puk said:
Thanks for all the replies - my situation is that I don't have
broadband -yet-, but may have soon as it is only being rolled out in
my area in the near future. I've heard a bit of debate about this,
and understood that broadband provided an 'always-on' connection, so
therefore nothing could dial up. I hadn't considered that a PC might
still have a modem installed/configured, which would allow a dialler
to make use of it. I guess it would be prudent to leave a previously
installed modem there, for backup if a problem occurred with the
broadband connection (?).
So - in such a situation, if a previously installed modem were to be
left installed, but disabled in device manager (Windows XP), would
that be likely to do the trick and prevent a dialler from working?
Neil
Since you can disabled it, something else could reenable it.
You could delete the dial-up connectoid thinking that it could not be
connected to an Internet provider but software can define connectoids.
That means your host could be used as a bridge or relay.
Even if the malware dialer didn't connect via TCP to some Internet
provider, it could still make long-distance phone calls, especially to
offshore destinations, and rack up some huge phone bills, like to Diego
Garcia, an island in the Indian Ocean that has no indigenous inhabitants
and only a joint U.K.-U.S. military base. Of course, on the line to
which the computer modem is connected, you could discontinue any
long-distance service on that line (I got fed up with the monthly
minimum fee, rarely make long-distance calls, the freebie plans often
die because they are a good deal but not for the telco, so now I just
use a 3.9-cent/minute dial-up card).
When you have the always-on broadband connection, you really don't need
the modem anymore so disconnect it from the telephone line (unless you
need it for faxing). If you want to leave the modem connected to the
telephone line, turn the speaker volume up to make sure it makes noise
when it dials out (so you'll hear it connecting if you are around); in
Device Manager, enable it to make sounds, or add "L1 M1" to the extra
initialization string. Make sure the property option to have the modem
wake the system is disabled. Make sure your BIOS doesn't allow the
modem to bring the system out of standby/sleep modes (so someone cannot
call into your computer). If you leave a dial-up connectoid defined
(because you want a backup Internet connection when broadband goes
dead), make sure to set the option to prompt you for login credentials
(and do NOT save a password, prompt for phone number, and to display
call progress. In fact, and even if you don't have a backup dial-up
service, you could define a connectoid that dials your own telephone
number (so you'll hear when the malware auto-dialer is trying to make a
connection, if it uses the dial-up connectoid already defined).
Or easier yet, periodically scan for malware and just yank the phone
cord from the modem or use a switch until YOU need to use the modem. If
you don't need to send or receive faxes, use your computer as an
answering machine, or have a backup dial-up Internet provider (some are
free up to a max hour/month usage) then you don't need the modem at all.
