Xp Protection Center is Another Rogue Cloning Windows Xp

It’s become one of the oldest tricks in the book. Rogue security programs like XP Protection Center have become rather fond of pretending to be a part of the Windows OS. It’s time to set the record straight.

XP Protection Center, despite its deceptive skin, bears no real resemblance to the actual XP Security Center. Even if it was an actual protection program, XP Protection Center just doesn’t act...

like the real thing.

First of all, the XP Security Center only monitors certain security features on your computer. It lets you know that your Firewall, Automatic Updates and Antivirus Program are running and working correctly. Unlike XP Protection Center, it does not tell you whether or not you’re infected.

Actually, XP Protection Center only tells you that you’re infected once it infects you itself. This whole process goes further, far beyond the scope of the real XP Security Center. The real thing is preinstalled on your computer, and you don’t have to pay for updates or upgrades. You may never see it unless you open it in the Control Panel.

With XP Protection Center, however, it pops up once you’re infected. It does a scan, telling you that your temporary files are infected. In reality, your temporary files are almost never infected. They’re only your Internet browsing history.

Then XP Protection Center tells you that you need to buy the upgrade to kill your infection. You would never see this with the real Security Center. Of course, if you buy it, you open up a whole different can of worms.

If you buy the XP Protection Center “upgrade,” you get a junk program for an insane amount of money. Not only that, but you might have more problems with your credit account. It has been known to happen that whoever is running this program can take every cent out of credit accounts. Unfortunately, they can’t be touched by the United States legal system.

You may also notice that the XP Protection Center web page isn’t on the Windows website. If you weren’t suspicious about it before, this should really clue you in. With Windows products, you will only go to the Windows page.

The biggest difference between the XP Protection Center and the real Security Center is that the first is a bundle of spyware, while the second is a monitoring program that’s part of the Windows OS. The scanning pop up is an old spyware trick, as is the browser redirection. These are all delivered by a Trojan Downloader spyware program called Zlob.

Also, you only get the real XP Security Center as part of your Windows XP Operating System package. You can only get XP Protection Center from infected websites and corrupt downloads. There’s a world of difference in that alone.

Before you even see the fateful pop up screen, you should get a real antispyware program. It should be complete with removal and prevention. Even better, try looking for a 100% removal guarantee, since not all antispyware programs are the same.

Sample Configuration R1 and R3

In this moment, we will be using a simple three router network, as shown in the figure. R1 and R2 share a common 172.16.0.0/16 network with 172.16.0.0/24 subnets. R2 and R3 are connected by the 192.168.1.0/24 network. Notice that R3 also has a 172.16.4.0/24 subnet that is disconnected, or discontiguous, from the 172.16.0.0 network that R1 and R2 share. The effects of this discontiguous subnet will be examined later in this chapter when we look at the route lookup process.

Loopback Interface

Notice that R3 is using loopback interfaces (Lo0, Lo1, and Lo2). A loopback interface is a software-only interface that is used to emulate a physical interface. Like other interfaces, it can be assigned an IP address. Loopback interfaces are also used by other routing protocols, such as OSPF, for different purposes. These uses will be discussed in Chapter 11 OSPF.

In a lab environment, loopback interfaces are useful in creating additional networks without having to add more physical interfaces on the router. A loopback interface can be pinged and the subnet can be advertised in routing updates. Therefore, loopback interfaces are ideal for simulating multiple networks attached to the same router. In our example, R3 does not need four LAN interfaces to demonstrate multiple subnets and VLSM. Instead, we use loopback interfaces.

RFC 1918 Private Addresses

You should already be familiar with RFC 1918 and the reasoning behind private addressing. All the examples in the curriculum use private IP addresses for the inside addressing example.

The RFC 1918-compliant addresses are shown in the table. But when IP traffic is routed across WAN links through an ISP, or when inside users need to access outside sites, a public IP address must be used.

Cisco Example IP Addresses

You may have noticed that the WAN links between R1, R2, and R3 are using public IP addresses. Although these IP addresses are not private addresses according to RFC 1918, Cisco has acquired some public address space to use for example purposes.

The addresses shown in the figure are all valid public IP addresses that are routable on the Internet. Cisco has set these addresses aside for educational purposes. Therefore, this course and future courses will use these addresses when there is a need to use public addresses.

In the figure, R1, R2, and R3 are connected using the 209.165.200.224/27 Cisco public address space. Because WAN links need only two addresses, 209.165.200.224/27 is subnetted with a /30 mask. In the topology, subnet 1 is assigned to the WAN link between R1 and R2. Subnet 2 is assigned to the WAN link between R2 and R3.

What is Variable Length Subnet Masking (VLSM)

Variable Length Subnet Masking (VLSM) allows the use of different masks for each subnet. After a network address is subnetted, those subnets can be further subnetted. As you most likely recall, VLSM is simply subnetting a subnet. VLSM can be thought of as sub-subnetting.