porn dialers question...someone please respond!

Hi again.

I am still curious about porn dialers (no one has answered my previous threads about it, though it seems to me to be a legitimate concern - is this a taboo topic or something?). Could someone PLEASE let me know how one might know whether a dialer has been installed or is trying to dial. Can either of these (install, dial) be done without my knowing so (even if zonealarm and spywareblaster have been running during a particular connection)? I use dialup modem and have had some odd "outbound" threats (Major per sygate) detected by my firewall, but not enough other info was provided for me to diagnose (and I recently learned about porn dialers and they can disconnect ISP, dial premium chat line or something, ... and reconnect to ISP so I'll never know till the phone bill).

Thank you!

 

Hi username,

I moved your post here, since I think you will stand a better chance to get some general answers on dialer detection.

Regards,

Pieter

 

If I were you, I'd go here: a2 website and d/l and install a2 and run a fullscan on your system with that.

I'm pretty sure it has comprehensive detection built-in for dialers. HTH Pete

 

dear Username, porn-dialers are some pornwares that dials premium rate numbers through your modem. doing so they disconnect your connection. by using a good malware buster like Spybot or Adware or Spywareblaster you can protect yourself from those dialers. the best way is to use a firewall or AV software with integrated anti-dialer. means you fix the phone numbers that'll be dialed through your modem otherwise there will be an alarm. Panda Platinum uses this technique for example.

 

you can also do what i do and physically disconnect the phone jack when you are done surfing for the day.
because if you do get hit with a bill i don't think the phone company cares.

 

hi all.

thanks for all the replies! very helpful. i still wonder a few things:

can dialers dial when my computer's off?

how can they disconnect my connection without my knowing? is that really possible? (as in, it seems that my dialup connection icon would change, as it does when I disconnect.)

thanks again!

 

oh and ... Re: porn dialers question...someone please respond!

how do you contract a dialer in the first place?? i'd like to avoid it if i can.

(obviously i've just learned of such possibilities recently, and so am finding it pretty alarming and worth the askssssss)

thanks!!!! sorry for the peppering.

 

Yes, I had read through the link. Very helpful! Thank you! (I had actually seen this a while back.) I noticed that it's a about a 2 year old web site, and has a disclaimer at the bottom releasing the site from any inaccurate info liability (which is understandable and wise, but still makes me wonder whether the info's accurate and up to date - e.g., whether anyone has any more recent experience with such dialers NOT providing a pop up window asking you if you want to install it, and, if you answer in the affirmative, then prompting you with a pop up whether you want to dial another number through your modem).

Thanks so much again!

 

and if you want you can get a browser like firefox and you won't have to deal with activex

 

so you think that activeX would likely be the culprit if someone had a dialer issue? how is somebody supposed to tell when an activeX activity (which would be indicated by a firewall like ZA) might be malicious and when it's prob harmless?

thanks for the info, btw!

 

My advice is to block all ActiveX, period. No website (aside from Microsoft's own Windows Update) requires it and an ActiveX download can do pretty much anything on your system, including deleting files or rebooting it.

Any site which tries to offer you a dialler in the first place should not be trusted (this Forbes Phone Sex article gives more background on the dealings involved) and, in Alyon Technologies' case, a dialler was loaded when a popup window was closed. Since these have been (to date) exclusively used for porn sites, I would point out that there is enough free content online (especially on Usenet) to make subscriptions unnecessary unless you are looking for something well outside the mainstream.

As others have said, ditching Internet Explorer (with all its security problems) in favour of Firefox (free) or Opera (ad-supported but you can register to get rid of them) will avoid this issue completely. There is plenty of information elsewhere on this forum on protecting yourself further (start with a firewall and anti-virus software and then add a web-filter and adware/spyware scanner - consider a specialised anti-trojan and application firewall if you consider yourself especially at risk, i.e. you download lots of files from Usenet, P2P networks or Internet Relay Chat).

 

thanks for info. i'm admittedly a newby, relatively, so, please bare with all of this.

re: prev. reply in thread: I do not download files on the p2p's. the only thiong that i've done (to my knowledge) is download a couple of free ssh/telnet tools (putty, e.g.).

things are very dire, now. my girlfriend, while emailing on yahoo, experienced a series of terminations of yahoo session, then a myexexex hijack (which i'd "fixed" days ago through a moderators advice), and then a disconnect of her dialup session and what she said sounded like an attempt to dial again. i'm nervous and it's very odd that these things are happening more the more i try to learn about their possibility (without even thinking that i have them beyond a general concern for something recently learned).

i was downloading windows (9 updates at the time as well, so activeX was running, i believe. security had been set to "high" on IE (v5-ish), but, upon her request, i bumped it back to "medium" and disabled the popups warning of "scripts" (which were coming up repeatedly). that's about when the hijack took over, she went back to yahoo, was dumped from the connection, and the fifhy redial was attempted (and we powered off the machine).

more suspicious stuff:

zonealarm pro no longer prompts me about "continuing session" - it just loads as if i'd paid although i haven't since the trial period's still in effect (i'd thought).

many .exe's in WINDOWS/TEMP that we didn't put there ourselves (they're all about a day old)

a couple of hijacks by myexexex when trying to get "more info" (on ZA Pro) about suspicious exe's and dat's trying to connect

i'm desperate for a solution. should i reformat the hard drive and re-install? will that get rid of this stuff? HEEELLLLP.

 

Might as well leave it powered off if she's going to have you disable (or lower) settings that you make - you're just spinning your wheels trying to fix it.

(Unless, of course, you just want something to do every week, like re-formatting her computer). Pete

 

I'd hesitate to recommend a format at this stage - run AdAware or Spybot first to clear out the straightforward junk then use the anti-virus/anti-trojan scanners I mentioned previously to ferret out the diallers/trojans that you probably have installed.

Also stop using IE - replace it with Firefox or Opera. You only need IE for Windows Update (typical Microsoft) although I personally avoid it and use this page to download Windows security patches instead (if you no longer use Microsoft bugware, you no longer need to update it every half-hour).

Then if your firewall has web filtering (ZA Pro should have) use it to disable Java, Javascript and ActiveX by default or consider using a standalone filter like WebWasher Classic. You will encounter problems with some sites that require you to relax settings for them (e.g. allow cookies for shopping sites or sites where you have to login, allow Javascript if the website has buttons that no longer work, links that only reload the page or droplists that are empty) but this should be far more preferable to being hijacked every hour.

Finally either make sure that anyone else using your system understands the need for greater security or get them a separate system and leave them to sort out resulting problems on their own.

 

Then if your firewall has web filtering (ZA Pro should have) use it to disable Java, Javascript and ActiveX by default or consider using a standalone filter like WebWasher Classic. You will encounter problems with some sites that require you to relax settings for them (e.g. allow cookies for shopping sites or sites where you have to login, allow Javascript if the website has buttons that no longer work, links that only reload the page or droplists that are empty) but this should be far more preferable to being hijacked every hour.


I can just disallow Java in my security settings of my browsers, right? is that not enough?

I've been scrubbing this thing madly for weeks now and things just seem to be getting more persistent (though I did finally do a Windows Update for her...which required download of TWELVE updates, which SEEMS to be helping for the moment...though i did get another dialup session disconnect today on, after the one last night. is that a lot? ).

Finally either make sure that anyone else using your system understands the need for greater security or get them a separate system and leave them to sort out resulting problems on their own.[/QUOTE]

Yah. Well.

In all fairness to her, it may not be entirely her issue.

 

Sounds good. Thanks.

BTW - no need to get salty on me here. This isn't my area of expertise, thus the obvious concern and desperation and my coming here, where more of the experts are (not some iffy website that I could find myself and not necessarily know the difference).

Appreciate your patience with the lowly likes of me!

 

OK.

Nice quote by Blaise, BTW. Appropos. Did he say that? "...noone ARE everything"? Serious, yet pointless question, I guess.

Thanks for that.

 

You can do this, but browser settings do not work on a site-by-site basis so the danger is that you may enable it for a "problem" site and forget to disable it again for others.

There are plenty of reasons for being disconnected on dialup - if you have call waiting (a feature where you receive a tone when someone else is trying to call you) this will cause disconnections as can a poor quality phone line - some ISPs may also disconnect you after a certain amount of time online. However if this has started recently then malware is a more likely suspect. Have you run the anti-trojan/spyware programs mentioned previously? (if not, there is little point in anyone offering further advice...)

The Internet is a hostile place nowadays - anyone online needs to be proactive in defending their systems. If you have someone who cannot/will not take precautions, then your only real option is to go the "Internet cafe" route - take a backup image of your system (using the likes of Drive Snapshot or Acronis TrueImage) and restore it after every session (do this from DOS to avoid any running Windows malware) which will wipe out any changes made since the image was taken.