Firewall have rules, it appears no one at Microsoft knows this, which isn't really surprising to tell you the truth. Microsoft's logic is that "you don't need seat belts if you have airbags". And you don't need to know what it is that things like Media Player doing. Baloney indeed! John
Guest Kerry Brown Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "John John" <audetweld@nbnet.nb.ca> wrote in message news:%23mmjLjX0HHA.4568@TK2MSFTNGP03.phx.gbl... > Kayman wrote: > > >> and scroll down to: >> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe. > > That article itself is baloney. It is true that any malware can > circumvent a firewall's outbound protection but it is also true that a lot > of malware is detected by firewall outbound monitoring. The outbound > monitoring also alerts you when otherwise legitimate software is trying to > call home. Perhaps you like it better when things like Media player call > home without your knowledge, a pesky annoyance that you should be aware of > things like that. > > The article states: > > "Speaking of host firewalls, why is there so much noise about outbound > filtering? Think for a moment about how ordinary users would interact with > a piece of software that bugged them every time a program on their > computer wanted to communicate with the Internet..." What a pile of > baloney!" > > Firewall have rules, it appears no one at Microsoft knows this, which > isn't really surprising to tell you the truth. Microsoft's logic is that > "you don't need seat belts if you have airbags". And you don't need to > know what it is that things like Media Player doing. Baloney indeed! > There is no way a software firewall can guarantee it will stop outbound traffic on the computer it is running on regardless of the OS. Software firewalls can be useful for stopping programs communicating outbound through normal channels. That's it, period. The fact that some firewalls notify you about malware communicating out is a function of how poorly the malware is programmed not the firewall. Intel motherboards can communicate though the onboard NICs at the BIOS level with no OS present. Rootkits can easily modify all traffic going through any NIC in the computer. Malware running in Windows can easily corrupt traffic from legitimate programs. Malware can even create it's own TCP/IP stack and bypass Windows (or other OS') networking stack altogether. Virtual server software is capable of spoofing a MAC and getting multiple IP addresses for one NIC from a DHCP server. What makes you think malware can't do the same type of thing? -- Kerry Brown Microsoft MVP - Shell/User http://www.vistahelp.ca
Guest John John Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine whatit is? Re: Unknown download activity in background - how to determine whatit is? Kerry Brown wrote: > "John John" <audetweld@nbnet.nb.ca> wrote in message > news:%23mmjLjX0HHA.4568@TK2MSFTNGP03.phx.gbl... > >> Kayman wrote: >> >> >>> and scroll down to: >>> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe. >> >> >> That article itself is baloney. It is true that any malware can >> circumvent a firewall's outbound protection but it is also true that a >> lot of malware is detected by firewall outbound monitoring. The >> outbound monitoring also alerts you when otherwise legitimate software >> is trying to call home. Perhaps you like it better when things like >> Media player call home without your knowledge, a pesky annoyance that >> you should be aware of things like that. >> >> The article states: >> >> "Speaking of host firewalls, why is there so much noise about outbound >> filtering? Think for a moment about how ordinary users would interact >> with a piece of software that bugged them every time a program on >> their computer wanted to communicate with the Internet..." What a >> pile of baloney!" >> >> Firewall have rules, it appears no one at Microsoft knows this, which >> isn't really surprising to tell you the truth. Microsoft's logic is >> that "you don't need seat belts if you have airbags". And you don't >> need to know what it is that things like Media Player doing. Baloney >> indeed! >> > > > There is no way a software firewall can guarantee it will stop outbound > traffic on the computer it is running on regardless of the OS. Software > firewalls can be useful for stopping programs communicating outbound > through normal channels. That's it, period. The fact that some firewalls > notify you about malware communicating out is a function of how poorly > the malware is programmed not the firewall. Intel motherboards can > communicate though the onboard NICs at the BIOS level with no OS > present. Rootkits can easily modify all traffic going through any NIC in > the computer. Malware running in Windows can easily corrupt traffic from > legitimate programs. Malware can even create it's own TCP/IP stack and > bypass Windows (or other OS') networking stack altogether. Virtual > server software is capable of spoofing a MAC and getting multiple IP > addresses for one NIC from a DHCP server. What makes you think malware > can't do the same type of thing? All that you say is true and I never said or argued otherwise. But software firewalls that monitor outbound connections can be useful and can help to keep some applications in check, just because the Microsoft firewall can't do it doesn't mean that all others are not good. John
Guest dobey Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "WaIIy" <eIvez@ChangeThisPart.com> wrote in message news:7mvma3p34og81q98nm23ga35mqui1uvhce@4ax.com... > On Sat, 28 Jul 2007 00:51:49 -0700, Doc <docsavage20@yahoo.com> wrote: > >>I'm using WinXP Media Center, the last few days I've noticed that >>there's some kind of d/l actitivity showing even when I'm doing >>nothing online even with the Windows firewall up as well as >>ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I >>don't have Windows update on automatic. I ran AdAware with the latest >>definitions but it's still doing it. >> >>Thanks. > > This might help. It's a very handy program. > > http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx Any chance it is just Windows update working in the background? I imagine some of the updates might take a while on 56 kb.
Guest Vanguard Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "dobey" <a@v.nox> wrote in message news:e9lJRDZ0HHA.4568@TK2MSFTNGP03.phx.gbl... > > Any chance it is just Windows update working in the background? I > imagine some of the updates might take a while on 56 kb. Check the configuration of Automatic Updates. Right-click on the My Computer desktop icon, select Properties, and look at the Automatic Updates tab. You should NEVER let Microsoft automatically update your host. At worst, allow the updates to be download but prompt to actually install them. Better is to only get prompted when there is an update and then you do the download and install when you want. Best is to disable Automatic Updates and only update when you find there is an update that you want or need. Unfortunately, Microsoft is bent of forcing their updates on their customers so, for example, the malware signature updates for Windows Defender are delivered via Windows Updates rather than having the program check for only its own updates, so you might want to set Automatic Updates to prompt you but you shouldn't download until you are ready to then follow with the install. If you let blindly allow Microsoft change your host's configuration, you will be yet another user proclaiming that they did not change a thing but now something suddenly fails to work anymore.
Guest dobey Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "Vanguard" <no@mail.invalid> wrote in message news:ODBpkGZ0HHA.3400@TK2MSFTNGP03.phx.gbl... > "dobey" <a@v.nox> wrote in message > news:e9lJRDZ0HHA.4568@TK2MSFTNGP03.phx.gbl... >> >> Any chance it is just Windows update working in the background? I imagine >> some of the updates might take a while on 56 kb. > > > Check the configuration of Automatic Updates. Right-click on the My > Computer desktop icon, select Properties, and look at the Automatic > Updates tab. You should NEVER let Microsoft automatically update your > host. At worst, allow the updates to be download but prompt to actually > install them. Better is to only get prompted when there is an update and > then you do the download and install when you want. Best is to disable > Automatic Updates and only update when you find there is an update that > you want or need. Unfortunately, Microsoft is bent of forcing their > updates on their customers so, for example, the malware signature updates > for Windows Defender are delivered via Windows Updates rather than having > the program check for only its own updates, so you might want to set > Automatic Updates to prompt you but you shouldn't download until you are > ready to then follow with the install. If you let blindly allow Microsoft > change your host's configuration, you will be yet another user proclaiming > that they did not change a thing but now something suddenly fails to work > anymore. This is to the OP of couse...
Guest Kayman Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "John John" <audetweld@nbnet.nb.ca> wrote in message news:evGvOsY0HHA.4568@TK2MSFTNGP03.phx.gbl... >>> Firewall have rules, it appears no one at Microsoft knows this, which >>> isn't really surprising to tell you the truth. Microsoft's logic is >>> that "you don't need seat belts if you have airbags". And you don't >>> need to know what it is that things like Media Player doing. Baloney >>> indeed! >>> It's a pc, apply your own logic (utilise sensible apps.); So take ownership, do some research, do not consult advertisement-driven publications and be responsible - *you* are in charge! If you don't like pc go for available alternatives. >>> >> There is no way a software firewall can guarantee it will stop outbound >> traffic on the computer it is running on regardless of the OS. Software >> firewalls can be useful for stopping programs communicating outbound >> through normal channels. That's it, period. The fact that some firewalls >> notify you about malware communicating out is a function of how poorly >> the malware is programmed not the firewall. Intel motherboards can >> communicate though the onboard NICs at the BIOS level with no OS present. >> Rootkits can easily modify all traffic going through any NIC in the >> computer. Malware running in Windows can easily corrupt traffic from >> legitimate programs. Malware can even create it's own TCP/IP stack and >> bypass Windows (or other OS') networking stack altogether. Virtual server >> software is capable of spoofing a MAC and getting multiple IP addresses >> for one NIC from a DHCP server. What makes you think malware can't do the >> same type of thing? > > All that you say is true and I never said or argued otherwise. But > software firewalls that monitor outbound connections can be useful and can > help to keep some applications in check, > Outbound filtering is useless, the PFW pop-ups just give a warm feeling for being in control but it's too late already - it's an illusion to belive otherwise. > just because the Microsoft firewall can't do it doesn't mean that all > others are not good. > M/S firewall *can't* do (but they could) because it's recognised to be waste of resources and time. And yes, PFW's are IMO of no value whatsoever; I know because I operate without these apps. John John, don't get blinded by all the marketing hype :)
Guest dc Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? Andy, What does the -b parameter do? I couldn't find it, and when I included it, I got the help legend. After looking at the legend, I did this... c:\netstat -na > netstat.txt Did you mean to use another pararmeter and if so, what is the command What is this for? c:\more netstat.txt Just trying to learn... thanks in advance, dc "Andy Walker" <awalker@nspank.invalid> wrote in message news:46ab6529.6936765@news.webtv.com... > Cyberiade.it Anonymous Remailer wrote: > > >>>> Use a software firewall that shows you the current connections and > >>>> level of traffic. Comodo has a good firewall for free. > > Or, you could simply run some simple DOS commands to determine what > program(s) are using external connections. > > c:\netstat -nab > netstat.txt > c:\more netstat.txt > > Look for established connections using foreign addresses other than > 127.x.x.x. You should be able to determine what port and what process > is communicating, as well as the external IP address. > > To check the external IP address go to http://www.dnsstuff.com and > enter it into the "IP Information" box.
Guest Peter Foldes Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "BoaterDave" <BoaterDave@nospam.invalid> wrote in message news:O4neV7R0HHA.5644@TK2MSFTNGP05.phx.gbl... > Hi Doc > > I've been led to believe that, just like one should only ever have a single > active antivirus programme, one should only have a single software firewall > operative. In other words, disable MS Windows firewall if you are using Zone > Alarm. > > HTH > > David > > ______________________________________________________________________________________________ > "Doc" <docsavage20@yahoo.com> wrote in message > news:1185609109.150631.111220@w3g2000hsg.googlegroups.com... >> I'm using WinXP Media Center, the last few days I've noticed that >> there's some kind of d/l actitivity showing even when I'm doing >> nothing online even with the Windows firewall up as well as >> ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I >> don't have Windows update on automatic. I ran AdAware with the latest >> definitions but it's still doing it. >> >> Thanks. >> > >
Guest Kerry Brown Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? "John John" <audetweld@nbnet.nb.ca> wrote in message news:evGvOsY0HHA.4568@TK2MSFTNGP03.phx.gbl... > Kerry Brown wrote: > >> "John John" <audetweld@nbnet.nb.ca> wrote in message >> news:%23mmjLjX0HHA.4568@TK2MSFTNGP03.phx.gbl... >> >>> Kayman wrote: >>> >>> >>>> and scroll down to: >>>> Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe. >>> >>> >>> That article itself is baloney. It is true that any malware can >>> circumvent a firewall's outbound protection but it is also true that a >>> lot of malware is detected by firewall outbound monitoring. The >>> outbound monitoring also alerts you when otherwise legitimate software >>> is trying to call home. Perhaps you like it better when things like >>> Media player call home without your knowledge, a pesky annoyance that >>> you should be aware of things like that. >>> >>> The article states: >>> >>> "Speaking of host firewalls, why is there so much noise about outbound >>> filtering? Think for a moment about how ordinary users would interact >>> with a piece of software that bugged them every time a program on their >>> computer wanted to communicate with the Internet..." What a pile of >>> baloney!" >>> >>> Firewall have rules, it appears no one at Microsoft knows this, which >>> isn't really surprising to tell you the truth. Microsoft's logic is >>> that "you don't need seat belts if you have airbags". And you don't >>> need to know what it is that things like Media Player doing. Baloney >>> indeed! >>> >> >> >> There is no way a software firewall can guarantee it will stop outbound >> traffic on the computer it is running on regardless of the OS. Software >> firewalls can be useful for stopping programs communicating outbound >> through normal channels. That's it, period. The fact that some firewalls >> notify you about malware communicating out is a function of how poorly >> the malware is programmed not the firewall. Intel motherboards can >> communicate though the onboard NICs at the BIOS level with no OS present. >> Rootkits can easily modify all traffic going through any NIC in the >> computer. Malware running in Windows can easily corrupt traffic from >> legitimate programs. Malware can even create it's own TCP/IP stack and >> bypass Windows (or other OS') networking stack altogether. Virtual server >> software is capable of spoofing a MAC and getting multiple IP addresses >> for one NIC from a DHCP server. What makes you think malware can't do the >> same type of thing? > > All that you say is true and I never said or argued otherwise. But > software firewalls that monitor outbound connections can be useful and can > help to keep some applications in check, just because the Microsoft > firewall can't do it doesn't mean that all others are not good. > You said that this: "Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe." was baloney. It is not. You are talking about privacy not safety. Software firewalls do nothing to improve your safety. They may actually decrease your safety by giving you a false sense of security. They can as you say be used to protect your privacy. You went on to say this: "Firewall have rules, it appears no one at Microsoft knows this" which is also false. All of the firewalls in Microsoft OS' use rules. Some of them don't monitor outgoing traffic but they all use rules. -- Kerry Brown Microsoft MVP - Shell/User http://www.vistahelp.ca
Guest witan Posted July 29, 2007 Posted July 29, 2007 Re: Unknown download activity in background - how to determine what it is? On Jul 28, 12:51 pm, Doc <docsavag...@yahoo.com> wrote: > I'm using WinXP Media Center, the last few days I've noticed that > there's some kind of d/l actitivity showing even when I'm doing > nothing online even with the Windows firewall up as well as > ZoneAlarm. I'm on 56k dialup. How do I determine what this is? I > don't have Windows update on automatic. I ran AdAware with the latest > definitions but it's still doing it. > > Thanks. A long shot: A couple of months back, I had downloaded and installed a free "flash video player" that was seen on Firefox. The same day, I found that my Internet account had been drained out, because some 2GB was "downloaded" in the matter of a few hours, although I had shut down the program after using it for just a few minutes. I could not locate any downloaded files even in the "Temporary Internet Files" folder to account for that size, and my hard disk space was not decreased. Apparently, the program continued to run in the background even after I shut it off. When I opened the "Local Area Connection Status" by clicking on the double-computer icon in system tray area, I saw that heavy downloading was gong on. I am not absolutely sure that the Flash Video Player was the culprit, but I after I uninstalled the program, the unknown internet activity also stopped. I suggest that you check for something similar on your computer.
Recommended Posts