Home |
Search |
Today's Posts |
#61
|
|||
|
|||
|
#62
|
|||
|
|||
Dee D. Flint wrote:
"David or Jo Anne Ryeburn" wrote in message ... In article , "Dee D. Flint" wrote: I've tried to trap them but the headers and senders, etc are all different. The "From:" lines are likely forged. Many such worms and viruses pick recipients and purported senders randomly from the infected computer's Outlook or Outlook Express address list. If you want to see where the message really is coming from, examine full headers carefully -- specifically, the "Received: from" lines. If you have a suggestion on how to stop them, please let us all in on it. Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. You have touched on the answer, Dee. What computer and software manufacturers have done that is a fatal flaw in their systems is insist that "EVERYTHING HAS TO BE THE SAME" I remember the abuse that I took from PC users because I was running an Amiga for so many years. Installed User Base, PC Compatibility and other mantras were tossed at me and others who dared to use "non-standard" computers like the Amiga and the Mac. But here we are undergoing attack after attack because of what. 95 percent of us are using the same platform, the same OS and the same software. We are going through an computer analog (heh heh) of the Irish potato famine. I do like to draw a parallel between the agricultural monoculture and computer monoculture. Only grow one crop, and you're vulnerable. Whether MS likes it or not, one big step toward a cure (besides them writing incredibly poor software) is for there to be several different types of email software. This software is not to be crippled by all the features that they try to add, with every feature seems to come a new vulnerability. Especially things like IE and Outlook coupling up mailing addys. I personally use only the MS products that I absolutely have to, and will not use their mailing system. I use Netscape for mail, and it works okay. If Netscape were to somehow become the big mail program - which will never happen - I'll switch to something else. But the majority of PC users are unwilling to believe this sort of rationale, as they scramble daily to update their Virus definitions, an other stunts that don't really work too well. After all, there has to be a virus that infect a computer before there can be a definition for it. - Mike KB3EIA - |
#63
|
|||
|
|||
Mike Coslo wrote:
Dee D. Flint wrote: "David or Jo Anne Ryeburn" wrote: "Dee D. Flint" wrote: If you have a suggestion on how to stop them, please let us all in on it. Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. You have touched on the answer, Dee. David is the one who touched on it. The answer *is* to use an OS designed to be secure. Microsoft products are not, while virtually all of the current unix systems are. Some unixes (the ones with open source code, which does not include Apple) do have higher potential for good security than others. The "bang for the buck" argument is proof of it too. If you want a *bang*, then shutdown the *entire* Internet, not just some percentage of the hosts connected to it. The fact is that from the start the Internet itself ran on unix. That is less true today, but it is still true enough that if one could write a virus to knock out unix, one could just shut the Internet off for days. But, of course, it can't be done (or that is exactly what they would be doing). -- Floyd L. Davidson http://web.newsguy.com/floyd_davidson Ukpeagvik (Barrow, Alaska) |
#64
|
|||
|
|||
Roger Halstead wrote in message \
They are mail and newsgroup reader problems and *nearly* all can be prevented by properly configuring said programs. Turn off the ability to read mail in HTML, don't let macros run, disable Java, and above all don't open attachments until after verifying whoever really sent it. This is particularly true if the thing came from some one you know. How many times have you heard some one say, Oh, I don't worry. I only open attachments from people I know. Now there is a prime candidate for a virus. MS operating systems are written for the masses. It depends on your definition of computer literate, but unless you make the definition very lenient there are few computer users who are computer literate. Thats the exact problem as I see it. The *average* e-mail user, who has little on the ball as far as puters is left to the wolves because MS installs all that stuff with all the options wide open. And unless you go and read all the docs to learn how to turn it off, the average user will not even be aware that they are at risk. And you know how many probably read the docs....Yep, about 4.27%...If MS gave a real hoot about protecting peoples security, they would install with it all turned off, and instruct the user to turn on features as or if needed. But nooooooo......The average users first instruction on the problem, or feature that led to the problem, is after they are cleaning out a macro virus. And with a virus like sobigf, you could go for months without knowing you had it , unless someone finally tells you. The sent emails are forged with someone in the address book, or whatever. Then, hummmmm, they finally learn about attachement problems, etc.. It's kind of the same way with the "ports" that MS likes to leave wide open with a default install. The average user won't have a clue his box is wide open. Well, Maybe if he stumbles across Gibson research or whatever... A good majority of the outlook virus problem victims are e-mail readers that could give a hoot about puter OS's, outlook or whatever. They plug it in, and dial up. MS doesn't do them any favors by leaving them wide open to attack, and not even telling them about it in a noticable manner. There are worms out now that need no e-mail connection. They are planting them through open ports I think. I don't keep up with all the "new" OS problems much. I only worry about the one I'm running at the time. MK |
#65
|
|||
|
|||
On Tue, 23 Sep 2003 20:58:45 GMT, Richard Clark
wrote: On Tue, 23 Sep 2003 20:10:55 GMT, Roger wrote: I have a static IP address, would you care to prove how open to attack my system is? Hi Roger, It is not apparent in your headers. 73's Richard Clark, KB7QHC I know, I would have to give it to you. I don't think its quite as easy as you say to "hack" into an NT system, unless the person that set up has no idea what their doing. |
#66
|
|||
|
|||
On Wed, 24 Sep 2003 12:37:37 GMT, Roger wrote:
On Tue, 23 Sep 2003 20:58:45 GMT, Richard Clark wrote: On Tue, 23 Sep 2003 20:10:55 GMT, Roger wrote: I have a static IP address, would you care to prove how open to attack my system is? Hi Roger, It is not apparent in your headers. 73's Richard Clark, KB7QHC I know, I would have to give it to you. I don't think its quite as easy as you say to "hack" into an NT system, unless the person that set up has no idea what their doing. Hi Roger, So why ask in the first place? 73's Richard Clark, KB7QHC |
#67
|
|||
|
|||
On Wed, 24 Sep 2003 15:53:56 GMT, Ken wrote:
Richard; Your statement is in reference to systems that have been infected by a virus or worm. The O/S has nothing to do with who the virus's are sent to. I set up several e-mail accounts on yahoo and posted to several groups. I did pick a subject that would generate responses, after 7 or 8 hours the e-mail accounts were filled with messages with the virus attachments. I don't use Microsoft products, So I don't know how Outlook handles replies to usenet posts. That is, if it treats it as an E-mail address and adds it to an address book. Although its possible that the subject I picked could have upset a few enough to intentionally send me an E-mail with a attached virus, I would tend to think that its based on address books. I have set several more accounts up on Yahoo, trying to narrow down which groups seem most prone to generating virus e-mails. Ken Hi Ken, Yours is simply the same chorus before you: "It ain't about MS." You then snap the rug from under yourself (how do you do that?) by saying virus (what does a virus infect except an OS?). It is the height of denial to portray these attacks as coming from an individual sitting in the bedroom sending emails, or a group of closeted individuals pushing send buttons. That traffic would be snuffed so fast where MS would have sheriffs at their door in a millisecond. A virus by definition infects the OS. There are many out there built into the backbone of the internet. Some are router only OS's, others are Linux machines, Unix machines, Sun Machines, and certainly MS machines. Does it take Rocket Surgery to diagnose that of those, one OS source (fill in the blank) in particular has been announcing security failures in their designs (and I am not talking about the ubiquitous OE/IE problems so many snuggle up to as it nibbles into their tender flesh) 2 a week? This is up from an average of once a week for at least two years. If the backbone escaped attack (and it is certainly more geared for following events than users are); it follows someone ELSE's machine has become infected and is acting in part of a conspiracy to accomplish this work through proxy. Guess what they have as an OS? Care to wager it is an unprotected system that has been requiring patches on a weekly basis for years? All of this is classic symptomatology of recent attacks and hardly a novel concept drug up from the deep recesses of my paranoia. There are two classes of MS users. Those who are infected but live through its effects without obvious harm (except for lost bandwidth capacity they blame on "general conditions"). A century ago they would go by the name Typhoid Mary. Then there are those who are infected but are being hammered by the virus AND spreading infection. There is a third and fourth class that barely wiggle the digits: the lucky and the smart. Eventually, through Darwinian thinning, the smart population will become dominant, but only if they can crawl over the mountains of corpses that litter the -ahem- netscape. 73's Richard Clark, KB7QHC |
#68
|
|||
|
|||
On Wed, 24 Sep 2003 18:30:16 GMT, Ken wrote:
Richard Clark wrote: Richard; Hope you don't mind if I respond to each part of your post? Not if you don't object to my clipping extraneous material here. Yours is simply the same chorus before you: "It ain't about MS." Really? Where did I say that? I don't even use Microcrap, why would I defend them? I cannot speak to your motivation. I can respond to its appearance however. "The O/S has nothing to do with who the virus's are sent to:" Which it TRUE! Perhaps so, but hardly a subject that merits discussion unless this is a recovery group where we all talk about feelings. I don't use windows and have a bunch of e-mails with virus's in them. Well, do they present an issue vis-a-vis the virus, or simply the quantity of mail clogging things in general? You don't offer much to separate what issue you are responding to. I think you miss read what I was saying, or maybe I didn't make myself clear. Your system doesn't have to be infected to receive a bunch of E-mails with the virus. Everyone was complaining about the number of virus e-mails they were receiving. That doesn't mean that their system is infected. It does mean that an infected Microsoft system sent them. Is that better? Perhaps. I see nothing to consider except to observe that those who have suffered are likely candidates for spreading the same contagion. You implicitly offer you are not one to be part of that vector, but again you've offered nothing in that regard to distinguish what it is that brings you forward. I am reacting to those who think that all danger is external (the fuzzy warm feeling that if there are miscreants mining newsgroups for names and addresses, then our sufferers are not part of the problem); nothing could be further from the truth. Didn't mean to upset you Richard, it sounded like you wanted to discuss where the list of e-mail address's were coming from that had virus's sent to them. Do you repond to all posts in such a manner? My first post to you and respond like I have been arguing with you for the past 2 weeks. I doubt that you even bothered to read the rest of my post after you saw the O/S part of it. And yet you have nothing to offer about where they came from. Every post made is an act of personal choice. If you choose my observations as an issue, I respond to that. If you choose where the list of e-mail address's were coming from that had virus's sent to them. then you would have offered that in your post. You did not. I cannot respond (or actually I hesitate) to my projections of what I think you want. Others here do that quite well - generally that is very unsatisfactory dialog (being one-sided and all). I have offered both points of view throughout this thread, you have not responded to where I presented the discussion of news group mining. Again that is a personal choice of yours for which I am not in a position to dictate. You presume I want to discuss where the address's are coming from. Actually no, I have no interest in that at all. It would seem even fewer of the complainants here do either. I observed earlier that rraa does not appear to have been mined for any list. I also observed that if newsgroups were being mined, then those sufferers apparently became part of the contagion somewhere else, or through some other activity. Absolutely no one has stepped forward to enumerate their other activities (public health goes down the crapper in such times if other activities reveal the vector). To this point, today, I have received only 7 emails, all of which triggered the usual porn filtering mechanism. That is fairly typical for my public exposure here, and I participate in a dozen odd other groups to notice that discussion of this virus is a wholly alien subject. This, to me, suggests that the premise of newsgroup mining is so much looking under the bed for monsters. I have corresponded with one here who posts to one technical group that is heavily trafficked by potential miscreants (or so is my presumption by his description) and I would speculate, yes, any open address in that group (especially if you respond to those with an attitude) is a target of opportunity. But just what does a target offer? A new vector of infection, and if that target is practicing anti-viral lifestyles, that presents a fairly limited contagion that barely rises above sniffle. Just one not practicing an anti-viral lifestyle has, through MS products, the capacity to spread infection like a firestorm. Hence, it doesn't really matter where the address's are found, there are 30000 different groups that need only offer a thousandth of a percent hit rate to cascade into millions. 73's Richard Clark, KB7QHC |
#69
|
|||
|
|||
On Thu, 25 Sep 2003 00:21:53 GMT, Ken wrote:
Richard Clark wrote: Richard; Sorry, I didn't mean to come across like I did. Can I blame it on a bad day at work? I had scanned through the messages and thought I had seen were you had an idea where the E-mail addresses came from. Thats why I wrote to you with what I had found out, looking for your input and ideas. If I knew more about how outlooks address book work, I think I have a pretty good idea where the address's are coming from. I apologize for the way I acted toward you Ken Hi Ken, I took no slight. Further, I did, as you described, hit you like this was going on between us for two weeks - just my nature. Some forgive me, others don't, the rest don't care as long as it makes for good theater. There's every chance they (the names and addresses) are mined off the newsgroup participants. These things have to start somewhere. However, what feeds them is what I am interested in (being potential fodder), and when simple maintenance can snuff a bug, and many would rather suffer through it without dignity - then I don't offer much sympathy and tea. To this point in time today, only 10 trash canned items. I don't expect it is anything more than luck that there are these few as it has nothing to do with being hit, but rather by who threw the blow (actually the why). 73's Richard Clark, KB7QHC |
#70
|
|||
|
|||
I have created email addresses that have never been exposed to the net or
the web. The ones using regular words get hit sooner and more frequently that the ones using random alphanumeric characters. Can you say ViralSpamBot? But..... What I want to know is...... ......why? Is life THAT boring? 73 H. |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|