Act as Server

[JimL]

From time to time my firewall tells me something on my computer wants to act
as a server to something on the internet. (I think I got that sort of
right.)

I'm not quite sure what "act as server" actually means in these cases but it
sounds like "give somebody the right to mess around in my system as they
please." I have never allowed it.

Am I wrong? Are there legitimate times for this server activity? I've
never had my computer explode because I didn't allow it.

Thanks

 

[Singapore Computer Service]

Hello,

Act as server means that a program is attempting to allow other computers to
connect to your computer. If you are hosting a game server, or bittorrent,
or P2P applications, Skype, this is normal.

Which program is it in question?

Regards,
Singapore Computer Home Repair Service
http://www.bootstrike.com/ComputerService/
Video Conversion VHS Video8 Hi8 Digital8 MiniDv MicroMv
http://www.bootstrike.com/VHSVideoConvert/

 

[JimL]

I don't use any of the 4 things you mention. My computer use is very
elementary. Truthfully I'm not sure I have ever looked to see what asked
for server permission maybe once or twice when it first came up a couple
years back. I don't see it for weeks or months at a time, certainly not
often enough to develop a pattern in my pathetic memory, and I just tell it
no and go on. "Let's be a server" doesn't sound good to me while in the
middle of a download or concentrating on reading email or Googling and I've
always just refused it. This has never caused any kind of disruption that I
have observed.

I haven't seen it for weeks. It just popped into my mind and I decided to
ask about it.

Thanks

 

[Singapore Computer Service]

Hello,

You're welcome.

If the program is something you are running knowingly, such as Live
Messenger, you should allow it or you may have problems with file transfers
and voice/video conversations.

Regards,
Singapore Computer Home Repair Service
http://www.bootstrike.com/ComputerService/
Video Conversion VHS Video8 Hi8 Digital8 MiniDv MicroMv
http://www.bootstrike.com/VHSVideoConvert/

 

[JimL]

Thanks. Using the term broadly, the only "instant messaging" I ever use is
support CHAT and only very recently and very little. I guess I'll
continuing rejecting the server "pleas."

 

[Bruce Chambers]

Thanks. Using the term broadly, the only "instant messaging" I ever use is
support CHAT and only very recently and very little. I guess I'll
continuing rejecting the server "pleas."

Besides simply denying the requests for this application to act as a
server, it would be in your bests interests to determine exactly which
application is doing so, and then - assuming it's something you want to
keep -- configure it so that it never again makes the request. That
way, you won't have to worry about ever accidentally clicking the wrong
button and possibly compromising your computer's security. Of course,
if it's a program your don't want or -- more importantly -- don't
recognize, you should remove it.


--

Bruce Chambers

Help us help you:


http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot

 

[Twayne]

Besides simply denying the requests for this application to act as a
server, it would be in your bests interests to determine exactly which
application is doing so, and then - assuming it's something you want
to keep -- configure it so that it never again makes the request. That
way, you won't have to worry about ever accidentally clicking
the wrong button and possibly compromising your computer's security.
Of course, if it's a program your don't want or -- more importantly
-- don't recognize, you should remove it.

Also, if you know how, you should be able to set your firewall to
permanently deny that particular request. Some firewalls make it easy,
some don't. Sometimes there is a "remember this" tick box. Your
firewall log should tell you which program is initiating the call also.
Of course, this is meant for the interim of accomplishing the above,
not as a permanent solution. It's just the quickest way to stop the pop
up, that's all.

HTH,

Twayne`

 

[JimL]

Besides simply denying the requests for this application to act as a
server, it would be in your bests interests to determine exactly which
application is doing so,

I believe you. But on my computer? Much easier said than done. Why?
Because it's me doing it. I wouldn't know where to start.

Thanks

 

[JimL]

Also, if you know how, you should be able to set your firewall to
permanently deny that particular request.

That's easy enough. The hard part will be figuring out what is calling it -
at least for me.

Thanks

 

[JD]

That's easy enough. The hard part will be figuring out what is calling it -
at least for me.

Thanks

Do you know what firewall you are using? When it gives you the message
about acting as a server, doesn't it tell you what program is making the
request? I'd want to know, just out of curiosity, if it was my computer.
As Twayne ask, isn't there a box to click to make the deny permanent?

 

[JimL]

Do you know what firewall you are using? When it gives you the message
about acting as a server, doesn't it tell you what program is making the
request? I'd want to know, just out of curiosity, if it was my computer.
As Twayne ask, isn't there a box to click to make the deny permanent?

As for making the denial permament, as I said a few lines above, that's the
easy part. But I don't like turning off stuff I know nothing about - thus
my query.

I'm using ZoneAlarm - a name known to start flame wars. A guess the only
thing I _don't_ like about it is that while it sort of identifies what is
asking for access, it isn't very clear. Like many gurus, ZA assumes you
already know what it's talking about.

For example, last night I got a notice that SupportSoft Agent wanted to
access my trusted zone. By search I found a SupportSoft folder full of
dll's and XML readme's that nothing in XP will read. Googling got me a
_whole lot_ of stuff about a whole lot of very different things regarding
SupportSoft, but none of it was definitive or said what was on JimL's
computer.

Thanks

 

[JD]

As for making the denial permament, as I said a few lines above, that's the
easy part. But I don't like turning off stuff I know nothing about - thus
my query.

I'm using ZoneAlarm - a name known to start flame wars. A guess the only
thing I _don't_ like about it is that while it sort of identifies what is
asking for access, it isn't very clear. Like many gurus, ZA assumes you
already know what it's talking about.

For example, last night I got a notice that SupportSoft Agent wanted to
access my trusted zone. By search I found a SupportSoft folder full of
dll's and XML readme's that nothing in XP will read. Googling got me a
_whole lot_ of stuff about a whole lot of very different things regarding
SupportSoft, but none of it was definitive or said what was on JimL's
computer.

Thanks

I hear you. I like to know what's on JD's computer. It's not always easy
to figure out but...

http://supportsoft-agent-controls.software.informer.com/

SupportSoft Agent Controls is developed by SupportSoft. Pretty cryptic
but if you're not familiar with then then why not block it permanently
and see what happens?

In my system tray, or notification area (where the clock is). I have an
icon for Zone Alarm. When I double left mouse click on it or right mouse
click on it and select Restore Zone Alarm Control Center, on the left
side of the window that opens is Overview and below that is Program Control.

Left mouse click and there is a list of the programs that have tried to
access the internet, etc..

If you block one that you later need unblocked, you can do it there.

If you left click on a program, the Entry Detail will tell you more
about the program.

When you're done just minimize the window, upper right corner, the
little underscore next to the box and x.

Does this help?

 

[Twayne]

As for making the denial permament, as I said a few lines above,
that's the easy part. But I don't like turning off stuff I know
nothing about - thus my query.

I'm using ZoneAlarm - a name known to start flame wars. A guess the
only thing I _don't_ like about it is that while it sort of
identifies what is asking for access, it isn't very clear. Like many
gurus, ZA assumes you already know what it's talking about.

For example, last night I got a notice that SupportSoft Agent wanted
to access my trusted zone. By search I found a SupportSoft folder
full of dll's and XML readme's that nothing in XP will read. Googling
got me a _whole lot_ of stuff about a whole lot of very
different things regarding SupportSoft, but none of it was definitive
or said what was on JimL's computer.

Thanks

ZA is actually a decent product, and relatively easy to use. Anything
you permanently Deny can be "undenied" in one of its standard menues; I
forget which one since I no longer use it, but it's a descriptive line
and not hard to find except for a gazillion other entries around it if
you've never cleared the logs.

In general, if one haven't asked for anything from a SupportSoft, or
don't expect it to happen, and it seems to come out of nowhere, I just
go ahead and deny it. Once in a great while if I'm not sure because it
might be something I have running in the background I won't make a rule
to permanently Deny it but I do watch to see if anything stopped working
or if things I expected to happen didn't happen, on subsequent Denies,
then I'll go ahead and set a permanent rule.
In the extreme, if you suspect you've frogged things up with ZA's
rules, Denies and Allows, just uninstall/reinstall and start training it
all over again.
You can also usually take any filename that comes up and search for
it on Google to see what it is and what it might be doing.
It won't take long and soon you'll be understanding a lot more about
what's going on.

I hope I'm not sounding condescending, but just in case you're not fully
aware, here is a list of protections in general that you should be
running:
-- Firewall. You have that.
-- Antivirus program, kept up to date. Both free and pay for versions
of excellent programs are available.
-- Anti-spyware programs, to detect non-viral malware that AV won't
see. The general online concensus is that a minimum of 3 such programs
should be used since there is not yet a turn-key all-inclusive such
program. Each have their own power and weak points.
-- Adhere to safe surfing practices, keep your email address off of any
web sites you aren't positive are "safe" sites, and work toward learning
how to research whether a site is reliable or not. Google again does
well in this area but other search engines can too. Google gives a
symbolic indication of whether a site is safe or not for all its
lookups.

I'm not filling this post with a bunch of references and links just in
case you already know all of that. If not though, simply ask here and
you will get good responses with suggestions and answers that should
work well for you.

HTH,

Twayne`

 

[JimL]

SupportSoft Agent Controls is developed by SupportSoft. Pretty cryptic but
if you're not familiar with then then why not block it permanently and see
what happens?

I have. That was only an example.

Thanks

 

[JimL]

ZA is actually a decent product, and relatively easy to use. Anything you
permanently Deny can be "undenied" in one of its standard menues; I forget
which one since I no longer use it, but it's a descriptive line and not
hard to find except for a gazillion other entries around it if you've
never cleared the logs.

In general, if one haven't asked for anything from a SupportSoft, or don't
expect it to happen, and it seems to come out of nowhere, I just go ahead
and deny it. Once in a great while if I'm not sure because it might be
something I have running in the background I won't make a rule to
permanently Deny it but I do watch to see if anything stopped working or
if things I expected to happen didn't happen, on subsequent Denies, then
I'll go ahead and set a permanent rule.
In the extreme, if you suspect you've frogged things up with ZA's rules,
Denies and Allows, just uninstall/reinstall and start training it all over
again.
You can also usually take any filename that comes up and search for it
on Google to see what it is and what it might be doing.
It won't take long and soon you'll be understanding a lot more about
what's going on.

I hope I'm not sounding condescending, but just in case you're not fully
aware, here is a list of protections in general that you should be
running:
-- Firewall. You have that.
-- Antivirus program, kept up to date. Both free and pay for versions of
excellent programs are available.
-- Anti-spyware programs, to detect non-viral malware that AV won't see.
The general online concensus is that a minimum of 3 such programs should
be used since there is not yet a turn-key all-inclusive such program.
Each have their own power and weak points.
-- Adhere to safe surfing practices, keep your email address off of any
web sites you aren't positive are "safe" sites, and work toward learning
how to research whether a site is reliable or not. Google again does well
in this area but other search engines can too. Google gives a symbolic
indication of whether a site is safe or not for all its lookups.

I'm not filling this post with a bunch of references and links just in
case you already know all of that. If not though, simply ask here and you
will get good responses with suggestions and answers that should work well
for you.

HTH,

Twayne`

Thanks. Great post. I have a handle on most of that, but I don't worry
about being told something unless it's on the order of "RTFM" or "it's on
the internet," etc. When I get replies like that I wonder why the author
bothers to visit a place that "dispenses" information.

I'll bare my soul here. I use Emsisoft's A-Squared Anti-Malware, full
house. It's not well known, but it's extremely powerful and relies heavily
on 3 things for a very wide range of malware: hard and soft "Do Not Go
Here" URL lists, scans and an engine that watches execution patterns
closely. There is also the HijackFree utility that is part of it. It also
can check up on proven false positives and un-quarantine stuff that was
wrongly quarantined, pretty much transparently. It has semi-automatic
reporting of different kinds of finds. A^2 and ZA cover your
recommendations pretty tightly.

I've wondered if a hardware firewall might be a good thing, but that's
mostly daydreaming. I haven't figured out if I even want a wireless router
yet. No one wants to say whether they are good, solid performers.

Thanks