PDA

View Full Version : Serious warning to everyone.



adrianxw
08-03-2002, 01:51 PM
People, please remember that when someone, whoever, however friendly sounding, suggests you download an .exe and run it, YOU ARE AT RISK.

We have had someone, (the ubiquitous "Unregistered"), post an .exe on the boards here, which while not apparently having been run by anyone, has been analysed and suggest that the "game" being offered was anything but.

If the particular "Unregistered" reads this, we, of course, have your address and details and are considering our response.

As always, be good, but if you can't be good, make sure you are at least careful.

endo
08-03-2002, 01:58 PM
No more help for Mr Unregistered from me.

dbaryl
08-03-2002, 02:07 PM
Keep in mind, not one person posts as the Unreg., so it wouldn't be fair to punish them by not helping. If everyone just did their part and "be good, but if you can't be good, make sure you are at least careful" - this won't be a problem.

endo
08-03-2002, 02:12 PM
I wasn't completely serious, but I usually just go ahead and run executables straight away. Not now. What was in this .exe anyway? Did it just delete someones harddrive or something?

face_master
08-03-2002, 05:23 PM
>> If the particular "Unregistered" reads this, we, of course, have your address and details and are considering our response.

What type of details? Their ip address or their home address? How the hell would you get their home address? I could get where their ISP is located from their ip, but thats it.

adrianxw
08-03-2002, 06:41 PM
>>> Did it just delete someones harddrive or something?

As far as I know, nobody ran the .exe. There are indications that the program was trying to do a lot. I would prefer not to give any details at this time.

If anyone did run it, PM a mod.

face_master:

The IP and timing information is enough to begin a formal investigation.

fletch
08-03-2002, 06:44 PM
The American Registry for Internet Numbers (http://www.arin.net/index.html) can give contact information for the ISP. Contact the ISP with the date, time, and IP address (which'll be in the web server logs somewhere), and they can tell you exactly who and where. The ISP probably isn't just going to hand out their subscribers addresses, but if you had a legitimate complaint, I'm sure they'd help you out.

Another neat site for this type of thing is Visualware's VisualRoute (http://visualroute.visualware.com/).

fletch

Commander
08-03-2002, 06:52 PM
ISPs don't do ****! I emaied and called more then 6 ISP in canada/us/Germany/aust giving them the IP address and the time but they didn't do ****.

-KEN-
08-03-2002, 07:00 PM
Originally posted by Commander
ISPs don't do ****! I emaied and called more then 6 ISP in canada/us/Germany/aust giving them the IP address and the time but they didn't do ****.

True...

fletch
08-03-2002, 07:30 PM
ISPs don't do ****! I emaied and called more then 6 ISP in canada/us/Germany/aust giving them the IP address and the time but they didn't do ****.I stand corrected :D I've never had to deal with an ISP on that level. Did you contact them as a individual, or as an employee of another ISP? I could see where an ISP might be somewhat reticent when dealing with some random person who calls them up out of the blue...after all, they don't know you and the world is full of wackos...but you'd think that they'd help out a fellow ISP. I guess not though.

fletch

golfinguy4
08-03-2002, 08:32 PM
What board was this on?

Klinerr1
08-03-2002, 10:12 PM
help the unregistered but dont dontload executable files or zip files from them. thats my rule of thumb.(and im careful around people whos have small profile wich lacks info)

vasanth
08-03-2002, 10:39 PM
well what was it.. is it that TOP SECRET.. was it a trojan or something.......

vasanth
08-03-2002, 10:44 PM
I feel it might have benn a work of a registered user who know how stuffs work here.. So i suggest you compare the Idiots ip with all the others..(memebrs).. So we can get a rough idea who did it...

civix
08-03-2002, 11:36 PM
Good Idea, Vasanth!

Shadow
08-03-2002, 11:54 PM
Hey, I believe I replied to that thread.
Was it recently?

I said something to the point of:
"Most people will not willingly download executables they know nothing about."

Troll_King
08-04-2002, 01:24 AM
Even if I ran the application it would do nothing. I'm running Linux.

nvoigt
08-04-2002, 04:22 AM
Shadow, you did the right thing and warned others not to open executable files without further information.

We have all information needed, so we will probably take action.

vasanth
08-04-2002, 06:15 AM
Take action in the sense is it legal action.... And can you please share the info with us abot the person who did it.. We are intrested to know who did it...

Shadow
08-04-2002, 01:16 PM
> We have all information needed, so we will probably take action.
I don't need to know anything about the the poster's origin.
I will continue with my daily posting activities in confidence that our moderators will handle this issue accordingly.

I hope you guys figure something out.

adrianxw
08-04-2002, 01:23 PM
Vasanath:

>>> So i suggest you compare the Idiots ip with all the others..(memebrs)..

Hmmm, I guess that might not have occurred to us!!! In truth, it is not that easy with vBulletin. The old UltraBoard system allowed us to do this with the board search option - was very useful, and sadly missed. Another fact is that many ISP's use dynamically allocated IP's, thus an exact match might not be the same person, and no matches proves nothing.

endo
08-04-2002, 01:28 PM
Originally posted by adrianxw
>>> Did it just delete someones harddrive or something?

As far as I know, nobody ran the .exe. There are indications that the program was trying to do a lot. I would prefer not to give any details at this time.



I thought you'd say that, I'd have said the same thing.

vasanth
08-05-2002, 07:53 AM
Well thats the problem.. IO's change.. but only the last digit.. in case he is on broad band then the ip might be the same.. Well just a tip.. But in case it is a problem to get the ip's then sometin else needs to be done.. Is it possible that attachements can be scanned for viruses before allowing them for download..(Like in hotmail where it automatically scans'');

Fordy
08-05-2002, 08:24 AM
Originally posted by adrianxw
Vasanath:

>>> So i suggest you compare the Idiots ip with all the others..(memebrs)..

Hmmm, I guess that might not have occurred to us!!! In truth, it is not that easy with vBulletin. The old UltraBoard system allowed us to do this with the board search option - was very useful, and sadly missed.

This board will do that too.....but you need to be an admin....