Quoting myself: ---------------
Rule #1 Never use Outlook Express Troyan solved. Period. Rule #2 Kill anithing unknom from memory (use Wininternal Administrator pack if need to log file and register access is paranoid enough) Keystroke solved. Period. Rule #3 Use Linux for server Problem solved. Period. Of course, you need a brain, rules where only hints. PM> Therein lies the rub of 'telecommuting' and being able to work easily PM> sometimes. I know I've been in environments where the only option was to PM> turn off the 'real time' virus protection, because some products on the PM> market trigger while compiling (a lot of file access and it would check PM> each one), slowing the machines down beyond workability -- in our case our PM> 800 MHz machines compiled code slower than 200 MHz machines are capable of. PM> Or other environments on the other end, where the programmers couldn't work PM> because they didn't have sufficient access on their machines to debug PM> processes they didn't start (really that was a misconfiguration I now know, PM> but most Windows programmers have been taught they need to be admin on the PM> local machine to work - that's not true but you do need some elevated PM> rights in some cases). PM> All of us know source code control is vital, and we back it up, but how PM> often do we consider how easy it would be to compromise from the outside? PM> What a crappy thing to have happened.. while I'd be less concerned about PM> serious competitors using the information (too easy to prove and end up PM> losing at court over), it's more disconcerting to see what use idiot script PM> kiddies and cheat 'h4x0rs' make of the information.. sigh. PM> At 05:35 PM 10/2/2003 -0500, you wrote: >> > "1) Starting around 9/11 of this year, someone other than me was accessing >> > my >> > email account. This has been determined by looking at traffic on our email >> > server versus my travel schedule." >> > >> > Im lost... Why did he not change his password? >> >>Because hindsight is 20/20. I would bet that Gabe only recently (today) >>discovered that someone was using his e-mail account, otherwise he surely >>would have changed his password and/or disabled his e-mail account until >>things could be investigated further. >> >>It's so commonplace today for people to expect their Windows computers to do >>strange things and usually the first thought is "I have a virus". Run a >>virus scanner and if it doesn't detect anything, then your machine must not >>be infected, right? <sarcasm>After all, how could you get a virus that no >>body else knows about?</sarcasm> >> >>I'm sure with all the flurry of activity in the last couple of months for >>Valve, and Gabe being on the road so much, that nobody really thought twice >>about spending the time to throughly investigate why Gabe's computer was >>acting weird. Even worse, I would bet that the virus spread itself to other >>machines, so that even if Gabe did reformat his machine and get it clean >>again, as soon as he accessed one of the infected machines, it was back on >>his machine again. Sometimes those little buggers are REAL hard to get rid >>of, especially in a corporate network environment. >> >>I feel for the Valve guys and I know how difficult it can be to create >>secure networks yet still allow internal people to access the external >>resources that they need on a day-to-day basis. Being a network >>administrator is not an easy job and there's probably not much the network >>admins could have done in this case anyway. >> >>Perhaps Valve will restructure their internal network so that the "family >>jewels" never sit on a machine that has any kind of external Internet >>access. It makes development tasks more of a pain, but in does help to >>prevent security breaches. >> >>Jeffrey "botman" Broome _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
