When the bad guys ping your computer

 
Q. According to its log, my firewall is blocking TCPs. It also tells me that it has blocked outgoing TCPs. What are these things? It seems that I get one blocked about every 10-20 seconds or so. Why so frequently?
 
A. TCP stands for Transmission Control Protocol. It is the method by which packets of data are sent from one computer to another.

I assume the TCPs are ping attempts from would-be intruders. Basically, they are trying to seize control of your computer. This is serious business. Thousands--perhaps millions--of individual computers have been compromised in this way.

Known as zombies, these computers are used to send spam or to attack other computers. The intruders use flaws in Windows that have been fixed by Microsoft. Unfortunately, many people do not patch their computers.

These intruders' probes are sent out to a range of Internet addresses. They travel through the Internet in that range, sending out their requests for service. Unprotected computers answer back. If they have not been patched, a program is downloaded to them. From that point, they are under the control of the intruder.

If a computer has been patched, a malicious program cannot be downloaded directly to it. But the fact that it answers the ping tells the intruder it is there, and that its communication ports are available.

The intruder may then attempt to download a program via spam. If the computer owner opens the attachment, the malicious program will be installed and will open a port. Again, the intruder will have control.

Your firewall is hiding your computer. So the pings are recorded by the firewall, but they are not getting to your computer. That greatly increases your safety. They can't attack you if they don't know you are there.

A good firewall also blocks outgoing transmissions. Some programs, such as Internet Explorer and your e-mail, need access to the Internet. In the course of setting up your firewall, you tell the firewall to let them through.

But other programs, especially spyware, should not have access. In many cases, your firewall will block those transmissions. That may be what you are seeing on the outbound side.

The outbound transmissions also could be a more malicious program. However, since you are using anti-virus software, that is unlikely. Be sure to keep the anti-virus program updated. You can do that on the publisher's site.

I would also download and run Ad-aware or Spybot Search and Destroy. They will find and delete spyware. Update these programs before you run them. Both are free. Get them at:
http://www.komando.com/bestshareware.asp#adware

You can check your system ports on the Internet. Go to Gibson Research and run the Shields Up application. It will tell if your computer is hidden, or if your ports are answering pings. Gibson is at:
https://www.grc.com/x/ne.dll?bh0bkyd2