Re: worms worms worms
On Mon, 18 Aug 2003, Joel Hammer wrote: From a desktop perspective, everybody uses office. Unfortunately, everybody also uses some other task specific app without which, the job cannot be done. Office functionality is crucial but it as only the first step. I must agree. Try getting your new USB PDA to sync with linux. Try using up to date versions of the software instead of the old, buggy crap that ships in lindows. I finally succeeded after great effort. No business in its right mind Yea, i hear that apt-get thing is really painful time consuming. would waste the time. Worthy of note is the the pilot-xfer (crucial for connectivity) forum seems to be dead. I am subscribed and have seen one or two letters in the past month. That's prolly cause the thing just works(tm) assuming that you've read the dox. Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. So, until linux gets the hardware support problems figured out, which it never will until the hardware vendors decide linux is worth supporting, linux on the desktop will be confined to a few techophils. The only hope is that in Asia linux might catch on. If so, maybe the hardware vendors will support linux. Of course, since MS software is almost free in Asia due to widespread piracy, I am not holding my breath. Joel ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users -- ~~ Lonni J Friedman[EMAIL PROTECTED] Linux Step-by-step TyGeMo http://netllama.ipfox.com ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Net Llama wrote inter alia: Yea, i hear that apt-get thing is really painful time consuming. Well, if you do a complete KDE upgrade with a dial-up connection it can be a bit time consuming. As far as painful goes, there are some people who might disagree. -- Leon A. Goldstein Powered by Libranet 2.8 Debian Linux System LI ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
burns [EMAIL PROTECTED] 17 Aug 2003 23:56:28 -0400 On Sun, 2003-08-17 at 18:49, Alma J Wetzker wrote: see that doesn't happen. What busines apps do we have for linux that make people want to run linux so that they can use that application? Office? Spice? Photoshop? What do we have that is close? I would hardly classify Photoshop as a major business app for anything but the graphics market. It's not really a mainstream cubicle app in the same way that MS Office is. Linux has chosen to chase the server market rather than expending most of its energy on the desktop where Windows has a stranglehold. Notwithstanding that, the Gnome and KDE folks continue to move the yardsticks month after month. As far as office productivity apps go, Star Office has shed some of its bloat and Open Office has emerged as a winner. Collaborative calendaring is now available in a fairly polished and attractive form, Outlook clones exist (e.g. Ximian Evolution)and spreadsheet applications are no longer a poor etch-a-sketch drawing. In fact, if you really wanted to, this year there is no good reason why you couldn't switch your office over seamlessly to a Linux desktop. With KDE, even the conversion training would be minimal because it is so similar to Windows. From a desktop perspective, everybody uses office. Unfortunately, everybody also uses some other task specific app without which, the job cannot be done. Office functionality is crucial but it as only the first step. I applaud the decision to target server apps first. It makes the most sense and it is easiest to accomplish. Micro$oft wants to go from the desktop to the server. linux wants to go from the server to the desktop. Nothing gives me more pleasure than to reverse the M$ business model. (I have a dream of writing a SAP-like application for distribution businesses for linux but I just don't have the time with going to school right now.) Eh, Ummm... http://www.sap.com/company/press/press.asp?pressID=39 http://www.sap.com/linux/news.asp http://www.oracle.com/ip/deploy/database/theme_pages/index.html?linux_02032003.html http://www-3.ibm.com/software/data/db2/linux/ http://www-1.ibm.com/servers/eserver/zseries/library/specsheets/websphere_as_linux.html http://www-3.ibm.com/software/tivoli/products/sys-auto-linux/library.html Or did you mean dot Net, perhaps? ;o) I actually meant what I said. Most of the initiatives above started somewhere other than distribution and have added it so that a checkmark could be put on their features list. Building a distribution centered application with things like manufacturing and accounting added on could be real benefit. All it takes is time... -- Alma ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
burns [EMAIL PROTECTED] 18 Aug 2003 00:02:26 -0400 On Sun, 2003-08-17 at 19:06, Alma J Wetzker wrote: every executive I have ever met will spit nails about downtime and the cost to the company until you tell them how much it will cost to fix it. Then the executive goes away, until next time. That's the business we're in and I can tell you that it depends on you're approach. Nobody spends money on technology just because anymore. You have to frame it in a credible rationalized business case, comparing the cost of making the system improvements, vs the risk, vs the cost of NOT doing it. This is where we as technologists get lazy and usually fail. Suits are nothing if not predictable. Show them where they can reduce risk and save money and they WILL listen. Tell them about neat technology that is better and their eyes glaze over. I used to live between the techs wanting neat technology and the execs wanting to not spend money. I was pretty succesful about getting what we needed except on two topics; downtime and time testing patches. Downtime was rare enough on the busines systems that they were impervious to requests to spend to prevent it. Patches they never understood, Why do you need to test it? It is already installed! -- Alma ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
From a desktop perspective, everybody uses office. Unfortunately, everybody also uses some other task specific app without which, the job cannot be done. Office functionality is crucial but it as only the first step. I must agree. Try getting your new USB PDA to sync with linux. I finally succeeded after great effort. No business in its right mind would waste the time. Worthy of note is the the pilot-xfer (crucial for connectivity) forum seems to be dead. I am subscribed and have seen one or two letters in the past month. Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. So, until linux gets the hardware support problems figured out, which it never will until the hardware vendors decide linux is worth supporting, linux on the desktop will be confined to a few techophils. The only hope is that in Asia linux might catch on. If so, maybe the hardware vendors will support linux. Of course, since MS software is almost free in Asia due to widespread piracy, I am not holding my breath. Joel ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Mon, 2003-08-18 at 17:16, Alma J Wetzker wrote: I actually meant what I said. Most of the initiatives above started somewhere other than distribution and have added it so that a checkmark could be put on their features list. Building a distribution centered application with things like manufacturing and accounting added on could be real benefit. All it takes is time... YMMV. But I find Oracle's Supply Chain Management in their eBusiness/CRM suites to be pretty much what you have described - and more. I am less familiar with SAP (although we do have people who are specialists), but I believe it has received some mixed reviews. Bottom Line: You are encouraged to contribute any code that will enhance the business/enterprise suitability of the Linux environment. Just don't tell SCO. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Mon, 2003-08-18 at 17:28, Joel Hammer wrote: Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. Most medium to large businesses and enterprise environments don't use inkjets - these are pretty much confined to the personal and SoHo market. OTOH, most workgroup business laser printers are pretty well represented. Perhaps there's a reason for that... -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Mon, 2003-08-18 at 17:25, Alma J Wetzker wrote: I used to live between the techs wanting neat technology and the execs wanting to not spend money. I was pretty succesful about getting what we needed except on two topics; downtime and time testing patches. Downtime was rare enough on the busines systems that they were impervious to requests to spend to prevent it. Patches they never understood, Why do you need to test it? It is already installed! After a short break, on the 8th day the Lord invented staging environments. And verily they were wise that used them, even if the scribes and elders knew not. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
RE: worms worms worms
burns wrote: On Mon, 2003-08-18 at 17:28, Joel Hammer wrote: Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. Most medium to large businesses and enterprise environments don't use inkjets - these are pretty much confined to the personal and SoHo market. OTOH, most workgroup business laser printers are pretty well represented. Perhaps there's a reason for that... On the other hand, she wore a glove. No, uhm, oh, yeah, printers. I've never had any trouble with my (somewhat elderly) HP 600c inkjet printer. Red Hat 6.x and SuSE 7.x 8.x all recognized it right off and set things up accordingly. In Harmony's Way, and In A Chord, Tom :-}) Thomas A. Condon Barbershop Bass Singer Registered Linux User #154358 Interfere not in the business of Dragons, For you are crunchy when flamed and taste good. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Quoth burns: On Mon, 2003-08-18 at 17:25, Alma J Wetzker wrote: I used to live between the techs wanting neat technology and the execs wanting to not spend money. I was pretty succesful about getting what we needed except on two topics; downtime and time testing patches. Downtime was rare enough on the busines systems that they were impervious to requests to spend to prevent it. Patches they never understood, Why do you need to test it? It is already installed! After a short break, on the 8th day the Lord invented staging environments. And verily they were wise that used them, even if the scribes and elders knew not. And The Lord saw the staging environments, and She said, They are Good. Go and do thou likewise. Kurt -- The light at the end of the tunnel is the headlight of an approaching train. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Mon, 18 Aug 2003 16:09:36 -0700 Condon Thomas A KPWA [EMAIL PROTECTED] wrote: burns wrote: On Mon, 2003-08-18 at 17:28, Joel Hammer wrote: Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. Most medium to large businesses and enterprise environments don't use inkjets - these are pretty much confined to the personal and SoHo market. OTOH, most workgroup business laser printers are pretty well represented. Perhaps there's a reason for that... On the other hand, she wore a glove. No, uhm, oh, yeah, printers. I've never had any trouble with my (somewhat elderly) HP 600c inkjet printer. Red Hat 6.x and SuSE 7.x 8.x all recognized it right off and set things up accordingly. Good support for my Lexmark Z53. Lexmark even provides linux versions of the support modules (check ink levels, align cartridges, etc.) -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Mon, Aug 18, 2003, Collins Richey wrote: On Mon, 18 Aug 2003 16:09:36 -0700 Condon Thomas A KPWA [EMAIL PROTECTED] wrote: burns wrote: On Mon, 2003-08-18 at 17:28, Joel Hammer wrote: Then, there is the almost complete lack of vendor support for inkjet printers. And, those multifunctional printers/fax/scanners. There is no support for these in linux. Most medium to large businesses and enterprise environments don't use inkjets - these are pretty much confined to the personal and SoHo market. OTOH, most workgroup business laser printers are pretty well represented. Perhaps there's a reason for that... On the other hand, she wore a glove. No, uhm, oh, yeah, printers. I've never had any trouble with my (somewhat elderly) HP 600c inkjet printer. Red Hat 6.x and SuSE 7.x 8.x all recognized it right off and set things up accordingly. I've never played with any of the all-in-one devices, figuring that they try to do everything, and don't do any of them very well. As for the splatjets, Epson is probably the best supported. HP provides drivers for theirs, although I've found them a bit more difficult to configure than the Epsons, at least on SuSE 8.[12]. Good support for my Lexmark Z53. Lexmark even provides linux versions of the support modules (check ink levels, align cartridges, etc.) I too have a Z53, and originally used their drivers. The gimp-print drivers are significantly better than LexMark's though. The downside of LexMark is that they try very hard to prevent third party ink cartridges from working. Their laser printers are excellent though. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``The children who know how to think for themselves spoil the harmony of the collective society that is coming, where everyone would be interdependent.'' 1899 John Dewey, educational philosopher, proponent of modern public schools. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
I use the lexmark z53, too. It is great with linux. However, I haven't seen any other printers with such specific support for linux. I hope there are more around. Joel On Mon, Aug 18, 2003 at 06:02:52PM -0600, Collins Richey wrote: Good support for my Lexmark Z53. Lexmark even provides linux versions of the support modules (check ink levels, align cartridges, etc.) ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On 16 Aug 2003 04:23:29 -0400 burns [EMAIL PROTECTED] wrote: Code that causes this much disruption of commerce is anything but benign. These are more than just the digital equivalent of a rck thrown through a window, they suck up huge amounts of bandwidth, both as people attempt to deal with them and for the fact that many carry DDoS elements, plus they cause significant loss in productivity. The people that write and launch these programs in the wild should caught and forced to do something really unpleasant for a very long time. I wouldn't argur this fact. What I am saying is that the Windows world ain't seen nothing yet. So far we have seen disruption, a little DOS here and there (and the list of totally fscked companies is long and distinguished). I'm not saying this isn't very disruptive and hugely problematic (especially since I believe the power grid thing is related :) But so far I'm not in fear for my credit card numbers, my mortgage information, and many other things that could be put in danger. Disruption, however unsettling and unpleasant, is such a minor use of the technology of these worms. Imagine if the writers had truely malignant purposes.,. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Collins Richey [EMAIL PROTECTED] Sat, 16 Aug 2003 19:18:15 -0600 On Sat, 16 Aug 2003 19:42:26 -0500 Alma J Wetzker [EMAIL PROTECTED] wrote: [ other stuff snipped - see the thread for details ] I agree with the sentiment but the reality is much harsher. Most linux apps just aren't up to their windoze counterparts. This is especially true for personal productivity apps. The server stuff is much closer. It would help to know exactly what you mean by personal productivity apps. There are still functions that I need for school reports that I have not found in Koffice or Open Office. Adobe Photoshop can be simulated but it is a kludge. I can't find anything like a recent or complete version of spice. My version of xine tends to pause every once in a while. Is there a quickbooks like app that is well supported? Personal productivity apps, to me, are the horizontal apps that any business person would use for documents to spreadsheets all the way to the business/department specific functions that users would run in the course of a typical week ON THEIR PERSONAL MACHINE. All of this is true, but companies have to deal with the (negative) business payoff of loosing business productivity and/or data every time a script kiddo comes up with a new worm. There is a also big business payoff in terms of licensing fees. every executive I have ever met will spit nails about downtime and the cost to the company until you tell them how much it will cost to fix it. Then the executive goes away, until next time. The only true option to pursue for linux desktop adoption is to continue interoperability plans with the M$ network du jour (com, dcom, .net...) and start building functionality into linux friendly architectures. It requires long term thinking and a dedication to the strategy. It also requires better personal productivity apps. One thing that would help (I've mentioned this frequently) would be for the major open source support products (glibc, gcc, and the desktop products like kde and gnome, perhaps even the kernel) to stop the practice of changing the interfaces and releasing non-compatible new versions every couple of years. even Microsoft has been cured of this churn of API's and standards (I know they do have relapses but they are learning to kick the habit.) There is a dearth of long term thinking in the business world. How to cook the books for the current quarter is about as long term as it gets. Bingo! -- Alma ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sun, 2003-08-17 at 18:49, Alma J Wetzker wrote: see that doesn't happen. What busines apps do we have for linux that make people want to run linux so that they can use that application? Office? Spice? Photoshop? What do we have that is close? I would hardly classify Photoshop as a major business app for anything but the graphics market. It's not really a mainstream cubicle app in the same way that MS Office is. Linux has chosen to chase the server market rather than expending most of its energy on the desktop where Windows has a stranglehold. Notwithstanding that, the Gnome and KDE folks continue to move the yardsticks month after month. As far as office productivity apps go, Star Office has shed some of its bloat and Open Office has emerged as a winner. Collaborative calendaring is now available in a fairly polished and attractive form, Outlook clones exist (e.g. Ximian Evolution)and spreadsheet applications are no longer a poor etch-a-sketch drawing. In fact, if you really wanted to, this year there is no good reason why you couldn't switch your office over seamlessly to a Linux desktop. With KDE, even the conversion training would be minimal because it is so similar to Windows. (I have a dream of writing a SAP-like application for distribution businesses for linux but I just don't have the time with going to school right now.) Eh, Ummm... http://www.sap.com/company/press/press.asp?pressID=39 http://www.sap.com/linux/news.asp http://www.oracle.com/ip/deploy/database/theme_pages/index.html?linux_02032003.html http://www-3.ibm.com/software/data/db2/linux/ http://www-1.ibm.com/servers/eserver/zseries/library/specsheets/websphere_as_linux.html http://www-3.ibm.com/software/tivoli/products/sys-auto-linux/library.html Or did you mean dot Net, perhaps? ;o) -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sun, 2003-08-17 at 19:06, Alma J Wetzker wrote: every executive I have ever met will spit nails about downtime and the cost to the company until you tell them how much it will cost to fix it. Then the executive goes away, until next time. That's the business we're in and I can tell you that it depends on you're approach. Nobody spends money on technology just because anymore. You have to frame it in a credible rationalized business case, comparing the cost of making the system improvements, vs the risk, vs the cost of NOT doing it. This is where we as technologists get lazy and usually fail. Suits are nothing if not predictable. Show them where they can reduce risk and save money and they WILL listen. Tell them about neat technology that is better and their eyes glaze over. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Thu, 2003-08-14 at 20:49, Matthew Carpenter wrote: These worms are so benign it's pathetic. If only the Windows world realized just how much peril they could be in! So far we've only really had worms that self-propagate and then did some token act to prove that they weren't gay. But how many CodeRed and NIMDA machines could have had a format c: in them? And this one? Wow, it's REALLY benign. Replicate then throw some traffic against Microsoft. Again, this genre of Worm hasn't yet left the Proof Of Concept phase yet. And they're really missing some opportunity to do some real damage. This one is really bad because you know it immediately when you're whacked. Not like the previous few which secretly spread and kept spreading while admins were none-the-wiser Code that causes this much disruption of commerce is anything but benign. These are more than just the digital equivalent of a rck thrown through a window, they suck up huge amounts of bandwidth, both as people attempt to deal with them and for the fact that many carry DDoS elements, plus they cause significant loss in productivity. The people that write and launch these programs in the wild should caught and forced to do something really unpleasant for a very long time. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
I must disagree. This worm writer has performed a great public service. Making people patch their computers. MS should be writing worms like this. Joel The people that write and launch these programs in the wild should caught and forced to do something really unpleasant for a very long time. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, 16 Aug 2003 09:17:09 -0400 Joel Hammer [EMAIL PROTECTED] wrote: I must disagree. This worm writer has performed a great public service. Making people patch their computers. MS should be writing worms like this. I know a lot of folks who don't want to patch their computers because some of these patches come with changed EULAs they don't want to accept. Unfortunately, they also can't change over to Linux because some programs they use/need are only written for M$. Catch-22. Isolating these systems off-network is also not an option since many folks need to share the hundreds of files used by these systems with offices in different countries. Basically, they're screwed and just have to make do. So they spend thousands hoping the anti-virus folks can keep up (which they can't). A really lamentable situation. Ciao, David A. Bandel -- Focus on the dream, not the competition. Nemesis Racing Team motto GPG key autoresponder: mailto:[EMAIL PROTECTED] pgp0.pgp Description: PGP signature ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, 16 Aug 2003 08:57:12 -0500 David A. Bandel [EMAIL PROTECTED] wrote: I know a lot of folks who don't want to patch their computers because some of these patches come with changed EULAs they don't want to accept. Unfortunately, they also can't change over to Linux because some programs they use/need are only written for M$. Catch-22. Isolating these systems off-network is also not an option since many folks need to share the hundreds of files used by these systems with offices in different countries. Basically, they're screwed and just have to make do. So they spend thousands hoping the anti-virus folks can keep up (which they can't). A really lamentable situation. The essential situation is this. Using M$ products is a recipe for disaster (when will the latest worm strike again?), in spite of the fact that some of the products provide a useful function that is frequently more user friendly than almost equivalent open source products. So how does one convince users that they need to look for ways to divest themselves of the products they feel (some truth, some ignorance) they cannot do without? There are solutions in most cases, but most users are so locked into the M$ mentality that they won't even make the effort. -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
The usefulness of a site like ShieldsUp is that it gives you the ability, from inside, to initiatate a test from outside, to see if that firewall you just put up is working. If there is a better such site available, I'd sure like to know about it. I use a shell account on an external box for this... i.e. dialup to the internet putty/ssh to my ADSL connected linux box and then run nmap against the new network/host -- James McDonald Systems Engineer Singleton NSW Australia 61+ (0)2 6570 1556 (bh) 61+ (0)2 6571 2401 (ah) 61+ 0428 320 219 (mob) ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Joel Hammer wrote: Thanks for the scan. These ports I expected to be open, except for 1024 (kdm). I just wonder why ShieldsUp didn't detect these ports. I have noticed most scanners tend to do the well known ports if you scanned every port it would take a long time. so they mostly look at the well knowm vulnerable ports i.e. 21, 25, 80, 135, etc. -- James McDonald Systems Engineer Singleton NSW Australia 61+ (0)2 6570 1556 (bh) 61+ (0)2 6571 2401 (ah) 61+ 0428 320 219 (mob) ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, Aug 16, 2003, Joel Hammer wrote: I must disagree. This worm writer has performed a great public service. Making people patch their computers. MS should be writing worms like this. Microsoft writes the virus. The worms merely take advantage of the myriad security holes in Windows and the Microsoft applications (e.g. Outlook, Office, etc.). Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``Democracy extends the sphere of individual freedom, Democracy attaches all possible value to each man, while socialism makes each man a mere agent, a mere number. Democracy and socialism have nothing in common but one word: equality. But notice the difference: while democracy seeks equality in liberty, socialism seeks equality in restraint and servitude.'' de Tocqueville == 1848 ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, Aug 16, 2003, burns wrote: ... Code that causes this much disruption of commerce is anything but benign. These are more than just the digital equivalent of a rck thrown through a window, they suck up huge amounts of bandwidth, both as people attempt to deal with them and for the fact that many carry DDoS elements, plus they cause significant loss in productivity. The people that write and launch these programs in the wild should caught and forced to do something really unpleasant for a very long The people who deploy Windows systems on the Internet should be held accountable for endangering their organization's data and systems (not to mention lost productivity while waiting for Windows systems to reboot unnecessarily). It's not like these worms are any surprise. I know I've been warning people of the dangers of using Windows on public networks for at least ten years now. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ With Congress, every time they make a joke it's a law; and every time they make a law it's a joke. -- Will Rogers ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, 2003-08-16 at 14:07, Bill Campbell wrote: The people who deploy Windows systems on the Internet should be held accountable for endangering their organization's data and systems (not to mention lost productivity while waiting for Windows systems to reboot unnecessarily). It's not like these worms are any surprise. I know I've been warning people of the dangers of using Windows on public networks for at least ten years now. What you say is true - and if it can be proven that Microsoft has callously endangered their customers' systems - and those customers were not aware of MS's general security limitations beforehand (there is the rub), then they should be sued. But why does that give virus-spawners free rein? Why are we also making excuses for those who knowingly and intentionally cause damage to systems? To offer another analogy: I may be stupid for going to a bad part of town late at night, but that also doesn't change the fact that a person that sticks a knife in that me is still guilty of assault or murder. One person's negligence is not an open excuse for others to damage that person's systems and/or property. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, Aug 16, 2003, burns wrote: On Sat, 2003-08-16 at 14:07, Bill Campbell wrote: The people who deploy Windows systems on the Internet should be held accountable for endangering their organization's data and systems (not to mention lost productivity while waiting for Windows systems to reboot unnecessarily). It's not like these worms are any surprise. I know I've been warning people of the dangers of using Windows on public networks for at least ten years now. What you say is true - and if it can be proven that Microsoft has callously endangered their customers' systems - and those customers were not aware of MS's general security limitations beforehand (there is the rub), then they should be sued. Microsoft is free to sell anything they want, but it's the responsibility of the corporate management to insure they are protecting their company's assets. I'm not aware that ignorance is a valid argument to get out of irresponsible behaviour. It's certainly no secret that Windows systems are insecure, at least amongst computer and networking professionals with a clue (which eliminates most people with MCSE certification). We don't sell Windows to any of our customers, and have always strongly recommended that if they have to use Windows for some applications that they should at least make sure the data's on a secure Unix or Linux platform. We also strongly discourage their using Microsoft Outlook, generally installing Eudora, Sylpheed, or use Netscape for e-mail. But why does that give virus-spawners free rein? Why are we also making excuses for those who knowingly and intentionally cause damage to systems? To offer another analogy: I may be stupid for going to a bad part of town late at night, but that also doesn't change the fact that a person that sticks a knife in that me is still guilty of assault or murder. One person's negligence is not an open excuse for others to damage that person's systems and/or property. I never said it was, but I do say that knowling running Windows on public networks could well be considered as an ``attractive nuisance'' at best, and perhaps akin to maintaining publically accessible machine gun nests given their vulnerability to tools which can be used to disguise the identity of the criminals using them. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ With Congress, every time they make a joke it's a law; and every time they make a law it's a joke. -- Will Rogers ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, 2003-08-16 at 17:59, Bill Campbell wrote: big snip Good Grief, Bill. I think we agree. -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
How about run windows for life? -- Alma burns [EMAIL PROTECTED] 16 Aug 2003 04:23:29 -0400 The people that write and launch these programs in the wild should caught and forced to do something really unpleasant for a very long time. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Collins Richey [EMAIL PROTECTED] Sat, 16 Aug 2003 09:21:20 -0600 On Sat, 16 Aug 2003 08:57:12 -0500 David A. Bandel [EMAIL PROTECTED] wrote: I know a lot of folks who don't want to patch their computers because some of these patches come with changed EULAs they don't want to accept. Unfortunately, they also can't change over to Linux because some programs they use/need are only written for M$. Catch-22. Isolating these systems off-network is also not an option since many folks need to share the hundreds of files used by these systems with offices in different countries. Basically, they're screwed and just have to make do. So they spend thousands hoping the anti-virus folks can keep up (which they can't). A really lamentable situation. The essential situation is this. Using M$ products is a recipe for disaster (when will the latest worm strike again?), in spite of the fact that some of the products provide a useful function that is frequently more user friendly than almost equivalent open source products. So how does one convince users that they need to look for ways to divest themselves of the products they feel (some truth, some ignorance) they cannot do without? There are solutions in most cases, but most users are so locked into the M$ mentality that they won't even make the effort. I agree with the sentiment but the reality is much harsher. Most linux apps just aren't up to their windoze counterparts. This is especially true for personal productivity apps. The server stuff is much closer. The cogent argument for change doesn't address busines use. There is LOTS of custom code running in busines. The life span of that code is 15 - 20 years. Converting to C/Java/Perl/Python/??? is a huge undertaking and has no busines payoff. It also halts improvements for a year or two. No busines on the planet can afford that in todays market. And heaven help the companies that have gone to outsourcing, they have effectively zero say in infrastructure decisions. The only true option to pursue for linux desktop adoption is to continue interoperability plans with the M$ network du jour (com, dcom, .net...) and start building functionality into linux friendly architectures. It requires long term thinking and a dedication to the strategy. It also requires better personal productivity apps. We still have a long way to go before linux is a viable choice for a busines desktop. -- Alma ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, Aug 16, 2003, Alma J Wetzker wrote: ... There are solutions in most cases, but most users are so locked into the M$ mentality that they won't even make the effort. I agree with the sentiment but the reality is much harsher. Most linux apps just aren't up to their windoze counterparts. This is especially true for personal productivity apps. The server stuff is much closer. Linux is great for the server applications, and I have been using *ix desktop applications for years (but how many people actually prefer vi and groff to word processors :-). We're installing quite a few Apple systems running OS X for desktop applications, and it's hard to beat the eMac for cost-effective workstations. I'm going to find it hard to resist buying one of the new dual processor G5s when panther is released. The cogent argument for change doesn't address busines use. There is LOTS of custom code running in busines. The life span of that code is 15 - 20 years. Converting to C/Java/Perl/Python/??? is a huge undertaking and has no busines payoff. It also halts improvements for a year or two. No busines on the planet can afford that in todays market. And heaven help the companies that have gone to outsourcing, they have effectively zero say in infrastructure decisions. Most of the custom applications were originally written for *ix platforms before Microsoft bought several of the major players in Unix accounting software and killed the Unix versions (e.g. RealWorld). Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ Democracy, n.: A government of the masses. Authority derived through mass meeting or any other form of direct expression. Results in mobocracy. Attitude toward property is communistic... negating property rights. Attitude toward law is that the will of the majority shall regulate, whether it is based upon deliberation or governed by passion, prejudice, and impulse, without restraint or regard to consequences. Result is demagogism, license, agitation, discontent, anarchy. -- U. S. Army Training Manual No. 2000-25 (1928-1932), since withdrawn. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Sat, 16 Aug 2003 19:42:26 -0500 Alma J Wetzker [EMAIL PROTECTED] wrote: [ other stuff snipped - see the thread for details ] The essential situation is this. Using M$ products is a recipe for disaster (when will the latest worm strike again?), in spite of the fact that some of the products provide a useful function that is frequently more user friendly than almost equivalent open source products. So how does one convince users that they need to look for ways to divest themselves of the products they feel (some truth, some ignorance) they cannot do without? There are solutions in most cases, but most users are so locked into the M$ mentality that they won't even make the effort. I agree with the sentiment but the reality is much harsher. Most linux apps just aren't up to their windoze counterparts. This is especially true for personal productivity apps. The server stuff is much closer. It would help to know exactly what you mean by personal productivity apps. The cogent argument for change doesn't address busines use. There is LOTS of custom code running in busines. The life span of that code is 15 - 20 years. Converting to C/Java/Perl/Python/??? is a huge undertaking and has no busines payoff. It also halts improvements for a year or two. No busines on the planet can afford that in todays market. And heaven help the companies that have gone to outsourcing, they have effectively zero say in infrastructure decisions. All of this is true, but companies have to deal with the (negative) business payoff of loosing business productivity and/or data every time a script kiddo comes up with a new worm. There is a also big business payoff in terms of licensing fees. The only true option to pursue for linux desktop adoption is to continue interoperability plans with the M$ network du jour (com, dcom, .net...) and start building functionality into linux friendly architectures. It requires long term thinking and a dedication to the strategy. It also requires better personal productivity apps. One thing that would help (I've mentioned this frequently) would be for the major open source support products (glibc, gcc, and the desktop products like kde and gnome, perhaps even the kernel) to stop the practice of changing the interfaces and releasing non-compatible new versions every couple of years. There is a dearth of long term thinking in the business world. How to cook the books for the current quarter is about as long term as it gets. -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
RE: worms worms worms
You could try http://www.pcflank.com/scanner1.htm It lets you add the ports you want scanned. I still think programs like nmap are best. Regards, Wil McGilvery Manager Lynch Digital Media Inc 416-744-7949 416-716-3964 (cell) 1-866-314-4678 416-744-0406 FAX www.LynchDigital.com -Original Message- From: Michael Hipp [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2003 8:50 AM To: [EMAIL PROTECTED] Burns MacDonald wrote: On Wed, 2003-08-13 at 19:04, Michael Hipp wrote: We do quite a bit of IT Security work. Shields Up is OK for what it is, given the parameters it has to work under - it's not bogus, but it is lightweight. The usefulness of a site like ShieldsUp is that it gives you the ability, from inside, to initiatate a test from outside, to see if that firewall you just put up is working. If there is a better such site available, I'd sure like to know about it. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Burns MacDonald wrote: On Wed, 2003-08-13 at 19:04, Michael Hipp wrote: We do quite a bit of IT Security work. Shields Up is OK for what it is, given the parameters it has to work under - it's not bogus, but it is lightweight. The usefulness of a site like ShieldsUp is that it gives you the ability, from inside, to initiatate a test from outside, to see if that firewall you just put up is working. If there is a better such site available, I'd sure like to know about it. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Joel Hammer wrote: Thanks for the scan. These ports I expected to be open, except for 1024 (kdm). I just wonder why ShieldsUp didn't detect these ports. It looks like I was inviting the world to log onto my X server. I have never found anyone doing this. It is password protected. I have to conclude that ShieldsUp is bogus. It's not bogus. Mr. Gibson is well respected and his site is widely used. Dunno why it didn't work properly on your system. I might guess that it misidentified your IP address, or perhaps the fact that the Internet has been only half working all day caused it to timeout. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Just how does this this thing spread? I have a couple of windows boxes behind my linux firewall. I have almost all privileged ports blocked. Will that be enuf? Joel On Tue, Aug 12, 2003 at 01:32:28PM -0700, Gary Wilson wrote: If you are in an all-Linux place, you are damn lucky. We are being bombarded with the Backdoor and Blaster worms and anyone who hasn't gotten their Microsoft updates in the last two weeks is being blown away. It's an epidemic. My Libranet box is just fine. But its my job to make sure that all those Windows boxen keep humming. Don't know when I'll make it out from under this one. Gary __ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On 08/13/03 16:04, Michael Hipp wrote: Joel Hammer wrote: Thanks for the scan. These ports I expected to be open, except for 1024 (kdm). I just wonder why ShieldsUp didn't detect these ports. It looks like I was inviting the world to log onto my X server. I have never found anyone doing this. It is password protected. I have to conclude that ShieldsUp is bogus. It's not bogus. Mr. Gibson is well respected and his site is widely used. Dunno why it didn't work properly on your system. I might guess that it misidentified your IP address, or perhaps the fact that the Internet has been only half working all day caused it to timeout. No, its definitely the website. Its never done a very reliable or thorough port scan. I've played with that site quite a few times over the past few years, and its never produced results that coincided with what nmap provided. -- ~ L. Friedman[EMAIL PROTECTED] Linux Step-by-step TyGeMo:http://netllama.ipfox.com 4:15pm up 29 days, 18:56, 1 user, load average: 0.37, 0.16, 0.20 ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Thanks. That port is blocked, so I won't worry about updating anytime too soon. Joel On Tue, Aug 12, 2003 at 02:33:30PM -0700, Net Llama! wrote: On 08/12/03 14:28, Joel Hammer wrote: Just how does this this thing spread? I have a couple of windows boxes behind my linux firewall. I have almost all privileged ports blocked. Will that be enuf? port 137, the RPC port. Of course keeping up with M$ security updates will help too. Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
It must be getting bad. Charter just send a mass mailing about the worm and specifically mention port 135. I run an NT box at home and since day two it has not an email client nor does RPC work, I disabled it to manual. I do get an event error at boot but NT does not need re-booting much so it really is not a bother. On Tue, 12 Aug 2003 20:59:01 -0500 - Michael Hipp [EMAIL PROTECTED] wrote the following Re: Re: worms worms worms Collins Richey wrote: On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? Quickest way is to go to http://grc.com and run his Shields Up! test against your address. That will tell you for sure what is visible from the outside. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Precisely. On Tue, 12 Aug 2003 21:50:32 -0500 Michael Hipp [EMAIL PROTECTED] wrote: Kurt Wall wrote: Quoth Matthew Carpenter: IIRC, it's 135, the RPC port. It exploits a vulnerability on TCP port 135, used by DCOM RPC services. You should also block TCP ports 138, 445, 593, and UDP port 69 (TFTP). You should block *every* port that doesn't absolutely, positively have to be exposed to the Internet. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems * Network Service Appliances * Network Consulting, Integration Support * Web Integration and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Wed, 2003-08-13 at 19:04, Michael Hipp wrote: It's not bogus. Mr. Gibson is well respected and his site is widely used. Dunno why it didn't work properly on your system. I might guess that it misidentified your IP address, or perhaps the fact that the Internet has been only half working all day caused it to timeout. We do quite a bit of IT Security work. Shields Up is OK for what it is, given the parameters it has to work under - it's not bogus, but it is lightweight. Our Penetration and Vulnerability Testers use a collection of expensive proprietary tools and custom-coded scripts. As I recall Saint used to be a good tool and was available for Linux, but I don't see an open-source version on their website any more - it's all commercial licensing. http://www.saintcorporation.com/products/saint_engine.html -- Burns MacDonald Ottawa Canada ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Kurt Wall wrote: Quoth Matthew Carpenter: IIRC, it's 135, the RPC port. It exploits a vulnerability on TCP port 135, used by DCOM RPC services. You should also block TCP ports 138, 445, 593, and UDP port 69 (TFTP). You should block *every* port that doesn't absolutely, positively have to be exposed to the Internet. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
IIRC, it's 135, the RPC port. On Tue, 12 Aug 2003 14:33:30 -0700 Net Llama! [EMAIL PROTECTED] wrote: port 137, the RPC port. Of course keeping up with M$ security updates will help too. -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems *Network Consulting, Integration Support *Web Development and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Thanks for the scan. These ports I expected to be open, except for 1024 (kdm). I just wonder why ShieldsUp didn't detect these ports. It looks like I was inviting the world to log onto my X server. I have never found anyone doing this. It is password protected. I have to conclude that ShieldsUp is bogus. Joel On Wed, Aug 13, 2003 at 05:26:37PM +0100, Dallam Wych wrote: On Wed, Aug 13, 2003 at 10:31:09AM -0400, Joel Hammer wrote: Would someone kindly run nmap against hammershome.com and mail me the results? ([EMAIL PROTECTED]) Hi Joel, I found 113, 84, 80 and 1024 open as well at hammershome.com. Question? Why not visit securityspace.com (free) and run the port scan and basic audit against the box? I do this every once in a while and find them pretty good. Kind Regards, Dallam -- Dallam Wych dallam.wyche AT virgin.net #213656 counter.li.org ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On Wed, 13 Aug 2003, Joel Hammer wrote: I got a Failed result from this test because my machine responded to a ping request. I think I'll leave this in place. Are these guys serious? From a windoze persepective, sure. But its really just a toy. I wouldn't trust my network to that site. Would someone kindly run nmap against hammershome.com and mail me the results? ([EMAIL PROTECTED]) 80/tcp openhttp 84/tcp openctf 113/tcpopenauth 1024/tcp openkdm all other ports reported as being closed. -- ~~ Lonni J Friedman[EMAIL PROTECTED] Linux Step-by-step TyGeMo http://netllama.ipfox.com ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
You can run nmap against your windows boxes to check out their ports. Joel On Tue, Aug 12, 2003 at 06:36:17PM -0600, Collins Richey wrote: On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Thanks. That port is blocked, so I won't worry about updating anytime too soon. Joel On Tue, Aug 12, 2003 at 02:33:30PM -0700, Net Llama! wrote: On 08/12/03 14:28, Joel Hammer wrote: Just how does this this thing spread? I have a couple of windows boxes behind my linux firewall. I have almost all privileged ports blocked. Will that be enuf? port 137, the RPC port. Of course keeping up with M$ security updates will help too. Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
I tried this web site. I log just about all activity on my firewall, and although I got a stealth result for all my ports except 0 from this web site, I cannot find any attempts to attach to a large number of my ports in my logs, including 80, which is open, as is port 113. Both were marked stealth by the scan. Has anyone a similar experience? I got a Failed result from this test because my machine responded to a ping request. I think I'll leave this in place. Are these guys serious? Would someone kindly run nmap against hammershome.com and mail me the results? ([EMAIL PROTECTED]) Thanks, Joel On Tue, Aug 12, 2003 at 08:59:01PM -0500, Michael Hipp wrote: Collins Richey wrote: On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? Quickest way is to go to http://grc.com and run his Shields Up! test against your address. That will tell you for sure what is visible from the outside. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Quoth Matthew Carpenter: IIRC, it's 135, the RPC port. It exploits a vulnerability on TCP port 135, used by DCOM RPC services. You should also block TCP ports 138, 445, 593, and UDP port 69 (TFTP). http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/virus/alerts/msblaster.asp Kurt -- As of next week, passwords will be entered in Morse code. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
On 08/13/03 15:45, Joel Hammer wrote: Thanks for the scan. These ports I expected to be open, except for 1024 (kdm). I just wonder why ShieldsUp didn't detect these ports. It looks like I was inviting the world to log onto my X server. I have never found anyone doing this. It is password protected. I have to conclude that ShieldsUp is bogus. Its not bogus. Its just a toy, targetted at windoze users who don't know the difference. -- ~ L. Friedman[EMAIL PROTECTED] Linux Step-by-step TyGeMo:http://netllama.ipfox.com 4:00pm up 29 days, 18:41, 1 user, load average: 0.29, 0.24, 0.31 ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Thanks for the scan. I turned off kdm. I will upgrade my firewall when my wife gets off aol. These results are about what I expected. I am surprised that the ShieldsUp web site told me these ports (113, 80, 84) were stealth when they are open. I may have missed some attempts to scan ports because I don't log those ports I accept, just the ones I deny. Oh well, I think I am safe from this new virus. These worms get more and more vicious. What if the virus writer had intended to do obvious harm like erase eveyone's hard drive? I feel like windows users are still living in the pre-9/11 world. Joel On Wed, Aug 13, 2003 at 02:35:46PM -0400, Matthew Carpenter wrote: 67/tcp closed dhcpserver 68/tcp closed dhcpclient 80/tcp openhttp 84/tcp openctf 113/tcpopenauth 1024/tcp openkdm 1025/tcp closed NFS-or-IIS . . . . Perhaps your upstream provider is providing you with services of closing everything but a few ports? Or your firewall drops a lot of ports without telling you? On Wed, 13 Aug 2003 10:31:09 -0400 Joel Hammer [EMAIL PROTECTED] wrote: I tried this web site. I log just about all activity on my firewall, and although I got a stealth result for all my ports except 0 from this web site, I cannot find any attempts to attach to a large number of my ports in my logs, including 80, which is open, as is port 113. Both were marked stealth by the scan. Has anyone a similar experience? I got a Failed result from this test because my machine responded to a ping request. I think I'll leave this in place. Are these guys serious? Would someone kindly run nmap against hammershome.com and mail me the results? ([EMAIL PROTECTED]) Thanks, Joel On Tue, Aug 12, 2003 at 08:59:01PM -0500, Michael Hipp wrote: Collins Richey wrote: On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? Quickest way is to go to http://grc.com and run his Shields Up! test against your address. That will tell you for sure what is visible from the outside. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems * Network Service Appliances * Network Consulting, Integration Support * Web Integration and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
67/tcp closed dhcpserver 68/tcp closed dhcpclient 80/tcp openhttp 84/tcp openctf 113/tcpopenauth 1024/tcp openkdm 1025/tcp closed NFS-or-IIS . . . . Perhaps your upstream provider is providing you with services of closing everything but a few ports? Or your firewall drops a lot of ports without telling you? On Wed, 13 Aug 2003 10:31:09 -0400 Joel Hammer [EMAIL PROTECTED] wrote: I tried this web site. I log just about all activity on my firewall, and although I got a stealth result for all my ports except 0 from this web site, I cannot find any attempts to attach to a large number of my ports in my logs, including 80, which is open, as is port 113. Both were marked stealth by the scan. Has anyone a similar experience? I got a Failed result from this test because my machine responded to a ping request. I think I'll leave this in place. Are these guys serious? Would someone kindly run nmap against hammershome.com and mail me the results? ([EMAIL PROTECTED]) Thanks, Joel On Tue, Aug 12, 2003 at 08:59:01PM -0500, Michael Hipp wrote: Collins Richey wrote: On Tue, 12 Aug 2003 18:25:44 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Not being even an XP lightweight - how does one find out whether ports are open or blocked on WinXP? Quickest way is to go to http://grc.com and run his Shields Up! test against your address. That will tell you for sure what is visible from the outside. Michael ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems * Network Service Appliances * Network Consulting, Integration Support * Web Integration and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
Thanks. That port is blocked, so I won't worry about updating anytime too soon. Joel On Tue, Aug 12, 2003 at 02:33:30PM -0700, Net Llama! wrote: On 08/12/03 14:28, Joel Hammer wrote: Just how does this this thing spread? I have a couple of windows boxes behind my linux firewall. I have almost all privileged ports blocked. Will that be enuf? port 137, the RPC port. Of course keeping up with M$ security updates will help too. -- ~ L. Friedman [EMAIL PROTECTED] Linux Step-by-step TyGeMo: http://netllama.ipfox.com 2:30pm up 28 days, 17:11, 1 user, load average: 0.08, 0.14, 0.09 ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
I don't think I'm safe... I know :) By the way. Those were some great pix! It was nice to meet someone from the list face-to-face. Maybe I'll run into you at some event and I'll recognize that Hammerguy! On Wed, 13 Aug 2003 18:41:21 -0400 Joel Hammer [EMAIL PROTECTED] wrote: Oh well, I think I am safe from this new virus. -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems *Network Consulting, Integration Support *Web Development and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: worms worms worms
These worms are so benign it's pathetic. If only the Windows world realized just how much peril they could be in! So far we've only really had worms that self-propagate and then did some token act to prove that they weren't gay. But how many CodeRed and NIMDA machines could have had a format c: in them? And this one? Wow, it's REALLY benign. Replicate then throw some traffic against Microsoft. Again, this genre of Worm hasn't yet left the Proof Of Concept phase yet. And they're really missing some opportunity to do some real damage. This one is really bad because you know it immediately when you're whacked. Not like the previous few which secretly spread and kept spreading while admins were none-the-wiser On Wed, 13 Aug 2003 18:41:21 -0400 Joel Hammer [EMAIL PROTECTED] wrote: These worms get more and more vicious. What if the virus writer had intended to do obvious harm like erase eveyone's hard drive? I feel like windows users are still living in the pre-9/11 world. -- Matthew Carpenter [EMAIL PROTECTED] http://www.eisgr.com/ Enterprise Information Systems *Network Consulting, Integration Support *Web Development and E-Business ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc - http://www.linux-sxs.org/mailman/listinfo/linux-users