I was wondering the same thing :-b Hi all, for a quick check on the level of exposure you have to the internet go to http://www.grc.com and then click on SHIELDS UP.
Now, this is going to attempt to do some of the main hacks used out there, if you are not the admin of your firewall you better warn them before you run this. the checks will not do any harm and it will give you an nice report. Ben Johansen - http://www.pcforge.com Authorized Witango Reseller http://www.pcforge.com/WitangoGoodies.htm Latest downloads & List Archives @ http://www.witango.ws -----Original Message----- From: [EMAIL PROTECTED] [mailto:owner-witango-talk@;witango.com] On Behalf Of Jon Grieve Sent: Monday, October 21, 2002 1:55 AM To: Multiple recipients of list witango-talk Subject: RE: Witango-Talk: virus?? (OT) Ow! Doesn't that assume you'd have to have the necessary port (NetBIOS, perhaps?) open to the outside world to allow the spammer to connect to initiate the NET SEND command? -----Original Message----- From: Anthony M. Humphreys [mailto:anthony@;humphreys.org] Sent: 19 October 2002 3:24 To: Multiple recipients of list witango-talk Subject: Re: Witango-Talk: virus?? (OT) >From : http://story.news.yahoo.com/news?tmpl=story&ncid=528&e=9&cid=528&u=/ap/2 0021 018/ap_on_hi_te/pop_up_spam New Pop-Up Ads Bypass the Internet Fri Oct 18, 4:35 PM ET By ANICK JESDANUN, AP Internet Writer NEW YORK (AP) - As if junk e-mail and pop-up ads weren't annoying enough on their own, now there's a combination. A developer of bulk-mail software has figured out how to blast computers with pop-up spam over the Internet through a messaging function on many Windows operating systems. The function was designed for use by computer network technicians to, for instance, warn people on their systems of a planned shutdown. The pop-up messages appear on recipients' computers in separate windows, similar to pop-up ads that appear when a user goes to a Web site. But there's a difference: Anyone can send the messages, and there's no need for the user to have an Internet browser open. Gary Flynn, a security engineer at James Madison University, where several messages were received, calls the technique worse than e-mail spam. "This pops up on the screen," he said. "It's almost like somebody barging in your office and interrupting you." ... deleted ... ----- Original Message ----- From: "Ben Johansen" <[EMAIL PROTECTED]> To: "Multiple recipients of list witango-talk" <[EMAIL PROTECTED]> Sent: Friday, October 18, 2002 8:15 PM Subject: RE: Witango-Talk: virus?? (OT) > In that case, then it could be worse. > Have you completed the security checklist that Microsoft gives out free > from > Microsoft > > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur > ity/Default.asp > > and are you up to date on the hotfixes. > > I know it sounds like ancient history, but there are still servers > infected with the Code-Red virus. As a matter of fact they say if you > setup a server and have it hooked to the internet that you will be > infected before you can download and install the patch. > > Here is a simple but quick way to stop a lot of this. locate the CMD.EXE > file. take that file an move it to a folder that is setup to only be > accessed by the admin (ie remove the everyone access from that folder) > > Go to you IIS logs usually under c:\winnt\system32\logfiles folder and > look at the logs files. Search for cmd.exe. It might surprise you what > has been going on through port 80 thanks to M$ > > Good Luck > > > Ben Johansen - http://www.pcforge.com > Authorized Witango Reseller http://www.pcforge.com/WitangoGoodies.htm > Latest downloads & List Archives @ http://www.witango.ws > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:owner-witango-talk@;witango.com] On Behalf Of Brad Robertson > Sent: Friday, October 18, 2002 4:59 PM > To: Multiple recipients of list witango-talk > Subject: Re: Witango-Talk: virus?? (OT) > > Ben, > > Thanks for the quick reply. I will look into this. The main thing that > baffles me is that I this box isn't used for anything but web and tango > app > server - I thought the box was pretty secure so I don't know how this > would > have been installed. > > Brad > > > ----- Original Message ----- > From: "Ben Johansen" <[EMAIL PROTECTED]> > To: "Multiple recipients of list witango-talk" > <[EMAIL PROTECTED]> > Sent: Friday, October 18, 2002 4:15 PM > Subject: RE: Witango-Talk: virus?? (OT) > > > Hey, I am not ruling out a virus, but you might want to look into > spyware detectors. They usually exhibit the behavior you are seeing > > Try downloading Ad-Aware from http://www.lavasoft.de. When you download > the free Ad-Aware make sure you download it from either Mirror#1 or > Mirror#2 farther down the downloads list. The other sites like > MajorGeeks.com install the spyware you are trying to get rid of by > downloading Ad-Aware > > Another free program is spybot (for windows only) > http://download.com.com/3000-2144-10122138.html > > > > Ben Johansen - http://www.pcforge.com > Authorized Witango Reseller http://www.pcforge.com/WitangoGoodies.htm > Latest downloads & List Archives @ http://www.witango.ws > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:owner-witango-talk@;witango.com] On Behalf Of Brad Robertson > Sent: Friday, October 18, 2002 3:59 PM > To: Multiple recipients of list witango-talk > Subject: Witango-Talk: virus?? (OT) > > Hello list, > > I am not sure how to explain this, but on my Tango/IIS server (Win 2K, > SP2), I keep getting system popup windows that have advertisements. I > turned off the Alerter and Messenger service and still get them. Some > appear in my event log as application popup with no clues as to the > origin. Anybody getting these? Any ideas? > > Regards, > Brad > > ________________________________________________________________________ > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body > ________________________________________________________________________ > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body > > ________________________________________________________________________ > TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] > with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body ________________________________________________________________________ TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED] with unsubscribe witango-talk in the message body
