Home |
Search |
Today's Posts |
#41
|
|||
|
|||
I was getting several hundred of these a day. I got the idea to take my
email address out of my Chat group profiles, just in case some hacker software was 'harvesting' email addressesfrom these sites. When I removed my email address from the Yahoo Chat groups I was subscribed to, the spam seemed to stop dead in its tracks. All has been quiet for some time now. Coincidence?? Joe W3JDR "Bob Miller" wrote in message ... On Sat, 20 Sep 2003 18:42:36 -0000, "David Robbins" wrote: "Steve" wrote in message om... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. you must not have many friends who have you in their address book... i got about 1000 overnight last night and about 2500 the day before. I only get about 3 or 4 emails a week from the spammers. Mostly about penile enlargement, for some reason. I recently changed my email address, and set my ISP email anti-spam filter to "light". That sure cut down on the email. I also have no firewall and no anti-virus protection, but the computer works fine, day after day, regardless of how much I get on the Internet. Bob k5qwg |
#42
|
|||
|
|||
"Ken Bessler" wrote in message ... "Zoran Brlecic" wrote in message ... Bill wrote: "bright Indian programmers" do not exist. If you are going to count on that craphole of a place to produce anything usable, then you have a hard wake up coming. A nation without flush toilets is hardly technologically advanced to write an OS of any merit...just think...those idiots have nuclear weapons...probably aimed at themselves. Funny... some people would claim the same about trailer trash rednecks like you. Next he'll point out that Chandrasekhar was not *really* Indian. Admittedly he was not a programmer but was a fairly bright person. |
#43
|
|||
|
|||
On 22 Sep 2003 15:52:11 GMT, "Dick Carroll;"
wrote: Is is not correct to say that Windows was left vulnerable so that other computers can deliberately enter and assess remote computers for various reasons, such as determining whether or not the copy of the OS in use had been properly :"registered" before issuing updates? I'm not a programmer but it seems that might xerainly be a very good reason. In other words, all these security "holes" are perhaps not accidental. When a virus writer takes advantage of one of them the "patch" issued to "fix" it mught just be specific to that particular violation, instead of permanently taking care of the problem. I know that the Windows series is an extremely complex piece of work, but the virii issuers seem to have little trouble finding cracks that Bill's programmers couldn't anticipate.. Dick Hi Dick, Your claim I'm not a programmer Should have been the point where you stopped writing. The security holes are not inadvertent mistakes that anyone could have suffered in the face of such a monumental work as Windows. These holes (and I am not talking about the current round of affairs, as neither was J. McLaughlin) are deliberate design "features" that Chairman Bill and MS claim to be what the user population clamor for. In other words, insecure software is being deliberately constructed and sold for the express purpose of satisfying Market issues. MS is quite blunt in this admission, and aggressively so! Many years ago, the computer community bewailed MS's determination to allow raw sockets to be made available at the user level. As you are "not a programmer" you probably never heard this debate, and yet it is part and parcel to the features of insecure design. MS snubbed the security experts (Not Invented Here syndrome) and went their own way - the body count over those same years testify to it in the millions. Unfortunately the income measures in the billions and security is buried in the digits with the corpses of dead machines. The feature called DCOM is so insecure, that it leads the way in current hacker fields of delight. DCOM is a patchwork quilt of an older Marketing concept called COM (which has been largely ignored by software professionals such that MS tried to "sex" it up by adding a "D" to make it "Distributed," yet another Market slide) which in turn was spun off from OLE. All of these have technical basis in implementation, but were designed in whole ignorance of security requirements. You have absolutely no need for DCOM, and yet as a service to you MS has deliberately left access to it on your machine open to anyone on the internet. None of these issues are trivial. None of them require poking and prodding to discover or crack. None of them came without advanced warning (and one site has had fixes months in advance of MS). None of them were designed by accident, or through the misfortune of Windows being too complex to debug 100% faithfully. What is worse, MS even submitted a security patch in the last two weeks that did not work! Making allowances for them is generous in the extreme. I note that you post from a revolving IP, such that if you had not, I could have connected to your machine to give you a demonstration of how open you are to attack. It involves a command built into NT that is designed EXPRESSLY to allow me to do this! I don't need hacker tools, just a DOS session and the command line interpreter will do the rest. If you ever consider moving up to townsqr's hi-speed connectivity, you better get these on-ramps to your system controlled! 73's Richard Clark, KB7QHC |
#44
|
|||
|
|||
David Robbins wrote: "Steve" wrote in message m... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. you must not have many friends who have you in their address book... i got about 1000 overnight last night and about 2500 the day before. My guess is, they're getting addresses from newgroups. ac6xg |
#45
|
|||
|
|||
Jim Kelley wrote:
David Robbins wrote: "Steve" wrote in message m... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. you must not have many friends who have you in their address book... i got about 1000 overnight last night and about 2500 the day before. My guess is, they're getting addresses from newgroups. That has been confirmed. -- "I cannot imagine what it's like to know nearly everything about systems and have to deal, daily, with people who know nearly nothing about systems. It's like being a cosmologist at an astrology convention)...." -- James Lileks |
#46
|
|||
|
|||
Roger Halstead wrote in message
I would respectfully suggest that you upgrade to one of the later versions of Netscape. 3.1 is about as open to giving out your information as any produced. I only use it to read mail. I don't browse with it. Besides, thats a different issue than the micro viruses being discussed. P.S I have newer versions of netscape. KInd of like playing cards. Take your pick. It's a knee jerk reaction to blame the OS (which do have lots of holes in them), but in reality the blame for well over 90% of the problem comes directly from us...the users. No, it's not a knee jerk reaction. The OS security problems I refer to have nothing to do with the discussed macro viruses. They are altogether different problems. Just as serious though. Probably more so. The new ones are no worse than 98, or 98 SE. They sure are no better. I would say worse....But, it's not really important. I don't have any trouble with any of these worms, viruses, etc. So anything I say can hardly be called a knee jerk reaction. I have plenty of unmolested time to think about it. MK |
#47
|
|||
|
|||
If you're so sure about your 'invulnerability', why do you have seven
email filters? Try turning them off and see what you get. ;-) jk Richard Clark wrote: On Mon, 22 Sep 2003 17:52:22 +0000 (UTC), (Mike Andrews) wrote: My guess is, they're getting addresses from newgroups. That has been confirmed. Hi Mike How? I've been a participant here for years with my address freely available. Not one hit from this virus, not even 30 emails during the entire period and only one (1) at the peak. Other correspondents here complain of 1000's in a single day, and 10MB mail storage being saturated. Do you have a link to an authoritative site that offers evidence of your statement? 73's Richard Clark, KB7QHC |
#48
|
|||
|
|||
You seem to have missed the point. The particular operating system you
happen to run has nothing to do with whether or not viruses are sent to your email address. 73, Jim AC6XG Richard Clark wrote: On Mon, 22 Sep 2003 11:43:30 -0700, Jim Kelley wrote: If you're so sure about your 'invulnerability', why do you have seven email filters? Try turning them off and see what you get. ;-) jk Hi Jim, I have, same old spam conforming to exactly what the filters were designed to weed out. I had to wait quite a while for any to come in. You think one filter would do it? Now there's dreaming in technicolor and surround sound. Among the 7, several cover 26 common explitives and variants of their spellings (using a unix style of expression to describe them such as X* where the star denotes 0 or more repetitions of the character X; I do the same thing with $*). This sure beats the MS method of hotmail security where you have to list every single person you trust (what a crock) if you want to keep out the universe of smut. Methinks their MSN butterfly is on the verge of intellectual extinction. Of the others, I reject mail not addressed to me (a no brainer - eh?). Agent would allow me to combine them all into one filter (a dream come true?), but why bother. Most programming errors are caused by logical statements that are so vast and cryptic that they are impossible to read coherently - like any of 600 postings made by Cecil. ;-) Anyway, I have been engaged in a series of emails since this last posting (with Mike) where he is averaging 1 hit a minute, and me none for this entire time. By his accounts, it is from newsgroup harvesting, and it would seem the majority of sufferers here picked up the infection somewhere else (not rraa). Of the dozen odd other groups I follow, this topic is alien to correspondents who show no signs of infection. So, Jim, how have you fared during the deluge? 73's Richard Clark, KB7QHC (with only 1 spam today) |
#49
|
|||
|
|||
On Mon, 22 Sep 2003 12:41:50 -0700, Jim Kelley
wrote: You seem to have missed the point. The particular operating system you happen to run has nothing to do with whether or not viruses are sent to your email address. 73, Jim AC6XG Hi Jim, I rely on the evidence of testimony here. 80% of the correspondents who are also sufferers are using IE/OE in some form of Windows (hard to do it otherwise). The servers (at least mine at Comcast which have been infected by Blaster and infected my outgoing mail) are MS products. MS products and OS's contain documented and autopsied problems that support such virus activity. I also use MS products (but certainly not their lame internet applications). I have never performed a security upgrade, but instead have simply disabled those faulty modules that they circulate as product enhancements. Tools for such activity may be found at: http://grc.com/default.htm which provides more news and resource than all the nonsense wishing away nightmares. In that page's update TODAY is the warning: "Many security watchers believe that a new worm, not unlike "MSBlast" which targeted the previous DCOM/RPC vulnerability, is virtually inevitable." How many here even comprehend what DCOM is? Are we to be treated to a new chorus of whines about how the ghosts of the internet haunt them? I've had this problem fixed (courtesy of the same site) for several months. Have you taken precautions? (I note you failed to respond to my query about how you've fared through this latest attack.) I can say without fear of contradiction that particular operating systems (MS) are obviously correlated through history and actuality. I also host a server on a fixed IP (http://12.230.78.56/) that has surfed through all these disasters and still winging right along unfazed. It supports an uncrackable OS simply because my net log reveals no one is looking for anything but MS code. The only thing that will crash it will be the log filling up (but no one is going to find an executable to run - too many clowns and not enough ringmasters). As to having missed the point, I offer that part of my message you missed reading: Anyway, I have been engaged in a series of emails since this last posting (with Mike) where he is averaging 1 hit a minute, and me none for this entire time. By his accounts, it is from newsgroup harvesting, and it would seem the majority of sufferers here picked up the infection somewhere else (not rraa). Of the dozen odd other groups I follow, this topic is alien to correspondents who show no signs of infection. These other users were also clearly (through header examination) MS users. They were clearly not sufferers. That, or the Darwinian mechanics thinned them out without chance for recovery (another MS commonality) to complain, warn, or join in chorus of whine. 73's Richard Clark, KB7QHC |
#50
|
|||
|
|||
On Mon, 22 Sep 2003 16:36:51 GMT, Richard Clark
wrote: snip Should have been the point where you stopped writing. The security holes are not inadvertent mistakes that anyone could have suffered in the face of such a monumental work as Windows. These holes (and I am not talking about the current round of affairs, as neither was J. McLaughlin) are deliberate design "features" that Chairman Bill and MS claim to be what the user population clamor for. Richard, you reminded me of things I had long forgotten. I've been around this stuff since before there was a Microsoft. I purchased my own PC in 1979-1980. We called them PC even before IBM was given the copyright...much like MS and DOS. sigh In other words, insecure software is being deliberately constructed and sold for the express purpose of satisfying Market issues. MS is quite blunt in this admission, and aggressively so! Many years ago, the computer community bewailed MS's determination to allow raw sockets to be made available at the user level. As you are "not a programmer" you probably never heard this debate, and yet it is part and parcel to the features of insecure design. MS snubbed the security experts (Not Invented Here syndrome) and went their own way - Although I'm not an MS booster, I've had to use it to stay compatible over the years. I do take exception to their ethics and lack there of. OTOH, as much as I hate to admit it, I truly believe that had MS not gone for the "Market" we wouldn't have the abilities we have today. And...yes that can be taken two ways and both are correct. sigh the body count over those same years testify to it in the millions. Unfortunately the income measures in the billions and security is buried in the digits with the corpses of dead machines. The feature called DCOM is so insecure, that it leads the way in current hacker fields of delight. DCOM is a patchwork quilt of an older Marketing concept called COM (which has been largely ignored by software professionals such that MS tried to "sex" it up by adding a "D" to make it "Distributed," yet another Market slide) which in turn was spun off from OLE. All of these have technical basis in implementation, but were designed in whole ignorance of security requirements. You have absolutely no need for DCOM, and yet as a service to you MS has deliberately left access to it on your machine open to anyone on the internet. None of these issues are trivial. None of them require poking and prodding to discover or crack. None of them came without advanced warning (and one site has had fixes months in advance of MS). None of them were designed by accident, or through the misfortune of Windows being too complex to debug 100% faithfully. What is worse, MS even submitted a security patch in the last two weeks that did not work! Making allowances for them is generous in the extreme. I guess I'd have to be generous and say I doubt they released the patch that didn't work on purpose...It's bad for their image. I note that you post from a revolving IP, such that if you had not, I could have connected to your machine to give you a demonstration of how open you are to attack. It involves a command built into NT that is designed EXPRESSLY to allow me to do this! I don't need hacker tools, just a DOS session and the command line interpreter will do the A few years back, I was receiving an inordinate number of viruses which more correctly were mostly worms. I'd take the IP and head for what looked like the culprit in the above manner. I verified that was the source and then sent them an e-mail, or looked up the phone number and called. True, I didn't track all that many down, but I still found a bunch and those e-mails had given me the machines address. Back them dynamic IPs were the norm, not the static IPs on the broadband of today. BTW, many of those systems would have been very easy to log in as I was basically in the same position as any user when they are at the boot up screen. OTOH, I had no desire to root around in someone else's system and particularly if it most likely had a virus. I can't imagine going on the net with an MS system without a firewall, virus checker, "cookie cruncher" and "SpyBot". I don't use MSs firewall either and I avoid "Passport" like the plague. IF MS would just set the defaults to off, it would be a big improvement, but their market base wants all that stuff that opens them to the whole wide world. It's not just individuals who want that fancy stuff either. My wife has used one of our computers for several years to keep a large database for a pretty big organization. That database comes with a complete set of macros and VB programming to make it user friendly. I have the security features now set to prevent that stuff from running automatically. If they want her volunteer time they are going to have to create a stand alone program to use the database as our system now strips that stuff off on receipt. Maybe it's overkill, but I don't like the idea of a program having the ability to run macros and VB when it is opened. Either is quite capable of doing any operation on my computer that I can and probably no few that I don't even know about and my degree is in CS. rest. If you ever consider moving up to townsqr's hi-speed connectivity, you better get these on-ramps to your system controlled! It's interesting to sit here was watch port probes repeatedly move through the list trying to find a way in. If I did not have a fire wall they'd be in on the first try. One day I saw a familiar address as the source of the probes. I called my ISP and asked them to check out an IP that was probing my machine. There was a long pause and then the exclamation..."That's one of OUR IPs"! "Yah, I know...I think you guys have picked up a termite." To top it off I use multiple layers of isolation and they were still probing the one machine. Just the one, none of the others. So, from the marketing standpoint the MS approach has been extremely successful, but a disaster from the security standpoint. OTOH, had some other system such as LINUX, or UNIX been adapted to a user friendly GUI (I mean man-on-the-street friendly) No system is completely invulnerable, but I wonder what the state of the art for users and security would be had a more secure route been followed? Would the industry have progressed as fast? would redirected energy from crackers eventually have created as much of a problem? Would we have near as many people capable of interacting world wide? All hypothetical questions as there is really no way of answering "what ifs". What we do know beyond the history is that the "ordinary" users are not truly computer literate and no amount of education and training is going to make them give up those fancy features that open their computers to the whole wide world and I don't mean internet. Roger Halstead (K8RI EN73 & ARRL Life Member) www.rogerhalstead.com N833R World's oldest Debonair? (S# CD-2) 73's Richard Clark, KB7QHC |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|