Thread: I feel sorry for...

  1. #31
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    do me a favor osk... run

    nestat -a

    from a command prompt and see what is established or listening, and let us know.
    Blue

  2. #32
    Former Member
    Join Date
    Oct 2001
    Posts
    955
    >>Do you dissassemble all of the software your friends send you? Wow... I would rather run updated virus software.

    well, yeah, but this is not an everyday process because I normally don't get any software from my friends. What friend send is documents, and I have antivirus for that, and I open the macros just to make sure there's no nasty stuff in there.

    But, let me tell you how I got the virus that wiped out my pc 3 days ago: My brother was working on a 60 page document he had to turn in the next day. The computer ****ed up and he reset the computer. Unfortunately for us, the disk had a MBR virus, and it infected the hard drive. when the antivirus software I have told me that we had a virus, I told it to fix it (I first didn't, but Widows didn't start), and the Antivirus erased the MBR!, I can't beleive it, it also screwed up the file system and split the disk in 2!

    but that's different because I wasn't the one who was responsible for it.

    Oskilian

  3. #33
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    Oh man... that really sucks! Did you try to restore the MBR with fdisk?
    Blue

  4. #34
    &TH of undefined behavior Fordy's Avatar
    Join Date
    Aug 2001
    Posts
    5,793
    >>>eg: nakedchick.jpg.shh will apear as nakedchick.jpg and shh is actually an executable file that can contain malicious code


    Cool. You learn something new every day. You got to hand it to some people.... so many clever ones.
    Here's a good one....I think this applied to a version of OE...but I cant remember.....anyway... some guy realised that if you create a file name with

    "Hello.doc ::loads of spaces here:: evilcode.exe"

    The last bit would not be visible in the dialog box.... therefore they would see;

    "Hello.doc"

    Of course, it would often have the bog standard .exe icon in that state, but still.... many ran it....

  5. #35
    Former Member
    Join Date
    Oct 2001
    Posts
    955
    >do me a favor osk... run

    nestat -a <

    what am I looking for? I have some TCP connections listening, I have 10 connections in ati.com, I have the messenger cennection, two at hotmail.two at cprog, some UDP's, all idle and another TCP which runs some software I made.

    Oskilian

  6. #36
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    Hey... that is a good one too.
    Blue

  7. #37
    Former Member
    Join Date
    Oct 2001
    Posts
    955
    Originally posted by Betazep
    Oh man... that really sucks! Did you try to restore the MBR with fdisk?
    yeah, but no good, I finished recovering the data with a unix computer and saved all I needed. then I reinstalled Windows. no big harm done. as for my brother's work, I saved it and he was able to turn it in one day later

    Oskilian

  8. #38
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    You have 10 ESTABLISHED connections to ati.com? That is interesting.

    Watch those listening ports. If any of them say established over the next week and you shouldn't be connected to anything. There you go...

    I think that knowing your connections is part of the 'being careful' that you talk of.

    I run netstat from time to time just to see what is up.
    Blue

  9. #39
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    if you do

    netstat -a 3

    it will keep running over and over with a three second delay in between loops (until you hit CTRL C).

    I have mine looping right now. I am on a cable modem. I have no listening ports and two connections to cprogramming.com.
    Blue

  10. #40
    Former Member
    Join Date
    Oct 2001
    Posts
    955
    10 connections to ati.com, I'm downloading my drivers with Mass Downloader (Very good software)

    as for netstat, I run it every once in a while, but I dodn't know you could do netstat -a , I always get bored before it ends!

    is there a more graphical version of netstat?

    thnks for the advice

    Oskilian
    Last edited by oskilian; 11-24-2001 at 10:23 PM.

  11. #41
    /dev/null
    Guest
    you could try a port monitor...

  12. #42
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    If you are familiar with lsof for nix, you might like this for windows... it is similar

    http://www.ntsecurity.nu/toolbox/inzider/

    You can find out what applications are holding your ports open in the listening state...
    Blue

  13. #43
    the hat of redundancy hat nvoigt's Avatar
    Join Date
    Aug 2001
    Location
    Hannover, Germany
    Posts
    3,130
    Just one thought for all those who rightly claim that firewalls are not good enough to protect from hackers:

    I don't have anything on my PC you can't get by hacking my neighbour or connecting to me with a filesharing tool. There is no reason to hack me instead of the next guy. Know the story of the dragon and the halfling ? You and a halfling are out to kill a dragon. He's alot bigger and meaner than you thought. You run. Remember: You don't have to outrun the dragon. You just need to outrun the halfling.
    hth
    -nv

    She was so Blonde, she spent 20 minutes looking at the orange juice can because it said "Concentrate."

    When in doubt, read the FAQ.
    Then ask a smart question.

  14. #44
    _B-L-U-E_ Betazep's Avatar
    Join Date
    Aug 2001
    Posts
    1,412
    >>>Remember: You don't have to outrun the dragon. You just need to outrun the halfling.

    Exactly...

    I am in the business of security. I design and impement physical electronic security systems for some pretty hefty organizations (government agencies, et al). The one thing that I have learned through the years is that the criminals don't go for the hardest target. They go for the weakest link.

    Two convenience stores sitting on the same street. One is decked out with High grade Video Motion Detection Systems, balance magnetic sensors, remote recording, and an armed security guard. The other has nothing. Who gets robbed.

    Security in the computer industry is the same... I know you guys have different opinions about that. I have heard the whole, "if you are a harder target, hackers will see you as a challenge." Well that theory is contrary to what I learned in my Unix classes, in my comp security classes, etc etc for which I have a degree in now.

    Good system Admins try to secure their boxes to the fullest extent and hope that they will be passed over by the uber hacker for easier meat. That is a general consensus.

    My unix teacher was and still is the Chief Computer Security Specialist for goverment agencies in the Pacific. Not once did he tell me that having some measure of security for my computer is a bad thing. On the contrary, he said to do all I can to the best of my ability to protect my computer.

    Then again, my home computer isn't at fort knox.... so I really don't care that much at home, but just the same bouncing can cost a lot... especially, for example, with the SYN DOS proggy that attacked all those websites a while back.

    My advice... take it or leave it... is to protect yourself where you can. Hopefully, you will do it all in vain and nobody will ever attack you. Just think of the the things you might learn from the experience tho...
    Last edited by Betazep; 11-25-2001 at 04:02 AM.
    Blue

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. When you don't feel like reading\programming..
    By Brain Cell in forum A Brief History of Cprogramming.com
    Replies: 21
    Last Post: 03-03-2005, 06:32 PM
  2. Feel Like An Idiot
    By golfinguy4 in forum A Brief History of Cprogramming.com
    Replies: 22
    Last Post: 07-04-2003, 12:45 PM
  3. Feel Guilty..
    By vasanth in forum A Brief History of Cprogramming.com
    Replies: 11
    Last Post: 01-22-2003, 03:00 PM
  4. feel free to laugh at my code!
    By JimJamJovi in forum C Programming
    Replies: 4
    Last Post: 01-11-2002, 04:40 AM