Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
BCM
User Panel

Posted: 7/23/2001 4:46:49 PM EDT
Link Posted: 7/23/2001 5:01:11 PM EDT
[#1]
It's all over assaultweb also.two more were sent to me,but the system stopped them this time.mmk
Link Posted: 7/23/2001 5:07:46 PM EDT
[#2]
I dont know all that much about viruses, but for a virus to affect you, doesnt your computr have to be infected with it?  
Link Posted: 7/23/2001 5:09:35 PM EDT
[#3]
I get home from work and check out my e-mail to find a message from JaxABCF.

Don't know who the clown is but he had my e-mail addy and wanted me to check out a rough draft in an attachment.

Can you say "nuked in a minute"?
Link Posted: 7/23/2001 5:13:33 PM EDT
[#4]
Umm, viruses have nothing to do with latency.
Link Posted: 7/23/2001 5:15:20 PM EDT
[#5]
Link Posted: 7/23/2001 5:27:36 PM EDT
[#6]
Holy cow!!

I just got a second message from this joker wanting me to take a look. This time it was titled 'Face'.

And yes, I nuked this one just as quick. [:D]
Link Posted: 7/23/2001 5:30:15 PM EDT
[#7]
Somethings up with the NRA web site.  I can't get in.  Virus writing buttheads.......???.....
Link Posted: 7/23/2001 5:31:33 PM EDT
[#8]
I got an email today asking me to open a file.

Tchya, right.  
Link Posted: 7/23/2001 5:52:18 PM EDT
[#9]
I was sucked in at work on this Bill Clinton thing. What will it do to my machine? If I just generated viruses to all my e-mail people, sorry!
Link Posted: 7/23/2001 6:01:12 PM EDT
[#10]
Hey guys One of my babes just sent me a removal tool for getting rid of the virus. It will also tell you if you have it or not.
http://www.symantec.com/avcenter/venc/data/[email protected]
Link Posted: 7/23/2001 6:04:59 PM EDT
[#11]

Viruses kill the internet because of the sheer traffic they generate. Think about the millions of US pcs and the other millions of non US pcs and then think of all the emails from the percentage that has the virus...
View Quote


Viruses don't generate much traffic.  There are a small number of computers infected with viruses that generate tons of email, and that traffic is limited by the victim machine's capabilities and connection.  Spammers on the other hand create a tremendous amount of email on a daily basis, dwarfing what can be sent by a handful of machines with limited address lists.  There are a lot of bottlenecks for email long before it impacts bandwidth.  It would take some serious hardware sitting on a backbone to generate enough email to make an impact.  I'd venture to guess that there are exactly zero people with that kind of access generating vast amounts of traffic from a windows based machine.
Link Posted: 7/23/2001 8:05:11 PM EDT
[#12]
Quoted:
I get home from work and check out my e-mail to find a message from JaxABCF.

Don't know who the clown is but he had my e-mail addy and wanted me to check out a rough draft in an attachment.

Can you say "nuked in a minute"?
View Quote


I have gotten two from him too.  One said "credentials" and the other said "movement of defense".
Link Posted: 7/23/2001 8:23:32 PM EDT
[#13]
Remember the three R's of Windows Goat Boy...
add Ram
Reboot
or Reinstall

The box said runs on Windows 95 or better so I installed FreeBSD [:p]

Link Posted: 7/23/2001 8:32:50 PM EDT
[#14]
GoatBoy, sfoo, qwijibo, if any of you are still following this thread: please email immediately regarding an important security matter directly involving ar15.com.  This is no joke.  You guys will understand and sfoo and I have the tools to corroborate it.  
Link Posted: 7/23/2001 8:34:15 PM EDT
[#15]
oops, my addy is [email protected]
Link Posted: 7/23/2001 9:09:29 PM EDT
[#16]
Link Posted: 7/23/2001 9:15:51 PM EDT
[#17]
Hell my email is in my profile and you can write me [:P] if you really want to chat about it.
Link Posted: 7/23/2001 10:07:28 PM EDT
[#18]
Quoted:

Viruses kill the internet because of the sheer traffic they generate. Think about the millions of US pcs and the other millions of non US pcs and then think of all the emails from the percentage that has the virus...
View Quote


Viruses don't generate much traffic.  There are a small number of computers infected with viruses that generate tons of email, and that traffic is limited by the victim machine's capabilities and connection.  Spammers on the other hand create a tremendous amount of email on a daily basis, dwarfing what can be sent by a handful of machines with limited address lists.  There are a lot of bottlenecks for email long before it impacts bandwidth.  It would take some serious hardware sitting on a backbone to generate enough email to make an impact.  I'd venture to guess that there are exactly zero people with that kind of access generating vast amounts of traffic from a windows based machine.
View Quote


Actually spam is no where near the BW of a Virus that replicates itself through email. Imaging 10000 people sending 10000 emails = 100,000,000.

Now Let's imaginge 20 infected computers sending to the 20 addresses in their book sending to 20 sending to 20 sending to 20 sending to 20, etc. You will see that after just 10 steps through 10 address books = 10,240,000,000,000.

The difference is TRILLIONS compared to MILLIONS!
Link Posted: 7/23/2001 10:12:32 PM EDT
[#19]
Part of the problem may be with the fibre that was burned up in that tunnel fire.  I also heard that there was a power outage cause by hot weather.  If they have to route a large backbone around the outages, it could slow things down quite a bite.  
Link Posted: 7/24/2001 12:05:58 AM EDT
[#20]
I suspect that they are written and sent out by the very companies that sell you software to remove and prevent them.

Follow the money
Link Posted: 7/24/2001 1:15:45 AM EDT
[#21]
I recieved two of the same one that M15A2 got, "movement of defense."  The emails were back to back, does this mean that two of the people that have my addy are infected? TIA
Link Posted: 7/24/2001 1:46:16 AM EDT
[#22]
[email protected] a.k.a. "CampyBob" must have me on his e-mail list as I got sent the virus from him today......
I deleted it but he must be invected...
Link Posted: 7/24/2001 5:21:07 AM EDT
[#23]

Actually spam is no where near the BW of a Virus that replicates itself through email. Imaging 10000 people sending 10000 emails = 100,000,000.

Now Let's imaginge 20 infected computers sending to the 20 addresses in their book sending to 20 sending to 20 sending to 20 sending to 20, etc. You will see that after just 10 steps through 10 address books = 10,240,000,000,000.

The difference is TRILLIONS compared to MILLIONS!
View Quote


Where do you get those numbers?  Your example presumes that every one of those people has unique addresses in their address book and is going to run everything ever emailed to them.  These viruses have been around for years - anyone who runs every attachment they receive is no smarter than the people who take SKS's out of the box, load them up, and are surprised or killed by the whole magazine being fired because the bolt is filled with cosmolene and it acts like an open bolt machine gun.  If this were 5 years ago, these viruses would be new and people wouldn't expect email from people they know to contain viruses.  These have been around for years, most people have learned not to do this by now.  Most knowledgeable people won't open unsolicited attachments, and many people who use email to exchange files regularly have virus checking software to prevent these problems.  Last time I ran a virus scan, I found two viruses in my email trash.  So if I was the second hop of your example, I just saved the world from 1,024,000,000,000 pieces of junk email, because I got two copies of it.  Sounds silly, doesn't it?  It is.

I've looked at log files from open relays, and it's not uncommon to see several hundred thousand emails from one spammer before the machine develops problems from having disks fill with several thousand undeliverable messages.  That's from one spammer's effect on one host over one night.  Spam wouldn't be profitable if it were counting on finding more than one sucker for every 100,000 people emailed.  They can connect from a dialup host and get an open relay to to turn one copy of an email into thousands of copies to send out to tons of addresses.
Link Posted: 7/24/2001 5:30:23 AM EDT
[#24]
The only thing that I can say about the viruses that we are seeing is that it is a direct result of the integration of networking with the OS.  No other OS (Unix, VMS, MVS, etc.) has allowed the trust that Windows has with any networking protocol that is installed on it.  Adding to the scripting that usually gets installed by default, the world's most used operating system is also one of the most unsecure.

The interesting item is that in the latest issue of Information Security magazine, they claim that the influx of scripting worms and viruses should be on the decline.  Gotta love reading something like that when experience the influx of what we currently are undergoing.

Just one more reason I miss my old unix account at college and Pine.
Link Posted: 7/24/2001 5:47:45 AM EDT
[#25]

The only thing that I can say about the viruses that we are seeing is that it is a direct result of the integration of networking with the OS. No other OS (Unix, VMS, MVS, etc.) has allowed the trust that Windows has with any networking protocol that is installed on it. Adding to the scripting that usually gets installed by default, the world's most used operating system is also one of the most unsecure.
View Quote


Unix (and I'm sure the others, but how many old OS's do you find on the net these days) has remote exploits that are found.  These allow others to gain unauthorized access and do whatever they want to the machine.  That's just one machine at a time and self replicating worms aren't as popular under Unix. The big difference between Unix and Windows is that most Unix users fall into two categories - those who won't run executables they receive from email and those who don't know how.  Windows takes that second group and opens them up to exploitation.


The interesting item is that in the latest issue of Information Security magazine, they claim that the influx of scripting worms and viruses should be on the decline. Gotta love reading something like that when experience the influx of what we currently are undergoing.
View Quote


Viruses and worms like the one a lot of people here are seeing occur in small groups.  It seems a bunch of people on ar15.com and l1a1.com are seeing this(and probably more, but I don't check all the other gun boards) - but is that surprising that many members of these boards have email addresses of people on the same and other similar boards?  All it takes is one person to get something like this to give it to other members of the same group.

The current implementation of these problems may change, but the problem won't go away.  All of the easily exploited holes come from a feature intended to make things more user friendly.  The only way to solve the problem is to educate the users, and that's just not going to happen.
Link Posted: 7/24/2001 6:10:04 AM EDT
[#26]

Unix (and I'm sure the others, but how many old OS's do you find on the net these days) has remote exploits that are found. These allow others to gain unauthorized access and do whatever they want to the machine. That's just one machine at a time and self replicating worms aren't as popular under Unix.
View Quote


Absolutely correct.  Additionally, the majority of the holes of the robust packages run on these OSes have been found.  Usually most systems are at risk when going to a newer version of a package.

Additionally, since these exploits are usually more difficult to find, and require more talent than writing a script-based worm, these systems, as long as they are hardened by an experienced and security consious SA, are usually safer from the attacks that are so prevelant on the Win32 systems.

Also, when creating the interaction between the email and the OS, the developers behind Unix (IIRC) determined that the two should not mix, and that it would take user intervention to allow this mixing to occur.  Something that is rather lacking in older versions of Win32 systems.

I will agree that there is scripting functionality based in unix (i.e. shell programming), but for something to occur that could damage the system, worm-based or not, the unix rights system must be compromised (unless the user is logging in as root).   It is also more difficult to create a shell program to go through a user's address book and start sending off emails, which does not seem to be the case with Win32.



The only way to solve the problem is to educate the users, and that's just not going to happen.
View Quote


Educate the users?  I agree, that would be similar to plowing the sea; a lot of work that will do nothing.  However, it might be also noted that if Win32 was shipped without the Windows Scripting Engine installed and enabled, a lot of these script worms would not be causing these issues.   I realize that this would cause some issues with MSOffice apps, and I am all forward to modularity, but allowing a module of the OS to be accessed via a program that connects to an untrusted source does not seem to make all that much sense to me.  


Link Posted: 7/24/2001 6:29:51 AM EDT
[#27]
funny they tried to get me through the "face" attachment...with some sort of message about being against Bill Clinton...also got one that "needed my advice on something"
that came from my ad on gunsamerica...looks to me like they got me through three sites ar15, gunsamerica, and bushrunning mate...best part was it went to my hotmail account...which scans for viruses...their scan said both emails and attachments were virus free (guess that really means no charge for them)
Link Posted: 7/24/2001 7:21:47 AM EDT
[#28]
Link Posted: 7/24/2001 7:33:46 AM EDT
[#29]
Some nice links to determine whats going on with the net:

[url]http://www.internettrafficreport.com/[/url]

[url]http://www.slac.stanford.edu/comp/net/wan-mon/netmon.html[/url]

Link Posted: 7/24/2001 9:20:31 AM EDT
[#30]
Quoted:
Then you have the spammers who manipulate other mail servers to relay other batches of their spam.
View Quote

Well if folks would keep their mail servers updated, we could avoid this.  Also doing reverse name checking helps.  MAPS, the dial-up list, etc. are also somewhat useful depending on how far you want to go.  Same with web servers...keep them updated, and you miss out on all the fun.

These things will hop from one person to another who has on average 50-100 names in their address book, since most of us set our outlook to add people we respond to into our address books.
View Quote


Yep see WMitty's posts about M$ and their wide open security model.  Till they stop allowing stuff from happening by default (like scripts from running in unopened email, for example) crap like this will go on.  
Windows is an easy target because it has no real safeguards built into the system to prevent malicious attacks from occuring.  NT/2000 is marginally better than 9x/ME in this respect, but most people aren't there yet.  
Please note that an OS is only as secure as the idiot running the machine it's on.  A poorly maintained Unix box can be an easier crack than a well planned and maintained 98 machine (although this is rare....)



Either way, it was a crappy night on the net!
View Quote


Tomorrow night, show off your big black rifle to some high school girls and see if you can get some with it like MallNinja.
Link Posted: 7/24/2001 9:22:32 AM EDT
[#31]
I got three messages yesterday from Chad Ritter, who is a guy Ive done business with on this site. Two said resume and one said stickers. All were asking for advice. Chad was nice enough to send me an E-mail saying dont open any of this shit. Im glad he did, because since I recognized his name I almost opened them. I must be some kind of an idiot. Thanks Chad for the heads up.

RLTW
Link Posted: 7/24/2001 8:45:41 PM EDT
[#32]
Boy is it nice to be running Mac OS 9!!! I've been on the internet for 3 years and have yet to get a virus or any other major worms (got 1 from a publication CD, but it was actually harmless and only affected the CD drive and was easy to remove).
Link Posted: 7/24/2001 8:51:59 PM EDT
[#33]
Our company ISP scans and quarantines all infected e-mail before it is forwarded to our user's e-mail box.  So far they have kept us clean, but we still have to use up to date virus software as a back up system.

Why don't all ISP's do more of this type of "cleaning"?

When I asked why they did it the obvious answer was "We don't want that crap on our servers".  And this is not some giant ISP, just a small outfit that has their sh*t together.
Link Posted: 7/24/2001 9:16:02 PM EDT
[#34]
Quoted:
Remember the three R's of Windows Goat Boy...
add Ram
Reboot
or Reinstall

The box said runs on Windows 95 or better so I installed FreeBSD [:p]

View Quote


Any complete RTFM needs to have included a definition section... enhances the understanding for execution of procedure...

This oughta do it...


Windows 95 (win-DOH-z), n. A thirty-two bit extension and graphical
shell to a sixteen bit patch to an eight bit operating system
originally coded for a four bit microprocessor which was written by a two
bit company that can't stand one bit of competition.

Hiroshima 45
Chernobyl 86
Windows 95


Link Posted: 7/26/2001 10:54:52 AM EDT
[#35]
Some of those viruses are VERY FUNNY!!! My friends and I like to play with some, and it is hilarious.  There is one that lets you open and close the other persons cd rom, and see what they are typing.  You can even take shots with their webcam (if they have one), print documents, download files from their comp, close windows, reposition their mouse, switch the mouse buttons and get screen shots.    There are some others that make it seem as if they are gonna wipe your harddrive, then at the end they just say it was a joke.  Or others that pop up a big "scarey" face when u dont expect it.  
  We dont send eachother the bad ones though. (we dont even have the bad ones)
Link Posted: 7/26/2001 12:36:00 PM EDT
[#36]
Originally Posted By Big B:
Our company ISP scans and quarantines all infected e-mail before it is forwarded to our user's e-mail box.  So far they have kept us clean, but we still have to use up to date virus software as a back up system.

Why don't all ISP's do more of this type of "cleaning"?

When I asked why they did it the obvious answer was "We don't want that crap on our servers".  And this is not some giant ISP, just a small outfit that has their sh*t together.
View Quote



AR15.com has their SH*T TOGETHER!!   They are scanning e-mail for this crap and saved my butt this week.

Close Join Our Mail List to Stay Up To Date! Win a FREE Membership!

Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!

You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.


By signing up you agree to our User Agreement. *Must have a registered ARFCOM account to win.
Top Top