I had the scare of my life today while going a scan of my system using grc.com While my router's being repaired / replaced I've had to connect my PC directly to the Cable Modem and then share Internet via the WLAN card in my box. So everything has been working fine and for some reason or the other I decide to do a port scan at grc.com
Started off well and all the green box's were there and then suddenly my eye caught this red blob ... think my heart skipped a beat for that second, but the worst was still to come. Moved the mouse over the red blob and it said port 999 was open - huh? What was this used for?! Did a google and came across a few articles explaining that the port was used by the "Deep Throat" key logger. Ouch. I almos died.
Worst thing was that I had just logged into my Internet banking not a moment before. So I ran ad-aware and it found nothing so back to the google results and wham - ActiveSync uses that port as well! So I switched off the PDA, re-scanned with grc.com and all ports are in stealth mode. Switch the PDA back on and scan again and port 999 was now exposed!
I can't tell you how relieved I was to find out that there was no actual key logger on the system... I try to be as safe as possible and use random passwords for each site but having a piece of spyware on the system could have made all of that null and void.
Andy pointed out that he usually has a text file full of characters and use copy/paste to build up usernames and passwords from it. Damn good idea.