[Malvern] AOL spyware ?

[Richard Forster]

Geoff Bagley wrote:
> Hi Rick.
> Thanks for the mail (below).
> 
> Firstly, I am not able to understand the significance of any telephone 
> conversation.
> My ADSL Modem/Firewall/Router is "always on".

Always on means always connected to the internet. But when you are on 
the phone to someone else there is a separate link through the *speech 
circuits* not just between your phone handsets but also between any 
other devices plugged into the phone sockets such as the broadband 
routers. This is why I always use my mobile phone and why new mobile 
phones with WiFi are dangerous because they can link to wireless ADSL 
routers.


> 
> I guess than an infected computer could attack my system whether I was
> on the phone or not.
Not in this new way. That is what makes it such a nasty (and 
particularly clever) attack method. It can't be detected by normal means 
because it doesn't go over the internet.

> 
> As it happens, I have another (later version) of the Netgear box (which 
> I have bought for my son).  I have tried it,  and it works OK, but  I 
> haven't tried nmapping it yet.
> 
> However,  armed with the knowledge that port 5190 is (presumably) open,  
> are you
> personally able to probe it ?  If so, please have a go !
1. My outgoing firewalls stop me doing this.
2. This may still be illegal even with your permission. It is certainly 
against the terms & conditions of my broadband contract.
3. I don't know your IP address.


> 
> Another approach might be to get a sofware update, which I presume to be 
> possible.
> 
> Is there any way to "bomb" the bastard behind this attack ?

Such actions would be illegal, even for me to condone, never mind advise 
on. In any case the 'source' of the attacks is invariably an unknowing 
PC owned by someone who can't keep their system updated and virus free.