1  ...  19  20  21  22  23  24  ...  33  |   Order by default

Jul 22, 2003, 6:39pm

That's right, they don't have a little birdie in their ear that says
"turn telegram logging on or off at X time," but they have the ability
to turn logging on or off for ALL users anytime they wish. So if they
wanted to stop logging right now, they could. If they wanted to start it
up again tomorrow at 3:33 AM ET, they could. If they don't want to
change anything the way it is right now, they can do that too. Hope
that's clear now.

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 6:47pm

That's true. Did I say that wasn't true or not also possible? I can look
at the telegrams on my local system and see if you sent me one or not
and if so, at what time/date it was sent. Okay, I think everyone gets
the point now about telegrams. Let's see if Cal or another AWI staffer
replies to the original question.

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 4:43pm

Since everyone is freaked out by the AW Toolkit and other nasty things
going around, I decided to make a post about Windows security. Also,
since I know a lot of you don't like to pay for things, all of the tools
listed below are completely FREE.

1. Get a good anti-virus program and update it often. Use its "on
demand" scanner that runs in memory and check files and programs when
you open and close them. Most now automatically update their virus
definition files at set intervals. Set it to update at least once every
one to two weeks.

FREE: Trend Micro's House Call
http://housecall.trendmicro.com

FREE: AVG Anti-Virus Free Ed.
http://www.grisoft.com/us/us_dwnl_free.php

FREE: Anti-Vir
http://www.free-av.com

2. Get the latest patches for Windows and scan your system for insecure
settings.

FREE: Windows Update
http://windowsupdate.microsoft.com

FREE: HFNetChk
http://www.microsoft.com/technet/security/tools/tools/hfnetchk.asp

FREE: Microsoft Baseline Security Analyzer
http://www.microsoft.com/technet/security/ tools/Tools/mbsahome.asp

3. Run a software firewall on your PC. I don't care if you are on the
slowest dial-up connection there is or have the fastest broadband
connection possible, just do it. Script kiddies and the like don't care
what type of connection you have -- they just automatically try to break
into your system with their automated tools.

While using a combination of a software and hardware firewall/router is
best, go with a software one if this is your first time using a
firewall. Also, make sure the firewall has outbound protection. This
will alert you if things such as a Trojan horse or unauthorized program
(such as the fake AW Toolkit) try to send or "sneak" data from your PC.
Also, be sure to run it at its highest security setting if you can.

FREE: ZoneAlarm Free
http://www.zonelabs.com

FREE: Kerio Personal Firewall
http://www.kerio.com/us/kpf_home.html

4. Get a program that blocks nasty scripts.

FREE: AnalogX's Script Defender
http://www.analogx.com/contents/download/system/sdefend.htm

5. Get rid of and/or block spyware, adware, and malware on your
computer.

FREE: Ad-aware
http://www.lavasoftusa.com/software/adaware/

FREE: SpywareBlaster
http://www.javacoolsoftware.com/spywareblaster.html

6. Other tools you should get:

FREE: GRC's UnPlug n'Pray
http://grc.com/unpnp/unpnp.htm

FREE: GRC's SocketToMe & SocketLock
http://grc.com/dos/sockettome1.htm

7. Other tips:

-Disable File & Printer sharing if you don't need it. If you do, only
share the folders that you need (not entire disk drives) and use at
least an eight character password on all shares.

-Don't click on or open e-mail attachments from those you don't know.

-Read security related forums and news to stay current with the latest
trends and threats.

-If you don't know how to do something, look it up using your favorite
search engine (for example, Google).

7. Test, test, and test your computer's ports to see if they can be seen
by others.

FREE: GRC's Shields Up!
https://grc.com/x/ne.dll?bh0bkyd2

FREE: Sygate Security Scan
http://scan.sygatetech.com/

FREE: Broadbandreports.com Scan
http://www.dslreports.com/secureme

And there are plenty of others out there.

Builderz
http://www.3dhost.net

Jul 22, 2003, 4:47pm

The second "7." point should be "8.", but who cares? :)

Builderz
http://www.3dhost.net

Jul 22, 2003, 4:52pm

I knew you'd be the first to say that. :P The MSBA link is also messed
up, but people can fix that if they really want it.

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 5:42pm

See my comments below:

[View Quote] True.

> Okay, Black Plague Virus, Crazy Pills gave it that name..... Uh Black Plague
> Virus....THIS IS NOT A VIRUS, it's a trojan.

Correct, it should be classified as a Trojan and not a virus.

> Also, who is the creator of this trojan, none other than the one we know as
> M a t t. It sends information back to him, and he then continues by stealing
> the persons cit, and spreading his trojan trying to get people to download
> it. Now if you get a telegram, email, or something of that trying to
> download it, be vigilant, do not download e-mail attachments unless you are
> SURE that they are legit, but if you have any doubt, please, use common
> sense.

I'm not sure if M A T T made it or not, but someone posted that is it
similar to the Backdoor.Beasty Trojan
(http://securityresponse.symantec.com/avcenter/venc/data/backdoor.beasty.html).
I don't have a safe "sandbox" available here to test it or to confirm
either statement.

> By blowing this out of the water and panicing you are letting him win. Also,
> Matt is not a hacker, Matt is a script kiddie, don't give him that honor of
> calling him a hacker, he just doesnt deserve the title.

IMO, I agree that M A T T is a script kiddie. Now, let's not get the
terms hacker and cracker mixed up next. :)

Builderz
http://www.3dhost.net

Jul 22, 2003, 7:03pm

LOL. Watch out, Mask. ;)

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 6:29pm

*cough* What about my Windows Security Tips/Tools post? ;) *cough*

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 7:21pm

Calhoun, I believe he uses a proxy or some other means to cloak his real
IP address, so that won't do much good. And, does anyone really know it
was M A T T again this time? Couldn't it be a copy cat?

Builderz
http://www.3dhost.net

[View Quote]

Jul 22, 2003, 7:37pm

You can try that, but he'd probably just find another one. Who knows,
you might even end up blocking an IP from a legitimate user. Also,
someone could spoof the IP address of a large router or something (or
even the IP address of the AW uniserver). Heh.

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 12:21pm

Yep, that's correct. They could send data to the server, but wouldn't be
able to get a response back. But knowing how most people think that
whoever is making these Trojans in a "real hacker," they probably
wouldn't know the difference. I was just saying that it was possible
(why someone would do it besides trying to do a DoS attack, I don't
know). Another thing that can be done that I haven't seen others mention
would be to simply break into the NG server and steal passwords that way
as well. They may be encrypted, but given enough time, I'm sure they
could be decrypted.

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 12:24pm

There are still ways to catch people that use proxies, even if they
"chain" them together. However, if he rotates proxies like every thirty
seconds and has a large list of them, that'd be a real pain in the butt
to track.

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 1:27pm

I didn't see that other thread about the auth taking place on the
uniserver. In the past, I've been able to change my AW password to
something new, but then when I'd try to post a message, I'd have to use
my old password for day or so. That's what made me think the passwords
are stored locally on the news server as well on the uniserver (and that
the news server had a delay in getting the most recent passwords). I do
know that they've been using DNews for quite some time.

Builderz
http://www.3dhost.net

[View Quote] > AW's NG doesn't store the passwords - the authentication takes place at the uniserver through an SDK application as Calpantera already stated in another thread.
> OTOH DNews (the NG software) uses a one way hash to store the password, so it is almost impossible to crack it (well,, not really if you have the same server software and have plenty of time at your hand to try all possible combination and compare the resulting hash with the stolen database).
>
> --
> Andras
> "It's MY computer" (tm Steve Gibson)

Jul 23, 2003, 11:55pm

Trying to dream up some conspiracy theories, duo? ;)

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 12:28pm

And away we go:

Is there a .DLL, .OCX, or other file that is mentioned when the blue
screen appears? If so, what is it?
What video card are you using?
What version of Windows are you using?
Have you cleared your cache?
Have you run scandisk/chkdsk recently?
Have you defragged your hard drive recently?

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 7:58pm

It could also be inadequate cooling. :)

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 10:03pm

That's another possibility.

Builderz
http://www.3dhost.net

[View Quote] [View Quote]

Jul 23, 2003, 11:54pm

ROFL!

Builderz
http://www.3dhost.net

[View Quote]

Jul 23, 2003, 10:07pm

Thanks for the comment. I don't host *everything* for free, but I do
host a *few* bots and worlds for free (some aren't listed on my site
yet).

Builderz
http://www.3dhost.net

[View Quote]

Jul 24, 2003, 1:46pm

See my "Windows Security Tips/Tools" post for more security advice.

Builderz
http://www.3dhost.net

Jul 24, 2003, 5:47pm

Here are a few more:

XelaG Bots
http://www.imatowns.com/xelagot

AW News
http://www.awnews.org/html/

3D Host
http://www.3dhost.net/

Magsbot
http://www.turtleflight.com/magine/mb.html

Builderz
http://www.3dhost.net

Jul 25, 2003, 12:38pm

If you'll read my other posts, you'll notice that my signature always
has my hosting URL on it. I just didn't take it out of my signature for
that post and it was listed twice. :)

Builderz
http://www.3dhost.net

[View Quote]

Jul 31, 2003, 2:02pm

Doesn't appear to be working for me at the moment. As usual, AWI's
network status page doesn't have any new info.

Builderz
http://www.3dhost.net

Aug 2, 2003, 12:56pm

1. Check the servers via the admin tool often to check this (checking is
fine and should be done by good hosts periodically anyway).
2. Make an automated program or script to determine if a customer is
going over their world limit.
3. Make an AUP or TOS that states that each customer can only host one
world per admin tool or something.

Builderz
http://www.3dhost.net

[View Quote]

Aug 12, 2003, 1:16am

Don't download the attachment. Hotbar is spyware. If you did, download
Ad-aware from http://www.lavasoftusa.com/software/adaware/ and Spybot
Search & Destroy from
http://spybot.eon.net.au/index.php?lang=en&page=download to get rid of
it. They are spyware scanners that detect and remove spyware from your
system. Very handy tools (beats searching the registry manually for
certain spyware keys).

Builderz
http://www.3dhost.net

Aug 14, 2003, 12:48am

I read Snow Crash. I'm not E N Z O and certainly not Canadian. :)

Builderz
http://www.3dhost.net

[View Quote]

Aug 14, 2003, 12:30pm

Yep, old news. See
news://news.activeworlds.com/3f371ab8%40server1.Activeworlds.com

Builderz
http://www.3dhost.net

Aug 26, 2003, 12:27pm

WHY IS THE SITE IN ALL CAPS? IT MAKES IT SEEM LIKE YOU ARE SHOUTING.

Also, you say your path is "98% error free" -- so what/where are the
other 2% of errors?

Builderz
http://www.3dhost.net

[View Quote]

Aug 26, 2003, 7:13pm

It was ROT-13 encrypted. It says this:

"How about the same price for all worlds no matter which size or how
many max. users it allows; I doubt it makes a difference.

Maybe set the monthly bandwidth limit for each world if you have such
control."

Which is the exact same thing Anduin's post says.

Builderz
http://www.3dhost.net

[View Quote]

Aug 26, 2003, 7:17pm

I didn't bother to look at the HTML source. Upon further inspection, it
looks like the page uses Arial with the "small caps" setting. Still,
caps is caps and netiquette equates it to shouting.

Builderz
http://www.3dhost.net

[View Quote]

1  ...  19  20  21  22  23  24  ...  33  |   Order by default