Walter <who will be busy doing this on TWO pc's in time for tonight's chat, so I don't have to use the BBS interface>
<<any suggestions on secure IRC clients, or is there such a thing>>
Walter
Walter Watts wrote:
> Does this propagate only on IRC servers and if so, could we get it off > of our CoV chat server. > > malware.bkdr_ircflood.x > > -- > > Walter Watts > Tulsa Network Solutions, Inc. > > "Pursue the small utopias... nature, music, friendship, love" > --Kupferberg-- > > --- > To unsubscribe from the Virus list go to <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
Walter <who will be busy doing this on TWO pc's in time for tonight's chat, so I don't have to use the BBS interface>
[rhinoceros] How the hell did you get infected? I wonder... is it possible to get infected, even if you accept all DCC, if you don't run any executable file that you downloaded? Did you accept candy err... a script from a stranger or what?
Myself, I have been using VIRC, which seems pretty neat, and I never had any problem -- or if I had one it was never reported
Just when I thought I was out-they pull me back in
Re: virus: could we get it off of our CoV chat server
« Reply #3 on: 2004-03-24 01:13:17 »
Thanks, rhino. I wish I had read this 4 hours earlier and I wouldn't have wasted 3.5 hours on Trillian ;-> What a giant hairball!
I really like the VIRC. It's like a tighter, simpler, leaner mIRC without malware problems.
It's what I'll be using.
Thanks, Walter
rhinoceros wrote:
> [Walter] > Sorry, it was mIRC's problem. Reinfection occurs until you do the crap outlined here: > > http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=bkdr_ircflood.y&vsect=t > > Walter > <who will be busy doing this on TWO pc's in time for tonight's chat, so I don't have > to use the BBS interface> > > [rhinoceros] > How the hell did you get infected? I wonder... is it possible to get infected, even if you accept all DCC, if you don't run any executable file that you downloaded? Did you accept candy err... a script from a stranger or what? > > Myself, I have been using VIRC, which seems pretty neat, and I never had any problem -- or if I had one it was never reported > > ---- > This message was posted by rhinoceros to the Virus 2004 board on Church of Virus BBS. > <http://virus.lucifer.com/bbs/index.php?board=61;action=display;threadid=30078> > --- > To unsubscribe from the Virus list go to <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
Just when I thought I was out-they pull me back in
Re: virus: could we get it off of our CoV chat server
« Reply #4 on: 2004-03-24 01:17:46 »
Because I bragged about never having a computer virus yesterday.
Walter <HUMBLED and looking at resident antivirus software reviews>
rhinoceros wrote:
> How the hell did you get infected? I wonder... is it possible to get infected, even if you accept all DCC, if you don't run any executable file that you downloaded? Did you accept candy err... a script from a stranger or what? >
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
Re: virus: could we get it off of our CoV chat server
« Reply #5 on: 2004-03-24 04:36:36 »
[Walter] Thanks, rhino. I wish I had read this 4 hours earlier and I wouldn't have wasted 3.5 hours on Trillian ;-> What a giant hairball!
I really like the VIRC. It's like a tighter, simpler, leaner mIRC without malware problems.
[rhinoceros] In fact VIRC (http://www.visualirc.net) was Hermit's suggestion, and it was the first one I ever used and the only one I ever needed.
Lately the more techie guys in #virus suggest another program called HydraIRC (http://www.hydrairc.com/). So, if you feel lucky you may want to learn a fifth one
Re: virus: could we get it off of our CoV chat server
« Reply #7 on: 2004-03-24 08:42:13 »
One way to get infected is to run active-x controls on a web page, which are inherently insecure. Another is to use a program, like outlook express, that autoruns scripts by default.
I wrote a web page detailing some basic windows security measures:
Just when I thought I was out-they pull me back in
Re: virus: could we get it off of our CoV chat server
« Reply #8 on: 2004-03-24 15:01:16 »
Outstanding advice, Erik. I guess one reason I've never had a virus until now was I still use Netscape's email, an old ver. 4.7. Been browsing with IE for a long time and will lock it down now according to your instructions: "4. How To Lock Down Your System".
I use Windows update regularly on both machine (98SE & XP Pro), but I only get critical updates.
Also, I have a Linksys 4 port Cable/DSL ROUTER between my lan and the net, but not a firewall. Are there some settings in the router I need to tighten up on?
Thanks alot for your advice, Walter
Erik Aronesty wrote:
> One way to get infected is to run active-x controls on a web page, which are inherently insecure. Another is to use a program, like outlook express, that autoruns scripts by default. > > I wrote a web page detailing some basic windows security measures: > > http://www.zoneedit.com/msvirus.html > --- > To unsubscribe from the Virus list go to <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
I hate to sound like a snob or a smart ass, because thats not my intention, but I just made the switch to a mac power book g4 and love it. As a second computer, couldn't ask for more. Not much worry about viruses either. OS X 3.3 is Great. (for me). Never thought I'd say that. Good luck. Viruses suck.
Bill
On Mar 24, 2004, at 3:01 PM, Walter Watts wrote:
> Outstanding advice, Erik. I guess one reason I've never had a virus > until now was I still use Netscape's email, an old ver. 4.7. Been > browsing with IE for a long time and will lock it > down now according to your instructions: > "4. How To Lock Down Your System". > > I use Windows update regularly on both machine (98SE & XP Pro), but I > only get critical updates. > > Also, I have a Linksys 4 port Cable/DSL ROUTER between my lan and the > net, but not a firewall. Are there some settings in the router I need > to tighten up on? > > Thanks alot for your advice, > Walter > > Erik Aronesty wrote: > >> One way to get infected is to run active-x controls on a web page, >> which are inherently insecure. Another is to use a program, like >> outlook express, that autoruns scripts by default. >> >> I wrote a web page detailing some basic windows security measures: >> >> http://www.zoneedit.com/msvirus.html >> --- >> To unsubscribe from the Virus list go to >> <http://www.lucifer.com/cgi-bin/virus-l> > > -- > > Walter Watts > Tulsa Network Solutions, Inc. > > "Pursue the small utopias... nature, music, friendship, love" > --Kupferberg-- > > > --- > To unsubscribe from the Virus list go to > <http://www.lucifer.com/cgi-bin/virus-l> >
RE: virus: could we get it off of our CoV chat server
« Reply #10 on: 2004-03-24 19:22:19 »
Hi Walter,
Sorry to hear about your recent troubles old dog. I know Sebby is behind it. It is because of those unkind comments you made about his night driving.
Look, have you tried Opera? I rate it s the absolute best browser and many swear that its mail client is magnificent too. Also, it has a beautiful IRC interface (see http://www.limbicnutrition.com/images/misc/walter_scr_shot.jpg - skin is called "Fresh").
Incidentally, very good security primer Erik. Thanks.
Outstanding advice, Erik. I guess one reason I've never had a virus until now was I still use Netscape's email, an old ver. 4.7. Been browsing with IE for a long time and will lock it down now according to your instructions: "4. How To Lock Down Your System".
I use Windows update regularly on both machine (98SE & XP Pro), but I only get critical updates.
Also, I have a Linksys 4 port Cable/DSL ROUTER between my lan and the net, but not a firewall. Are there some settings in the router I need to tighten up on?
Thanks alot for your advice, Walter
Erik Aronesty wrote:
> One way to get infected is to run active-x controls on a web page, which are inherently insecure. Another is to use a program, like outlook express, that autoruns scripts by default. > > I wrote a web page detailing some basic windows security measures: > > http://www.zoneedit.com/msvirus.html > --- > To unsubscribe from the Virus list go to > <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
RE: virus: could we get it off of our CoV chat server
« Reply #12 on: 2004-03-25 22:10:13 »
...as it turns out i DID have a virus!!! something called "Duster_a" or some such thing. it's been cleaned. not sure if it was responsible for anything, but i'm hoping not. it didnt have much effect on my end anyways. i can credit Kazaa and a certain screenwriting program for it....though i might add that the program works wonderfully.
Sorry to hear about your recent troubles old dog. I know Sebby is behind it. It is because of those unkind comments you made about his night driving.
Look, have you tried Opera? I rate it s the absolute best browser and many swear that its mail client is magnificent too. Also, it has a beautiful IRC interface (see http://www.limbicnutrition.com/images/misc/walter_scr_shot.jpg - skin is called "Fresh").
Incidentally, very good security primer Erik. Thanks.
Outstanding advice, Erik. I guess one reason I've never had a virus until now was I still use Netscape's email, an old ver. 4.7. Been browsing with IE for a long time and will lock it down now according to your instructions: "4. How To Lock Down Your System".
I use Windows update regularly on both machine (98SE & XP Pro), but I only get critical updates.
Also, I have a Linksys 4 port Cable/DSL ROUTER between my lan and the net, but not a firewall. Are there some settings in the router I need to tighten up on?
Thanks alot for your advice, Walter
Erik Aronesty wrote:
> One way to get infected is to run active-x controls on a web page, which are inherently insecure. Another is to use a program, like outlook express, that autoruns scripts by default. > > I wrote a web page detailing some basic windows security measures: > > http://www.zoneedit.com/msvirus.html > --- > To unsubscribe from the Virus list go to > <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
Re: virus: could we get it off of our CoV chat server
« Reply #13 on: 2004-03-28 12:48:56 »
Regarding your Linksys... don't use the DMZ setting.
Instead, permission each service explicitly using port forwarding.
------Original Message------ From: Walter Watts Sender: owner-virus@lucifer.com To: Church of Virus ReplyTo: Church of Virus Sent: Mar 24, 2004 3:01 PM Subject: Re: virus: could we get it off of our CoV chat server
Outstanding advice, Erik. I guess one reason I've never had a virus until now was I still use Netscape's email, an old ver. 4.7. Been browsing with IE for a long time and will lock it down now according to your instructions: "4. How To Lock Down Your System".
I use Windows update regularly on both machine (98SE & XP Pro), but I only get critical updates.
Also, I have a Linksys 4 port Cable/DSL ROUTER between my lan and the net, but not a firewall. Are there some settings in the router I need to tighten up on?
Thanks alot for your advice, Walter
Erik Aronesty wrote:
> One way to get infected is to run active-x controls on a web page, which are inherently insecure. Another is to use a program, like outlook express, that autoruns scripts by default. > > I wrote a web page detailing some basic windows security measures: > > http://www.zoneedit.com/msvirus.html > --- > To unsubscribe from the Virus list go to <http://www.lucifer.com/cgi-bin/virus-l>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--
Just when I thought I was out-they pull me back in
Re: virus: could we get it off of our CoV chat server
« Reply #14 on: 2004-03-28 14:39:57 »
Thanks, I've always kept that option off.
I sent the following to the webmaster at Hollywood Video's site. Feel free to cut 'n paste it and use it often. Just change a couple of variables. ------------------------------------
Looking for a title I got "%JavaScript% is required to see this menu" It's not required to search %BLOCKBUSTER'S% titles. :-p It's a security issue. I don't know you, so why would I put you in my "trusted sites" zone? It's not necessary to run %javascripts% or %active-x-scripts% to run an effective commercial website.
Get a clue.
A former customer ------------------------------------
Erik Aronesty wrote:
> Regarding your Linksys... don't use the DMZ setting. > <snip>
--
Walter Watts Tulsa Network Solutions, Inc.
"Pursue the small utopias... nature, music, friendship, love" --Kupferberg--