Rococo

I'm using my laptop at school with a wireless network card in the library. When I check the connection status it shows that i'm constantly sending packets. Is this someone else tapping into my connection or is it normal?

cliche

How 'constantly'? A packet every few seconds, or lots of packets a second? I assume it's when you're not doing much.

If it's lots of packets a second, get the command prompt and type "netstat -an". Commonest reason I've seen this is being infected with Welchia/MSBlast - your machine will be sending out a lot of packets on port 135 (shows up in the netstat column).

For other possibilities, what progs do you have running, what OS?

__________________
I can't understand why people are frightened of new ideas. I'm frightened of the old ones. -- John Cage (1912 - 1992)

spived2

its probably just your computer sending it's keep alive signal, making sure that it's still connected every few seconds. like a constant ping.

__________________

"This visage, no mere veneer of vanity, is it vestige of the vox populi, now vacant, vanished, as the once vital voice of the verisimilitude now venerates what they once vilified. However, this valorous visitation of a by-gone vexation, stands vivified, and has vowed to vanquish these venal and virulent vermin vanguarding vice and vouchsafing the violently vicious and voracious violation of volition. The only verdict is vengeance; a vendetta, held as a votive, not in vain, for the value and veracity of such shall one day vindicate the vigilant and the virtuous. Verily, this vichyssoise of verbiage veers most verbose vis-à-vis an introduction, and so it is my very good honor to meet you and you may call me V." - V

Rococo

I'm sending lots of packets, somewhere like 50 packets a second. What should I look for in the netstat screen? I just see many different ip addresses. I'm using windows xp, with only internet explorer running.

Dilbert1234567

maybe, what OS are you running?

first update your system with windows update

next lets close some holes in your system

windows 2k xp by default shares your hard drives (all logical drives acualy) so lets close them off

create a batch file

(make a text document and save it as a .bat)

with the folowing code in it:


then run the batch file. this will remove all default shares.

you need to run this file each time you load windows because windows reshares these each time. you can also set it to run each time windows loads.



this will stp any one who is just playing around. and trying to get in.


the best thing you can do is to run a fire wall (Zone Alarm)

__________________
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen

charliex

networked computers normally send information back and forward, communication with PnP, RIP, routers, domain controllers etc.

run etherpeek/aeropeek and see what its really doing, having a firewall as the others said is a good thing.

50 a second does sound high for when the system is idling though

yodapaul

You might have some spyware on your system, or it could be a IM program sending it's signal. It could be windows updating the system clock or downloading something from windows update. I would run a system scan with adaware and/or run a virus scan to know for certain.

Good luck

__________________
I'm Just here to help.
Now, Where is your problem?

losthellhound

There are alot of reasons why a constant signal would be sent. If you run the command "netstat 2" to see what the connection is to. Most likely it is a keepalive, or a connection to a DHCP server

__________________
"Life is possible only with illusions. And so, the question for the science of mental health must become an absolutely new and revolutionary one, yet one that reflects the essence of the human condition: On what level of illusion does one live?"
-- Ernest Becker, The Denial of Death

sailor

Yep, thats what I would recommend. Go get a good firewall (Zone Alarm works, I use Sygate), install it, and make sure it starts with the computer. This is especially necessary in an environment like a college, where there are lots of machines that are not well maintained. I cant tell you how many times the network here at school has been brought to a crawl by someone putting an infected computer onto it... And I sit there and watch all the attempts to infect my machines bounce right off the firewall.

__________________
"Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws."
--Plato

Rococo

Right after I posted this I checked my email and the school had sent me a notice that I was running an infected computer. I installed the avg program and trying to clean this mess right now.

The strangest part is that I was using the laptop yesterday at school and it was fine, and no messages about viruses. I tried to go to the Trend micro anti-virus site today just before the computer started freaking out. I was hoping to test my computer since I haven't run a virus scanner in a while. This is the SECOND time i've had freaky problems (first time with my home pc) right after going to the trend website.

Any chance there's a correlation here?

charliex

unlikely trend scanner is used by millions of people, if you wan tto a bogus site and did it , its possible it could infect it, but if you went to their site highly unlikely.

are you running any sort of kaaza or bearshare etc, sharing apps of any kind ? most virus infections come from either that or emails.

since you aren't running either a firewall or a virus scanner, you are toast. next you be telling us you dont use windows update

note some clever virus programmers made it so that they will detect you installing a virus scanner and disable it, so if it doesnt find anything,try one from a boot disk.

cliche

Rococo - not likely to be the trend site, most worms come in from local machines (as any sensible school will have firewalled off vulnerable ports).

Did the virus scanner find anything? (if not, make sure it's had the latest definition files installed). Otherwise, get the command prompt and type "netstat -an" and copy the results back here.

__________________
I can't understand why people are frightened of new ideas. I'm frightened of the old ones. -- John Cage (1912 - 1992)

cheerios

ok #1: if you even THINK you're virus-infected or being hacked...
PHYSICALLY DISCONNECT FROM THE NETWORK.

if your being hacked, you break their access to your box till you can clear however they're getting in. if it's a virus, you stop infecting other machines.

#2: you NEED updated anti-virus software. there's freee stuff. school'll probably provide you with some, for free, also. UPDATE IT REGULARLY.

virus software + adaware or other spy-ware removal + firewall + FULLY UPDATED windows == happy, (relatively) safe, computer.

Rococo

I'm running avg right now, what about a firewall program that uses minimal cpu/memory while working in the background?

Jerry Manderine

sygate's free version has always been my first choice:
http://soho.sygate.com/products/spf_standard.htm

__________________
Time has told me I'm a rare, rare find

dragon2fire

www.trendmicro.com

run there free viruis scan

/\/\etalhea|)

I'm not having any problems, but just for kicks I tried this. All of them came back as "this shared resource does not exist", except the last one, IPC$, which came back as "Access Denied".

I have admin access on this machine, in fact there's only one user set up, me.

Is "access denied" indicative of a problem?

Shauk

the "one user" account doesnt mean you are admin even though you have "admin rights"

its a safeguard in a way, you actually have to log in as "Administrator" (yes, thats the spelling as well)

doesnt show up on most normal boots, I know there is another way to show that login but I have it hidden so you can only see it in safe mode.

try safe mode then running that bat.

should be ok. I think.

I've never done this so im speaking in theory.