Re: * informant * Stolen Password! (AOL)

krusinon Thu, 09 Nov 2000 21:27:05 -0800

Bug in the software you say? Here are my 56k dial-up AOL 6.0 shield and
port tests from grc.com (no firewall in use.) I have never been truely
"hacked" or known of anyone thats been truely "hacked" on AOL. I HAVE helped
over 100 people recover from their "ooops" d/l of a trojan PWStealer over the
years. I even d/l a trojan and ran it myself years ago but thru knowing how
my PC should act, I caught it with no harm done.

While I'm talking about AOL, I feel it necessary to comment on the on-going
SPAM mail myths. I've been on AOL since early '92 and have never used any of
the blocks for unsolicited mail they offer (actually i have on my daughters
screen name.) I did go into preferences screen and check that i did not wish
to receive marketing, either from AOL or partners along with checking that i
did not wish to receive pop-up ads at sign-on. The outcome you ask? Though
I've used the same screen name (KrusinOn) in hundreds of chat rooms and
message boards AND signed up for many "give-aways" at sites of reputable
companies, I receive only 3-5 e-mails per month which can be called spam.
Additionally, I have an Earthlink dial-up account that i have had for about a
year. I have NEVER used that address to send or request mail from anyone,
anywhere. Oddly enough, I am currently receiving approx. 30 spam mails a
week. (This is provided by my employer for the record.)

Say what you will but these are facts.

Sterling

Attempting connection to your computer.�.�.
Shields UP! is now attempting to contact the Hidden Internet Server within
your PC. It is likely that no one has told you that your own personal
computer may now be functioning as an Internet Server with neither your
knowledge nor your permission. And that it may be serving up all or many of
your personal files for reading, writing, modification and even deletion by
anyone, anywhere, on the Internet!

Please Note: On highly secure systems this may take up to one minute.�.�.

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard
Internet behavior requires port connection attempts to be answered with a
success or refusal response. Therefore, only an attempt to connect to a
nonexistent computer results in no response of either kind. But YOUR computer
has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents
advanced computer and port stealthing capabilities. A machine configured in
this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is
very uncommon for a Windows networking-based PC.) Relative to vulnerabilities
from Windows networking, this computer appears to be VERY SECURE since it is
NOT exposing ANY of its internal NetBIOS networking protocol over the
Internet.

====================================

Port