Searching \ for '[OT:] Worm' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=worm
Search entire site for: 'Worm'.

Exact match. Not showing close matches.
PICList Thread
'[OT:] Worm'
2003\08\07@110956 by Dennis Crawley

flavicon
face
It will spreads fast.
The worm specs:
securityresponse.symantec.com/avcenter/venc/data/spam_OUTw32.mimail.aTakeThisOuTspammm.html
The free tool:(cut & paste)
securityresponse.symantec.com/avcenter/venc/data/.....w32.mimail.aKILLspamspam@spam@mm.remo
val.tool.html

Regards,
Dennis.

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\08\07@114229 by Art

flavicon
face
But, microsoft says it applies to outlook express only!

Many users don't bother with microsoft 'free' programs because of proven
vulnerability and because the patches don't always work as advertised.

We are considering dumping Office 2000 due to this problem and have never
used microsoft web browser or other utility programs.

Good luck to all.

At 12:08 PM 8/7/03 -0300, you wrote:
{Quote hidden}

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\08\07@203812 by Jake Anderson

flavicon
face
I don't know maybe I'm just special or something.
I run OE6 IE6 and office 2k, I let windows update run automagically on all
our PC's (2x win2k server 1x2k pro) and never have a problem. I get sent
about 5-10 viruses a day, about once a month I run the virus scan off
Symantec's website and I've never ever had a virus.

Honestly I don't see the problem everybody else seems to have.
{Original Message removed}

2003\08\07@222921 by Alexandre Souza

flavicon
face
> But, microsoft says it applies to outlook express only!
> Many users don't bother with microsoft 'free' programs because of proven
> vulnerability and because the patches don't always work as advertised.
> We are considering dumping Office 2000 due to this problem and have never
> used microsoft web browser or other utility programs.

   Art, I **never ever ever** had a virus on my machine. Yep, I'm saying
NEVER. I use Outlook Express 5 and AVG Antivirus free, with the Outlook
plugin activated and daily actualization of the virus data base.

   Never had anything. Works like a charm. It is just a matter of having a
GOOD antivirus (AVG) and a GOOD setting of the default options (restrict
every internet zone).


---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.507 / Virus Database: 304 - Release Date: 04/08/03

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\08\08@095029 by Sergio Masci

picon face
----- Original Message -----
From: Alexandre Souza <EraseMEalexandre-listasspam_OUTspamTakeThisOuTE-SECURE.COM.BR>
To: <PICLISTspamspam_OUTMITVMA.MIT.EDU>
Sent: Friday, August 08, 2003 3:33 AM
Subject: Re: [OT:] Worm


{Quote hidden}

I had AVG 6 on my machine. Worked fine for several months, then it got upset one
day while trying to update itself. Every time I tried to update after this it
would crash the machine. I tried uninstalling and re-installing, tried newer
versions of 6 without updating, just kept crashing. The time it was costing me
became a joke, plus the fact that I couldn't be sure it was actually protecting
my machine from infection, caused me to disable it. Within a few weeks of this I
was bit by the bugbear worm (look back in the piclist archives for the last week
or so and you'll see some very polite finger pointing in my general direction)

Prior to this I used McAfee, had some very bad experiences, switched to
pc-cillin had more very bad experiences. Now I'm on AVG 7 and waiting for more
shit to happen!

Regards
Sergio Masci

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email @spam@listservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@085410 by Howard Winter

face
flavicon
picon face
Sergio,

On Fri, 8 Aug 2003 14:49:08 +0100, Sergio Masci wrote:

>...<
> I had AVG 6 on my machine. Worked fine for several
months, then it got upset one
> day while trying to update itself.
>...<

> Prior to this I used McAfee, had some very bad
experiences, switched to
> pc-cillin had more very bad experiences. Now I'm on
AVG 7 and waiting for more
> shit to happen!

I like Norman Virus Control (http://www.norman.com), I've never
had any problems all the while I've been using it, it
finds the occasional virus-containing attachment that
I've had on a Spam email, and it's available for OS/2
(as well as Win-xxx), which makes it a winner for me!

They also seem to be very fast at detecting new viruses
and putting out updated scanners when they have.

Cheers,

Howard Winter
St.Albans, England

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email KILLspamlistservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@091905 by Sergio Masci

picon face
> Sergio,
>

<snip>

{Quote hidden}

Thanks Howard, I've bookmarked the site and will have a look at it when I get 5
minutes.

Regards
Sergio Masci

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservTakeThisOuTspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@120109 by Morgan Olsson

flavicon
face
I have been using Kaspersky for years sucessfully.
Daily updates, quick download.
It won a test in swedish magazine (R&R), use to score very high in real tests.

http://www.kaspersky.com

They have Linux version too (that still check for MS viruses...)

I have never experienced or heard of any incompatibility, nor any illegal marketing tricks.
(Both issues have been presented with both Norton and McAfee antiviruses. (faked tets, illegal agreements), and i also regret instaling Norton at a customer.. ARrgH!! )

/Morgan

Howard Winter wrote 14:53 2003-08-13:
{Quote hidden}

--
Morgan Olsson, Kivik, Sweden

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email TakeThisOuTlistservEraseMEspamspam_OUTmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@120322 by Dennis Crawley

flavicon
face
> They also seem to be very fast at detecting new viruses
> and putting out updated scanners when they have.
>
> Cheers,
>
> Howard Winter
> St.Albans, England

I disagree. The small network administration becomes a big pain. The users
don't realize that Real Player, Lotteries, Auctions, Kazaa; Messenger, ICQ,
URLs, etc destroy every single defense you put to protect the Intranet. The
most efficient antiviral I found is a slow chat with the user, telling
her/him: "the next thing you install with out my authorization, you are
FIRED!",..."The next forbidden URL you *see*, with out consulting me, you
are FIRED",... it works. (Although, I don't have such authority :))

I've noted that Live Update, like most upgradable softwares, do upgrade on
Wednesdays. Well, the worms are generally lunched on Thursdays! So we solved
the problem upgrading manually on Thursdays in the morning and on Fridays at
noon.

Since the users still on Windows 98, ME, etc, I made a batch to erase the
content of \Temp, \Temp.internet files, win386.swp, all the cookies (The
batch restore some), etc. I test the ports with *shields-up* from grc.com
and run ad-aware from http://www.lavasoftusa.com

I've noted, also, that free software comes with hide connections, like Real
Player, Acrobat Reader, Babylon, etc. Licensed software like Windows,
Office, and bunch more do the same or tell URLs if they are installed. I
hate this traffic.

Dennis.

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservspamTakeThisOuTmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@124431 by Alexandre Souza

flavicon
face
> I disagree. The small network administration becomes a big pain. The users
> don't realize that Real Player, Lotteries, Auctions, Kazaa; Messenger,
ICQ,
> URLs, etc destroy every single defense you put to protect the Intranet.
The
> most efficient antiviral I found is a slow chat with the user, telling
> her/him: "the next thing you install with out my authorization, you are
> FIRED!",..."The next forbidden URL you *see*, with out consulting me, you
> are FIRED",... it works. (Although, I don't have such authority :))

   I think it is just plain stupid.

   I use Kazaa, ICQ, mail (yep, outlook express!!!) and web, and NEVER EVER
had a single ocurrence of virus or something like this on my machine.
Nothing like a good antivirus (AVG) and good config of the Outlook. Of
course, a good firewall to block effects of lotteries, date manager,
temperature-dunno-what and like is also good for dumb users. I'm very sorry
of being against your oppinion, but I prefer a well configured environment
that gives freedom to users, instead of a locked-everything-puter with no
freedom to learn, inovate and comunicate.

   Are you relative of Mr. Bush? ;o)))


---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.507 / Virus Database: 304 - Release Date: 05/08/03

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email listservEraseMEspam.....mitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@125502 by Mauricio Jancic

flavicon
face
Ja! I've just finished installing again my Windows XP... Damm WORM and
MSFT! Anyway, I really have lot's of *fun* yesterday upgrading my XP
late to 5 AM in the morning... Now, I'm a ZOMBI....

Come on Dennis, will you deny that is fun to fight those viruses? ;)
Enjoy your actual job, and don't envy other's job's. You might actually
have to do it and you'll love to have you old job back...

:::)))

Mauricio Jancic
Janso Desarrollos
Microchip Consultant
(54) - 11 - 4542 - 3519

{Original Message removed}

2003\08\13@132827 by Art

flavicon
face
>
>
>     I use Kazaa, ICQ, mail (yep, outlook express!!!) and web, and NEVER EVER
>had a single ocurrence of virus or something like this on my machine.
>Nothing like a good antivirus (AVG) and good config of the Outlook. Of
>course, a good firewall to block effects of lotteries, date manager,
>temperature-dunno-what and like is also good for dumb users.


I just installed a firewall and was shocked to see the number of
unauthorized entries it prevented. I just about sh.t!

I was also stunned at all the aps that attempt to communicate over the
internet without asking. Even Word does it!!!!

Avoid Microsoft if possible, use a free firewall and Norton antivirus.

I'm not paranoid, but the recent experience with the firewall has
enlightened me.

Art

PS:I dumped ICQ and Yahoo chat when they could not/would not answer my
questions about security. I suggest everyone do the same.

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email EraseMElistservspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@140354 by Morgan Olsson

flavicon
face
I´ll help with some links to a mix of free/lowcost, some OpenSource, high quality programs:

Art wrote 2003-08-13:
>Avoid Microsoft if possible,

http://www.openoffice.org Like MS Office, plus drawing!, minus mail, so use http://www.mozilla.org for mail and browsing, or my favo http://www.opera.com

Etc...lots of alternatives...

Also all theese above are also in identical looking versions for Linux, so making it easier to leave Windows later :)

> use a free firewall

http://www.zonelabs.com works very nice for me

(While I keep pstign all my favourites i might as well post http://www.irfanview.com too, very nice picture converter...)

> and Norton antivirus.

I had a nightmare with that at customers a year ago.  Resource hog.  Very inefficient update.  Bad result in real unbiased tests i have read.  Support at Autocad told me to ditch it, called it the biggest virus...

Running Kaspersky Antivirus happily for years.

Occasional scan for spyware using adaware http://www.lavasoftusa.com/ is nice if you use some suspicient product you are not sure of wha it is doing.

For getting all of this http://www.getright.com is nice.

/Morgan
--
Morgan Olsson, Kivik, Sweden

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservEraseMEspamEraseMEmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@142438 by Quentin

flavicon
face
Change your ISP, or get your ISP/SysAdmin to run the latest and greatest
Virus/worm/whatever protection software on all the incoming emails.
My ISP has been protecting my incoming for more than a year now. I get
at least one warning a week from them that a virus/worm/whatever has
been send to me and that the email has been blocked/cleaned/quarintined
from some spammer who thought it would be great to send me one (or even
from friends who have been wormed).
I don't scan for viruses or worms on my emails as not one has slipped
through my ISP. I do do occational checks on my system though, I'm not
that stupid.
So, kick your ISP's butt and get them to give you the service you deserve.

Q..

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservspam_OUTspamKILLspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@144134 by Herbert Graf

flavicon
face
> Change your ISP, or get your ISP/SysAdmin to run the latest and greatest
> Virus/worm/whatever protection software on all the incoming emails.
> My ISP has been protecting my incoming for more than a year now. I get
> at least one warning a week from them that a virus/worm/whatever has
> been send to me and that the email has been blocked/cleaned/quarintined
> from some spammer who thought it would be great to send me one (or even
> from friends who have been wormed).
> I don't scan for viruses or worms on my emails as not one has slipped
> through my ISP. I do do occational checks on my system though, I'm not
> that stupid.
> So, kick your ISP's butt and get them to give you the service you deserve.

       Sorry, NO, if my ISP forced that sort of "service" on me I'd leave the next
day. It's NOT up to an ISP to CENSOR my email, I don't what THEM decided
what email is GOOD and what email is BAD, it sets a VERY dangerous precedent
and creates a very slippery slope. TTYL

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservTakeThisOuTspamspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@150247 by Quentin

flavicon
face
>
>
>       Sorry, NO, if my ISP forced that sort of "service" on me I'd leave the next
>day. It's NOT up to an ISP to CENSOR my email, I don't what THEM decided
>what email is GOOD and what email is BAD, it sets a VERY dangerous precedent
>and creates a very slippery slope. TTYL
>
They don't do that. I get all my email, including Spam. But they run all
email through a virus scanner same way your PC does it. They don't
CENSOR my email or decide what is good for me or not. And for every
virus they detect, the let me know anyway, plus try sending me the
original email text content.

Q..

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email EraseMElistservspamspamspamBeGonemitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@154610 by Robert Ussery

flavicon
face
My ISP uses http://www.mailarmory.com. Really good stuff. They filter everything,
and capture spam and viri. Anything they capture is available to me on the
web, but in a secure format, so that any viruses, etc won't get onto my
computer. They're very good about not capturing real email, except for when
some screwball sends me something from a hotmail account with a suspicious
subject line and stupid contents. I check my Mailarmory account about once a
week, just to make sure, but just about everything they take out is genuine
spam or virus-infected.

- Robert


{Original Message removed}

2003\08\13@163041 by Herbert Graf

flavicon
face
> >       Sorry, NO, if my ISP forced that sort of "service" on me
> I'd leave the next
> >day. It's NOT up to an ISP to CENSOR my email, I don't what THEM decided
> >what email is GOOD and what email is BAD, it sets a VERY
> dangerous precedent
> >and creates a very slippery slope. TTYL
> >
> They don't do that. I get all my email, including Spam. But they run all
> email through a virus scanner same way your PC does it.

       I don't let my virus scanner run resident, never have, never will.

> They don't
> CENSOR my email or decide what is good for me or not. And for every
> virus they detect, the let me know anyway, plus try sending me the
> original email text content.

       I guess you see censoring differently, personally I would not stand for
that sort of thing, if a virus is on it's way to me I don't want somebody
else deciding I shouldn't be seeing it. TTYL

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email RemoveMElistservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@170220 by Art

flavicon
face
>
>
>         Sorry, NO, if my ISP forced that sort of "service" on me I'd
> leave the next
>day. It's NOT up to an ISP to CENSOR my email, I don't what THEM decided
>what email is GOOD and what email is BAD, it sets a VERY dangerous precedent
>and creates a very slippery slope. TTYL


WOW, I couldn't agree more! Great minds think alike! Thanks for having the
ooommppphhh to say it in public, hope they don't flame you too badly:>:

Safety starts at home, not at the ISP.

Make sure your software delivers new files to teh desktop (from email,
ICQ/whatever). When you see a new file on the desktop that is not
solicited, drop it in the trash immediately. It is safe there and can be
retrieved if it is later found to be desirable. There are no exceptions.
Email attachments from my wife go in the trash, till she emails and let's
me know what the attachment is about.

Avoid Microsoft ANYTHING, if possible.

Firewall and virus scans are additional safety options, but we lived a long
time without them thanks to our 'safe internet' practice.

Some day I'm going to go to linux, open source operating systems provide
great protection as the source code is reviewed by those who can understand
it and holes and backdoors are quickly recognized and repaired.

Art

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email listservSTOPspamspamspam_OUTmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@173257 by Matt Redmond

picon face
Art Said:

>>>Avoid Microsoft ANYTHING, if possible.<<<

I DO NOT want to get into a pro/anti MS flame war here,
but...

In every case I know of regarding an MS vulnerability
(there have admittedly been many), the sequence of events
was as follows:

1.  A benevolent hacker or a security lab discovers a
problem and alerts MS and the press.
2.  MS immediately investigates and posts either a patch
or instructions on their update site or knowledge base -
usually very quickly.  Subscribers to their security
updates list receive an e-mail immediately.
3.  Some users apply the patches, most do not.
4.  Using the information provided in #1, malicious
hackers create a virus, trojan or worm that exploits the
vulnerability - usually months after it was discovered,
publicized and fixed.

While avoiding vulnerabilities is ideal, one can hardly
expect that millions of lines of code will be completely
bug free.  IMO it is a bit unfair to single out MS - every
other OS has been hacked over and over.

The solution is to keep up with the security alerts and
apply patches as they are released.  ...or I suppose you
could unplug your modem, remove your network card and run
DOS.

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email spamBeGonelistservSTOPspamspamEraseMEmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@173713 by Nate Duehr

face
flavicon
face
> Some day I'm going to go to linux, open source operating systems provide
> great protection as the source code is reviewed by those who can understand
> it and holes and backdoors are quickly recognized and repaired.

Why wait for someday, when you can try it out now, without even removing
your Windows stuff.

If you have access to a CD burner and software that can make bootable
CD's from ISO images... just grab Knoppix from http://www.knoppix.org/
and try it out!  :-)

From the website:

What is KNOPPIX.?

KNOPPIX is a bootable CD with a collection of GNU/Linux software,
automatic hardware detection, and support for many graphics cards, sound
cards, SCSI and USB devices and other peripherals. KNOPPIX can be used
as a Linux demo, educational CD, rescue system, or adapted and used as a
platform for commercial software product demos. It is not necessary to
install anything on a hard disk. Due to on-the-fly decompression, the CD
can have up to 2 GB of executable software installed on it.

Fun stuff...

--
Nate Duehr, KILLspamnatespamBeGonespamnatetech.com

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email EraseMElistservspamEraseMEmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@175415 by Herbert Graf

flavicon
face
> Art Said:
>
> >>>Avoid Microsoft ANYTHING, if possible.<<<
>
> I DO NOT want to get into a pro/anti MS flame war here,
> but...
>
> In every case I know of regarding an MS vulnerability
> (there have admittedly been many), the sequence of events
> was as follows:
>
> 1.  A benevolent hacker or a security lab discovers a
> problem and alerts MS and the press.
> 2.  MS immediately investigates and posts either a patch
> or instructions on their update site or knowledge base -
> usually very quickly.  Subscribers to their security
> updates list receive an e-mail immediately.

       Sorry, no, that is certainly not the case all (or even most) of the time.
There have been many cases where people found an "issue", told Mickeysoft,
and nothing happened, no patch, no announcement. Only after the "issue"
started to cause problems did Mickeysoft START to do anything about it.

       While Mickeysoft HAS been better on this front, lately, they still have
much to learn. TTYL

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email @spam@listserv@spam@spamspam_OUTmitvma.mit.edu with SET PICList DIGEST in the body

2003\08\13@181906 by Dennis Crawley

flavicon
face
from: "alexandre souza"
>     Are you relative of Mr. B...? ;o)))

I have deleted many answers and jokes to your post; ramifications are
dangerous :)


Regards,
Dennis Crawley
Argentina

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email spamBeGonelistservspamKILLspammitvma.mit.edu with SET PICList DIGEST in the body

2003\08\14@043244 by Morgan Olsson

flavicon
face
Matt Redmond wrote 23:32 2003-08-13:
>IMO it is a bit unfair to single out MS

I thought so before.

But it seems they insist on incorporating more features, and ship too early, than they can handle.  Seems like they rely on other doing the security tests, and think bad publicity also is good publicity.  Maybe it *is* that unfortunate as i more often hear of MS problems, than of other vendors solutions...

I think WinNT systems are pretty good, but when installing other MS products into windows it is like installing virusloaders, not o mention incompatability and lock up in secret fileformats.

Other vendors products does not by *far* have the same security issues as Microsofts office, mail and wwwbrowser applications, and swtitching to othe rbrands is nowadays easy, and most often cheper, better support, open documentation, can run on other OS (Linux, MAC, sometimes BeOS, OS/2 and more)

Their behavoiur against numeral competitors as well as customer is sometimes disgusting, and i hate the fact i have bought several windows licenses, while only a small perentage of tha thave gone to deveoping th eproduct, but more to support their disgusting metods :(  NO MORE!

/Morgan
--
Morgan Olsson, Kivik, Sweden

--
http://www.piclist.com hint: To leave the PICList
.....piclist-unsubscribe-requestspam_OUTspammitvma.mit.edu

2003\08\14@045358 by Morgan Olsson

flavicon
face
BTW, somebody tried NOD32 antivirus?

I have not read much about it, but always good words.
It seem very good at finding viruses, use low system resources, and have attractive price.

http://www.nod32.com

Thought about recomending it to friends, but have no real reference from a user.

/Morgan
--
Morgan Olsson, Kivik, Sweden

--
http://www.piclist.com hint: To leave the PICList
TakeThisOuTpiclist-unsubscribe-request.....spamTakeThisOuTmitvma.mit.edu

2003\08\14@102633 by Keith L. Kovala

flavicon
face
Alexandre,

You've been added to my list of IP addresses to check out in my spare time.
GRiN  Just kidding, I don't have any spare time to mess with your computer.
But if you think your computer is so clean why don't you run Ad-Aware and
see how much junk Kazaa is bringing in.  While they may not be viruses in
the sense that an AV program considers them, I'll bet a high count on hooks
into your registry.  In fact I'd be willing to bet Gator is on your computer
and you don't even know it, it loves to come in through Kazaa!

http://lavasoft.element5.com/support/download/

Keith L. Kovala
TakeThisOuTklkKILLspamspamspamksu.edu

{Original Message removed}

2003\08\14@104850 by Jake Anderson

flavicon
face
If you must use kazaa use kazaa light.
All the illigal music and pr0n you love, without the scumware aftertaste.

----- Original Message -----
From: "Keith L. Kovala" <.....klkspamRemoveMEKSU.EDU>
To: <RemoveMEPICLISTspamspamBeGoneMITVMA.MIT.EDU>
Sent: Friday, August 15, 2003 12:26 AM
Subject: Re: [OT:] Worm


> Alexandre,
>
> You've been added to my list of IP addresses to check out in my spare
time.
> GRiN  Just kidding, I don't have any spare time to mess with your
computer.
> But if you think your computer is so clean why don't you run Ad-Aware and
> see how much junk Kazaa is bringing in.  While they may not be viruses in
> the sense that an AV program considers them, I'll bet a high count on
hooks
> into your registry.  In fact I'd be willing to bet Gator is on your
computer
> and you don't even know it, it loves to come in through Kazaa!
>
> http://lavasoft.element5.com/support/download/
>
> Keith L. Kovala
> spamBeGoneklk@spam@spamspam_OUTksu.edu
>
> {Original Message removed}

2003\08\14@141346 by Robert Ussery

flavicon
face
Personally, I use MSN Messenger, Yahoo Messenger, Weatherbug and Memturbo
(you've seen the advertisements). I don't doubt these are leaving my
computer vulnerable to hacking, virii, etc., but I figure it's all a matter
of probability. I back up all my critical stuff about weekly, and plan on
formatting my HD to keep system performance up about yearly or biennially. I
enjoy the benefits of these various programs, and I don't really care what
they do to my computer. I realize that this point of view is completely
impractical for someone who has critical or sensitive data on their
computer, or who uses their computer for a business, but for me as a home
user, I don't give a darn.
BTW, I'm thinking about getting another computer to use as a "secure" work
machine. Linux, more careful maintenance, and more cautious use. I'll still
have this one for email and less critical stuff, but use the other one for
programming and profitable stuff.

- Robert



----- Original Message -----
From: "Keith L. Kovala" <TakeThisOuTklkspamspamKSU.EDU>
To: <PICLISTEraseMEspammitvma.mit.edu>
Sent: Thursday, August 14, 2003 8:26 AM
Subject: Re: [PICLIST] [OT:] Worm


> Alexandre,
>
> You've been added to my list of IP addresses to check out in my spare
time.
> GRiN  Just kidding, I don't have any spare time to mess with your
computer.
> But if you think your computer is so clean why don't you run Ad-Aware and
> see how much junk Kazaa is bringing in.  While they may not be viruses in
> the sense that an AV program considers them, I'll bet a high count on
hooks
> into your registry.  In fact I'd be willing to bet Gator is on your
computer
> and you don't even know it, it loves to come in through Kazaa!
>
> http://lavasoft.element5.com/support/download/
>
> Keith L. Kovala
> RemoveMEklkEraseMEspamspam_OUTksu.edu
>
> {Original Message removed}

2003\08\14@212124 by Win Wiencke

flavicon
face
----- Original Message -----
From: "Art" <@spam@artky1kRemoveMEspamEraseMEUNINETS.NET>
To: <EraseMEPICLISTspam@spam@MITVMA.MIT.EDU>
Sent: Wednesday, August 13, 2003 4:57 PM
Subject: Re: [OT:] Worm


<Snip>
> Some day I'm going to go to linux, open source operating systems provide
> great protection as the source code is reviewed by those who can
understand
> it and holes and backdoors are quickly recognized and repaired.

I wonder.  If Linux were the dominant system  wouldn't it be easier to hack
into because the source is open?

Mr. Gates effectively hides the inner workings of Windows so that is at
least one obstacle.

Don't get me wrong, Microsoft IMHO has done nothing to be proud of.  Their
technology seems to come from the Vladivostok telephone directory.  Their
documentation is miserable and their products seem to have a hard time
working.

Win

--
http://www.piclist.com hint: To leave the PICList
@spam@piclist-unsubscribe-requestspam_OUTspam.....mitvma.mit.edu

2003\08\14@213256 by Eric Christensen

picon face
On Thu, 14 Aug 2003 21:19:31 -0400
Win Wiencke <spamBeGoneWinEraseMEspamSLYCURVES.COM> wrote:

> ----- Original Message -----
> From: "Art" <artky1kspamBeGonespamUNINETS.NET>
> To: <RemoveMEPICLIST@spam@spamspamBeGoneMITVMA.MIT.EDU>
> Sent: Wednesday, August 13, 2003 4:57 PM
> Subject: Re: [OT:] Worm
>
>
> <Snip>
> > Some day I'm going to go to linux, open source operating systems
> > provide great protection as the source code is reviewed by those who
> > can understand
> > it and holes and backdoors are quickly recognized and repaired.
>
> I wonder.  If Linux were the dominant system  wouldn't it be easier to
> hack into because the source is open?

Not if there aren't holes in it.  OpenBSD is a great example of this.
They've only distributed software that had a root exploit once in 7
years.  Anybody can look at the code, but if there's no way to get in,
there's no way to get in.

Eric

--
http://www.piclist.com hint: To leave the PICList
.....piclist-unsubscribe-request@spam@spamEraseMEmitvma.mit.edu

2003\08\14@214934 by Win Wiencke

flavicon
face
> Win Wiencke wrote>
> > I wonder.  If Linux were the dominant system  wouldn't it be easier to
> > hack into because the source is open?

<Eric replies>
> Not if there aren't holes in it.  OpenBSD is a great example of this.
> They've only distributed software that had a root exploit once in 7
> years.  Anybody can look at the code, but if there's no way to get in,
> there's no way to get in.

Point taken.

However, through my relentless pursuit of redheads I've discovered absolute
perfection is rarely arrived at.  I can only assume that applies to
operating systems as well.

Do you really think that Open BSD has attracted the degree of attention that
MS has?  Imagine a concerted assault by folks with the skill level of this
group.  It's hard to imagine that someone wouldn't get through.

In the meantime, I'll be the first to agree that the less trod path is the
safer one.

Win Wiencke

--
http://www.piclist.com hint: To leave the PICList
.....piclist-unsubscribe-requestRemoveMEspammitvma.mit.edu

2003\08\14@235642 by Mauricio Jancic

flavicon
face
I wonder...
       When I make a system, any one, hardware or software, I test it,
quite enough to be shure it doesnñt fail, don't you? Well, once you have
done this, you give it to your customer and for example, if you make 10
devices, you may get 2 or 3 diferent errors on some complex device, you
fix them and that's it.
       NOW, if I make 10.000 devices and start selling them, and the
users start to use my product intensibly, sometimes wrong, wouldn't I
have the chance to get MORE bug reports? And what if when you start
producing you have your boss breading in your neck hurrying you up?

       I'm not defending MSFT, just saying that I think they cant be
blame for the bugs, I'll blame them for  the lack of good support, but
not for having the bug...

       Just an oppinion.

Mauricio

--
http://www.piclist.com hint: To leave the PICList
.....piclist-unsubscribe-requestSTOPspamspam@spam@mitvma.mit.edu

2003\08\15@121128 by Nate Duehr

face
flavicon
face
Win Wiencke wrote:

> Do you really think that Open BSD has attracted the degree of attention that
> MS has?  Imagine a concerted assault by folks with the skill level of this
> group.  It's hard to imagine that someone wouldn't get through.

Actually I'd say YES, resoundingly so.

The vast majority of security professionals all the way down to lowly
student crackers take pot shots at breaking OpenBSD for the bragging
rights all the time.  They don't succeed, and they HAVE the source code.
 I'd say there's been much more than a "concerted assault" on OpenBSD
for years.

See references to trying to break OpenBSD at every DefCon convention, as
an anecdotal example.

Ultimately, it does not matter if more usage of something like OpenBSD
would cause more bugs to be found.  Their track record is still so much
better than the alternatives -- it doesn't matter.  They're so far ahead
they could publish lists of exploits for the next three years and still
never have as many published problems as the competition.

OpenBSD makes an EXCELLENT firewall when configured correctly and a good
mail/web/other server.  Obviously, it's not much good for a desktop OS
for the average person... but if you're going for a secure Internet
server, and if the main criteria is security, OpenBSD wins hands-down.

Computer/Network security decisions should not be made in the abstract
or by marketing dollars (even though in the real world, they are...).
Pick what works.  And know your enemy.

--
Nate Duehr, nateEraseMEspam@spam@natetech.com

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads

2003\08\15@152222 by Herbert Graf

flavicon
face
> > Some day I'm going to go to linux, open source operating systems provide
> > great protection as the source code is reviewed by those who can
> understand
> > it and holes and backdoors are quickly recognized and repaired.
>
> I wonder.  If Linux were the dominant system  wouldn't it be
> easier to hack
> into because the source is open?
>
> Mr. Gates effectively hides the inner workings of Windows so that is at
> least one obstacle.

       It's an interesting theory, but current evidence contradicts it. While
Linux may not be as popular as windows, Apache, the web server, is pretty
much the most common web server out there. It is completely open source, yet
it has had, by far, fewer "bad" exploits then IIS (a Microsoft product).
Hiding things has NEVER been a good approach to software, and having hidden
source code simply allows things to be "forgotten", only to be discovered
later by the "wrong" person. TTYL

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads

2003\08\15@190051 by Michael Davidson

flavicon
face
> Not if there aren't holes in it.  OpenBSD is a great example of this.
> They've only distributed software that had a root exploit once in 7
> years.  Anybody can look at the code, but if there's no way to get in,
> there's no way to get in.

I'm a great advocate of BSDs, especially OpenBSD, but that's not strictly
true.

The claim isn't one root exploit in 7 years. It's had a few, potential, root
exploits. The claim is, and taken straight from http://www.openbsd.org, "Only
one remote hole in the default install, in more than 7 years". There's a
world of difference. Local holes are pretty minor compared to remote - most
machines you can assume to have little to no local access. Remote holes are
the serious ones, and it's had some. The key term in their claim is "default
install". The default install ships with pretty much everything turned off.
So if you got every release of OpenBSD and installed it and did not configure
it, you'd only be privy to one remote exploit. But if you started to turning
on services you would become more and more vulnerable, just like any OS.

That being said, the OpenBSD team is very strict about what gets let in to
their 'distribution' and have regular code reviews for things like buffer
exploits, etc.

Michael
--

Overflow on /dev/null, please empty the bit bucket.

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads

More... (looser matching)
- Last day of these posts
- In 2003 , 2004 only
- Today
- New search...