Searching \ for '[OT]: Security warning: Stop the crazy script-kidd' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=stop+crazy+script
Search entire site for: 'Security warning: Stop the crazy script-kidd'.

Exact match. Not showing close matches.
PICList Thread
'[OT]: Security warning: Stop the crazy script-kidd'
2000\12\31@144104 by Tim Hamel

picon face
In a message dated 12/31/00 11:29:51 AM Pacific Standard Time,
spam_OUTartbTakeThisOuTspamCABLEINET.CO.UK writes:


> I have sometimes have about 30 atemps aday they all get .....abuseKILLspamspam@spam@isp.dot.dot
> reports sent.
> On my local service provider system I do get them knockedoff for a few weeks
> but then they are back "they have still have the same workgroup id. but that
> helps knock them off quicker next time.
>

Sending off reports to abuse@ addresses is just about pointless. I'm pretty
sure @home (my cable ISP) is tired of the reports their users send every
second in regards to "hack attempts." Port scanning is NOT a crime or a
security threat. Many ISPs won't do anything if you report the "attacker" for
the simple fact that it's not really a security issue. I see WAY too many
posts on the @Home-"security" newsgroups where people post their ZoneAlarm
logs only to see that all of the attempts have been blocked. I honestly think
firewalls on Windoze systems (not including Windows NT/2K) is useless.

</end rant>

> You *DO* have a firewall and it is a tested one? don't you?
> personally I now lockdown all ports and turn off report's from Firewall but
> ant sucessful atempt's do get flaged.
>
> This is something you *HAVE* to live with
>

My point exactly.......

Regards,

Tim H.

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email listservspamKILLspammitvma.mit.edu with SET PICList DIGEST in the body


2000\12\31@145735 by David VanHorn

flavicon
face
>
>Sending off reports to abuse@ addresses is just about pointless. I'm pretty
>sure @home (my cable ISP) is tired of the reports their users send every
>second in regards to "hack attempts." Port scanning is NOT a crime or a
>security threat. Many ISPs won't do anything if you report the "attacker" for
>the simple fact that it's not really a security issue. I see WAY too many
>posts on the @Home-"security" newsgroups where people post their ZoneAlarm
>logs only to see that all of the attempts have been blocked. I honestly think
>firewalls on Windoze systems (not including Windows NT/2K) is useless.

Before I went to a hardware solution, I was using Zone Alarm (properly
configured) and black ice, and getting pretty good results from most
ISPs.  I didn't get many attempts from @home subscribers, other than the
"authorized.... " scan which presumably is done by @home, looking for
servers. Of course, anyone can call themselves "authorized..." so it's
pretty exploitable.

Now, with the linksys router, I'm (AFAIK) secure.
I'd be interested in any information to the contrary.
24.4.165.200 is where I'm at.

--
Where's dave? http://www.findu.com/cgi-bin/find.cgi?kc6ete-9

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email .....listservKILLspamspam.....mitvma.mit.edu with SET PICList DIGEST in the body


2000\12\31@150354 by Tim Hamel

picon face
In a message dated 12/31/00 11:59:34 AM Pacific Standard Time,
EraseMEdvanhornspam_OUTspamTakeThisOuTCEDAR.NET writes:


> Now, with the linksys router, I'm (AFAIK) secure.
> I'd be interested in any information to the contrary.
> 24.4.165.200 is where I'm at.
>

...sounds like a HoneyPot to me <vbg>. The LinkSys router is pretty secure,
much better solution than ZoneAlarm. Just make sure you stay on top of the
firmware upgrades =)

Regards,

Tim Hamel

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email listservspamspam_OUTmitvma.mit.edu with SET PICList DIGEST in the body


2000\12\31@151431 by David VanHorn

flavicon
face
>
>...sounds like a HoneyPot to me <vbg>. The LinkSys router is pretty secure,
>much better solution than ZoneAlarm. Just make sure you stay on top of the
>firmware upgrades =)

I used to do the "two net card" solution, but that made every other pc's
access dependent on the gateway PC being up. Windows being what it is....

The Linksys box just runs. :)

--
Where's dave? http://www.findu.com/cgi-bin/find.cgi?kc6ete-9

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email @spam@listservKILLspamspammitvma.mit.edu with SET PICList DIGEST in the body



'[OT]: Security warning: Stop the crazy script-kidd'
2001\01\01@022910 by Nigel Goodwin
flavicon
face
In message <KILLspam4.3.2.7.2.20001231145101.021ffca0KILLspamspammail.cedar.net>, David
VanHorn <RemoveMEdvanhornTakeThisOuTspamCEDAR.NET> writes
>Before I went to a hardware solution, I was using Zone Alarm (properly
>configured) and black ice, and getting pretty good results from most
>ISPs.  I didn't get many attempts from @home subscribers, other than the
>"authorized.... " scan which presumably is done by @home, looking for
>servers. Of course, anyone can call themselves "authorized..." so it's
>pretty exploitable.
>
>Now, with the linksys router, I'm (AFAIK) secure.
>I'd be interested in any information to the contrary.
>24.4.165.200 is where I'm at.

If you go to Norton's website http://www.norton.com there is an option
to run a security scan on your Internet connection, it may be worth
running that to see what is says?. I run Norton Internet Security, and
the test told me to alter my netBEUI settings, Windows apparently leaves
a big security hole with it's default settings.
--

Nigel.

       /--------------------------------------------------------------\
       | Nigel Goodwin   | Internet : spamBeGonenigelgspamBeGonespamlpilsley.co.uk           |
       | Lower Pilsley   | Web Page : http://www.lpilsley.co.uk       |
       | Chesterfield    | Official site for Shin Ki and New Spirit   |
       | England         |                 Ju Jitsu                   |
       \--------------------------------------------------------------/

--
http://www.piclist.com hint: To leave the PICList
TakeThisOuTpiclist-unsubscribe-requestEraseMEspamspam_OUTmitvma.mit.edu


2001\01\01@024401 by David VanHorn

flavicon
face
>
>If you go to Norton's website http://www.norton.com there is an option
>to run a security scan on your Internet connection, it may be worth
>running that to see what is says?. I run Norton Internet Security, and
>the test told me to alter my netBEUI settings, Windows apparently leaves
>a big security hole with it's default settings.

It can't even scan me.

--
Where's dave? http://www.findu.com/cgi-bin/find.cgi?kc6ete-9

--
http://www.piclist.com hint: To leave the PICList
RemoveMEpiclist-unsubscribe-requestspamTakeThisOuTmitvma.mit.edu


2001\01\01@113435 by Herbert Graf

flavicon
face
> If you go to Norton's website http://www.norton.com there is an option
> to run a security scan on your Internet connection, it may be worth
> running that to see what is says?. I run Norton Internet Security, and
> the test told me to alter my netBEUI settings, Windows apparently leaves
> a big security hole with it's default settings.

    Unless you are on a LAN netBEUI is NOT a security problem for a net
connected computer since the net only understands TCP/IP. TTYL

--
http://www.piclist.com hint: To leave the PICList
piclist-unsubscribe-requestEraseMEspam.....mitvma.mit.edu


2001\01\01@123957 by Ivey Cole

flavicon
face
Netbios (Netbeui) over TCP/IP is a problem though.

On Mon, 1 Jan 2001 11:35:55 -0500, Herbert Graf wrote:

{Quote hidden}

Ivey Cole RemoveMEicoleEraseMEspamEraseMEonr.com

--
http://www.piclist.com hint: To leave the PICList
RemoveMEpiclist-unsubscribe-requestspam_OUTspamKILLspammitvma.mit.edu


2001\01\01@132210 by Nigel Goodwin

flavicon
face
In message <RemoveMENAEALEBPNOHNGKFACEHAOEGMDCAA.mailinglistTakeThisOuTspamspamfarcite.net>,> Herbert Graf <EraseMEmailinglistspamspamspamBeGoneFARCITE.NET> writes
>> If you go to Norton's website http://www.norton.com there is an option
>> to run a security scan on your Internet connection, it may be worth
>> running that to see what is says?. I run Norton Internet Security, and
>> the test told me to alter my netBEUI settings, Windows apparently leaves
>> a big security hole with it's default settings.
>
>     Unless you are on a LAN netBEUI is NOT a security problem for a net
>connected computer since the net only understands TCP/IP. TTYL

I have a number of computers networked together, the Norton scan
detected this and their website explains why it's a security risk, and
how to prevent it.
--

Nigel.

       /--------------------------------------------------------------\
       | Nigel Goodwin   | Internet : RemoveMEnigelgKILLspamspamlpilsley.co.uk           |
       | Lower Pilsley   | Web Page : http://www.lpilsley.co.uk       |
       | Chesterfield    | Official site for Shin Ki and New Spirit   |
       | England         |                 Ju Jitsu                   |
       \--------------------------------------------------------------/

--
http://www.piclist.com hint: To leave the PICList
piclist-unsubscribe-requestSTOPspamspamspam_OUTmitvma.mit.edu


2001\01\01@143140 by Herbert Graf

flavicon
face
> Netbios (Netbeui) over TCP/IP is a problem though.

       True, netbios over TCP/IP is bad (it opens port 139 and allows alot of info
to be retrieved, possible even file shares) however, netbios and netbeui are
two different animals, one has no direct relation to the other. TTYL

{Quote hidden}

--
http://www.piclist.com hint: To leave the PICList
@spam@piclist-unsubscribe-request@spam@spamspam_OUTmitvma.mit.edu


2001\01\01@181111 by Bill Westfield

face picon face
   Unless you are on a LAN netBEUI is NOT a security problem for a net
   connected computer since the net only understands TCP/IP. TTYL

I believe that netbios over TCP/IP is enabled by default in all win9x
systems that run both TCP/IP and netbios, and that netbios/ip inherits a lot
of stuff from the "netbeui" configuration (netbeui is netbios directly over
ethernet framing.)

BillW

--
http://www.piclist.com hint: To leave the PICList
spamBeGonepiclist-unsubscribe-requestspamKILLspammitvma.mit.edu


2001\01\01@224042 by Mitchell D. Miller

picon face
I believe it meant NetBios settings.

-- Mitch

-----Original Message-----
From: pic microcontroller discussion list
[.....PICLISTspam_OUTspamMITVMA.MIT.EDU]On Behalf Of Herbert Graf
Sent: Monday, January 01, 2001 10:36 AM
To: TakeThisOuTPICLIST.....spamTakeThisOuTMITVMA.MIT.EDU
Subject: Re: [OT]: Security warning: Stop the crazy script-kiddie
scanning the


> If you go to Norton's website http://www.norton.com there is an option
> to run a security scan on your Internet connection, it may be worth
> running that to see what is says?. I run Norton Internet Security, and
> the test told me to alter my netBEUI settings, Windows apparently leaves
> a big security hole with it's default settings.

    Unless you are on a LAN netBEUI is NOT a security problem for a net
connected computer since the net only understands TCP/IP. TTYL

--
http://www.piclist.com hint: To leave the PICList
TakeThisOuTpiclist-unsubscribe-requestKILLspamspamspammitvma.mit.edu

--
http://www.piclist.com hint: To leave the PICList
.....piclist-unsubscribe-requestspamRemoveMEmitvma.mit.edu


2001\01\01@224054 by Mitchell D. Miller

picon face
Don't forget about port 137, too.

-----Original Message-----
From: pic microcontroller discussion list
[RemoveMEPICLISTspamspamBeGoneMITVMA.MIT.EDU]On Behalf Of Herbert Graf
Sent: Monday, January 01, 2001 1:31 PM
To: spamBeGonePICLIST@spam@spamspam_OUTMITVMA.MIT.EDU
Subject: Re: [OT]: Security warning: Stop the crazy script-kiddie
scanning the


> Netbios (Netbeui) over TCP/IP is a problem though.

       True, netbios over TCP/IP is bad (it opens port 139 and allows alot
of info
to be retrieved, possible even file shares) however, netbios and netbeui are
two different animals, one has no direct relation to the other. TTYL

{Quote hidden}

--
http://www.piclist.com hint: To leave the PICList
@spam@piclist-unsubscribe-requestRemoveMEspamEraseMEmitvma.mit.edu

--
http://www.piclist.com hint: To leave the PICList
EraseMEpiclist-unsubscribe-requestspam@spam@mitvma.mit.edu


2001\01\01@233404 by Dale Botkin

flavicon
face
On Sun, 31 Dec 2000, David VanHorn wrote:

> >
> >...sounds like a HoneyPot to me <vbg>. The LinkSys router is pretty secure,
> >much better solution than ZoneAlarm. Just make sure you stay on top of the
> >firmware upgrades =)
>
> I used to do the "two net card" solution, but that made every other pc's
> access dependent on the gateway PC being up. Windows being what it is....

... and that would be "totally unsuitable for a firewall", right?  8-)
I've been using a Linux box with ipfw and now ipchains (finally) for about
three years now.  10Mb NIC for the cable modem side, 100Mb for the house
side, running Samba, dhcpd, etc.  It's my Web server/mail
server/firewall/gateway/NAT/file server/tape backup/Xwindows machine, and
it's only been rebooted when I've done it on purpose for kernel upgrades,
hardware fixes, etc.  It's currently a 200MHz Pentium-MMX with 96MB of RAM
and an 8GB SCSI-2 drive, which is way more than adequate for the job,
though sadly underpowered for Windows.

It's not a solution for the technically inept, though, and from what I've
heard the LinkSys box is great for that.  Please don't take that to mean
anything other than what I said...  if I weren't fond of playing with my
own systems, I'd use one.  I figure I need a firewall, need a server, kill
two birds with one stone, but I'd certainly never suggest it's the way for
everyone to go.

Dale
---
The most exciting phrase to hear in science, the one that heralds new
discoveries, is not "Eureka!" (I found it!) but "That's funny ..."
               -- Isaac Asimov

--
http://www.piclist.com hint: To leave the PICList
@spam@piclist-unsubscribe-requestspam_OUTspam.....mitvma.mit.edu


More... (looser matching)
- Last day of these posts
- In 2001 , 2002 only
- Today
- New search...