It is common to see 15-20 random port scans a day. These scans are typically from people looking for open services or trying to contact the wrong IP address (similar to dialing the wrong phone number). While these port scans are not good net-etiquette, they are most likely harmless.If your firewall or intrusion detection software reports a scan that has many hundreds of ports from the same IP address, this should be reported. Send an email to abuse@sprintbroadband.com to report the incident. Be sure to include the following information:

• Your IP address
• The source IP address of the suspect scanner
• The port numbers scanned
• The time of the incident
• The frequency of the incident

Port scans are not illegal, but they are a violation of our Acceptable Use Policy . We take complaints seriously and enforce our Acceptable Use Policy. If you have provided all the required information, your case will be investigated and appropriate actions taken. This may involve a warning or a disconnection of service if the offender is a Sprint customer. However, some events occur outside the bounds of our direct control. Unless additional information or action on your part is needed, you will not receive further responses to the reported incident.

Send an email to abuse@sprintbroadband.com to report the incident. Be sure to include the following information:

• Your IP Address
• The source IP address of the suspect
• Any log files capturing the event
• A description of the event
• The time of the violation (if not apparent in the logs)

We take complaints seriously and enforce our Acceptable Use Policy . If you have provided all the required information, your case will be investigated and appropriate actions taken. This may involve a warning or a disconnection of service if the offender is a Sprint customer. However, some events occur outside the bounds of our direct control. Intrusion into your computer system and interception of your data is not only a violation of our Acceptable Use Policy, but may also be a crime. Internet-related crime should be reported to appropriate law enforcement investigative authorities at the local, state, or federal levels. The Department of Justice and the FBI have teams organized to fight and prosecute computer crime. Computer intrusion cases (hacking) should be reported to a local FBI office or the interagency National Infrastructure Protection Center (NIPC). A report can be filed with NIPC Watch by calling 202-323-3205 or completing a form available at http://www.nipc.gov/ .

Anytime your computer is connected to the Internet it is vulnerable to hackers. It does not matter if your connection is always-on or dial-up. The main difference in vulnerability is the length of the exposure. Always-on connections provide a conduit to the Internet that is a two-way street, allowing hackers to exploit the connection and access your system. The longer your computer has uninterrupted access to the Internet, the longer it is vulnerable to a potential hacker.

Note: If you download anything or receive emails, you are also vulnerable to viruses, worms and trojans. Your connection type does not affect this vulnerability.

Hacking vulnerability for always-on connections results from the fact that you are less likely to receive a new or different IP address. This can be the result of having a static IP address or simply not powering down your computer. Regardless of the reason, the constant use of a single IP address is the main avenue that allows a hacker to exploit your computer.

Yes. Information is a key asset you should protect, whether it is company secrets or your personal data. Your company probably has a policy regarding security when you are telecommuting or communicating while on the road. Check with your network administrator to determine your company's requirements. If you're connecting to the office via the Internet, you should use a firewall with Virtual Private Networking (VPN) capabilities to protect you and your company. While the VPN solutions used by many companies, specifically those using the IPSEC protocol, may work on the Sprint Broadband Direct network, troubleshooting and support are not offered by Sprint representatives. For assistance on setting up or troubleshooting a VPN, please contact your network administrator or the vendor of the particular software that you are using.

There is still cause for concern. With the amount of recent computer viruses that have been spread over the Internet via email, anyone can be infected. These viruses have become more intelligent, in that they will self-replicate, hide within useful programs, steal your passwords, email themselves and possibly be sent from someone you know, without their knowledge.

There is still cause for concern. With the amount of recent computer viruses that have been spread over the Internet via email, anyone can be infected. These viruses have become more intelligent, in that they will self-replicate, hide within useful programs, steal your passwords, email themselves and possibly be sent from someone you know, without their knowledge.

Yes. Most operating systems provide a method to share files between systems, this is an example of a "service" provided by your PC that can be "scanned" by a hacker. File sharing exposes those shared files to the outside world and could allow other users to copy, erase or delete your shared files depending upon your operating system.If file or print sharing is required, implement access controls on your PC such as a personal firewall.

The methods for disabling file and print services vary among operating systems. Click Start|Help to learn about disabling file and print sharing for your specific operating system.You can also reference the documentation for your operating system for assistance. Microsoft product documentation and other security information is available at www.microsoft.com/technet/ or support.microsoft.com .

Your Apple computer was initially configured with file sharing, remote login and FTP turned off by default. Information on how to activate or deactivate these services and other security information is available with your computer's documentation or at www.apple.com/support/ .

Installing a firewall reduces, but does not eliminate the probability of being successfully attacked.

In the strictest sense of "secure", no software-based solution is as safe as a separate physical device acting only as a firewall. Hardware-based packages typically start around $300, while software solutions are much less expensive and in some instances free.

Note: You may have trouble obtaining support or help with free firewall software, which could lead to an improperly configured firewall and a vulnerable computer.

Firewalls can be set with their protection settings too high, which may have adverse impacts on the performance of your Sprint Broadband Direct service. Contact the technical support center for your firewall solution if you suspect that your firewall settings may not be correct. Sprint is not able to provide assistance configuring or troubleshooting your firewall.

In order to ensure the Sprint Broadband Direct network performs at the most efficient level and to keep our network and connections secure, we may, from time to time, actively scan for the existence of certain security vulnerabilities that consume network resources. We look for vulnerabilities by scanning the network for open ports. When we find a port is open that corresponds to a known vulnerability, we suspect the PC may be compromised. If we suspect your PC may be compromised, we may notify you to bring it to your attention.

While we look for the existence of open ports, we never attempt to utilize the open port to gain access to the computer. By performing these scans we help identify problems that could impact network performance and help raise awareness of personal computer security. This proactive scanning is described in our Acceptable Use Policy.

Your firewall application may report our probe as the attacker, but we are not attempting to gain access to your computer. We are only looking for vulnerable ports. The host name for our scan is "authorized-security-scan.sprintbbd.net". The IP addresses are: 206.230.84.151 and 206.230.84.176.

Please review Security Risks and Precautions.

Microsoft Internet Explorer and Netscape browsers both maintain history files. For current versions of Internet Explorer, click the History icon to see the sites recently visited.

Click Tools|Internet Options to set the number of days you want maintained in your history log.

Additional information on Microsoft Internet Explorer can be found at www.microsoft.com/technet or support.microsoft.com . To view the history file on current versions of the Netscape browser, click Communicator|Tools|History.

Click Edit|Preferences to set the number of days you want maintained in your history log.Additional Information on Netscape's browsers can be found at http://www.netscape.com/ .

Microsoft Windows is the operating system your computer uses, but there are known vulnerabilities published all over the Internet for hackers to see and try. Security patches are regularly posted on Microsoft's Web site to fix known problems.

Microsoft Office, which is a product suite of word processing, spreadsheet, email and presentation applications, all have certain known vulnerabilities that also need security patches applied to fix them.

Microsoft product documentation and other security information is available at www.microsoft.com/technet/ or support.microsoft.com .

Most Web sites that ask you to conduct a transaction advise you about the security of the site. Check the security information or the FAQ area on the site(s) that you are concerned with.

Secure Sockets Layer (SSL) software is the industry standard for conducting secure online transactions with Web sites. SSL software encrypts all of your personal information, including credit card numbers, names and addresses, so that your information cannot be intercepted and read as it travels over the Internet. You should ensure that your web browser(s) support the use of SSL software. You will know that you are in the secure area of a web site by the following:

• The web site address changes from "http" to "https." The "s" stands for secure. The information you send to and receive from these pages is secure.
• Current versions of the Netscape browser and all versions of Internet Explorer display a highlighted lock.
• Older versions of the Netscape browser display a highlighted key.
• The browser may advise you that you are moving in or out of a secure area.

Just because a web site is secure does not mean that a site can be trusted. Ensure that you are comfortable with the privacy policy, security policy and trustworthiness of a site before you send any confidential data.

No. Computer passwords are only one level of security. With the hacking tools currently available on the Internet, "cracking" a password is relatively easy. Many companies today have deployed a concept called "defense in depth" to create layers of security. Firewalls, VPNs, anti-virus software, content filters and intrusion detection are all part of the layers being deployed to create defense in depth.

If you have more than one computer, you most likely have different uses for each one. Each computer should be protected with a firewall and anti-virus software.

You should also consider "content filtering" to protect yourself and/or your family from offensive sites.

If you have used Microsoft networking for file and printer sharing between computers, you will need a perimeter firewall to keep the outside world from also sharing your files and printer. To permit file sharing and printer sharing, without firewall protection at the perimeter of the network is one of the top ten vulnerabilities in network security today!

The only way to ensure that your system is not infected is to run a up-to-date virus scan on the computer. Several anti-virus software vendors are offering free tools to detect and remove the virus. Here are a few vendors pages and links to their tools.

http://www.sarc.com/avcenter/venc/data/codered.worm.html
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_BADY.A
http://www.norman.no/virus_info/w32_bady.shtml
http://vil.mcafee.com/dispVirus.asp?virus_k=99142&

Your computer will be vulnerable to the code red worm and any variants created thereafter. Because "code red" is a time based virus, system performance and upstream bandwidth will vary from week to week. During the active period of the virus the payload can cause the system to be unstable. The obtrusive scanning nature of the virus can also result in other people encountering malicious port scans from your computer which could lead to the account being disabled due to AUP violations.

Once the patch is in place you will still need to scan the machine to check for the presence of the virus.