ThreadBoard ArchivesSite FeaturesActiveworlds SupportHistoric Archives |
Notice to the person whos computer name is Dude and lives in Pittsburg, (Community)
Notice to the person whos computer name is Dude and lives in Pittsburg, // CommunityandrasApr 8, 2004, 8:13pm
I'm getting bombarded with the Netsky and with the Beagle worm from this person's computer (so does Ananas and Bowen).
Please disinfect the machine! -- Andras "It's MY computer" (tm Steve Gibson) brockApr 9, 2004, 1:21am
PittsburgH
It's the only burg to end with an h, Pittsburgh. Pennsylvania love :) -- Brock, IceFlare Network Founder/Administrator http://www.iceflare.net [View Quote] bowenApr 9, 2004, 2:11am
[View Quote]
Yeah it's coming to both of my e-mails it seems. The other one I don't
have listed anywhere is fine. Hurray for the pop server filter out 99% of them though. (I've only gotten like 5 on my other one and 0 on yours Andras). bowenApr 9, 2004, 2:16am
[View Quote]
> I'm getting bombarded with the Netsky and with the Beagle worm from this
> person's computer (so does Ananas and Bowen). > Please disinfect the machine! Whose machine is it, btw? (if you would mind informing me... I thought you said you'd told them before? Just wondering) andrasApr 9, 2004, 3:27am
[View Quote]
[View Quote]
I wish I know whos machine is! Then I could notify the person in email and I shouldn't have to put up this public note :(
The other one I managed to identify and he cleaned his machine. -- Andras "It's MY computer" (tm Steve Gibson) bowenApr 9, 2004, 4:47am
[View Quote]
It has to be someone who knows all 3 of us. Judging from that
information, I'd assume it's someone who's delt with the SDK (or just programming) a little? Or it's just some monkey who doesn't give two craps and is doing it on purpose. Maybe M A T T or that Christopher Stevens guy (if he even exists). I'd assume the later. Sucks. :-\ ananasApr 9, 2004, 2:12pm
I already sent an email to abuse at verizon.net, maybe
they can identify the user from the time and IP in their logs. So far I only received an automatic teply mail though. [View Quote] princess nerwenApr 9, 2004, 5:29pm
Has also been getting the W32.Netsky.c virus in my E-Mails and my ISP
has now installed some Anti virus and I no longer get the attacks, it is filtered and sent to me as This e-mail was blocked, and had the following file in it (somefile.scr) or something containing the W32.Netsky.c at mm virus and has been deleted, you may receive the e-mail but the file is no longer available. So maybe your ISP can do the same. [View Quote] ananasApr 9, 2004, 5:57pm
Hi,
the problem with those server side virus blockers is that they are often very badly configured. They send an information about the virus "back" to the address that the virus faked as the sender - but the sender is just a random entry from the address book of the infected PC too and probably receives the same virus mails. So those stupid ISP idiots just increase the traffic for those people who already get enough traffic from the infected PCs. Not using any antivirus program is the best protection. The AV programs make people careless. If they do not feel too secure they will probably not click on everything clickable anymore. An AV program is never up to date anyway, there's always one virus newer than the latest AV program. AV companies even need to be a bit behind so the virus gets a chance to spread. It would be very bad for their business if viruses would get caught too soon. I guess we can count Mauz as one receiver from the list too btw., I got several mails with her email address as sender already - faked of course, she doesn't live in Phittsbhourgh. Volker [View Quote] ananasApr 9, 2004, 6:00pm
The "helo=" tag is faked too btw., I already got some with
"helo=oct31.de", "helo=ananas" and "helo=tnlc.com" so the "helo=Dude" might not be the real network name either. [View Quote] themaskApr 10, 2004, 1:27am
Netsend him...
-- Signed, TheMask :: Owner of Delusional-Minds Hosting :: Free world hosting.. Just a T-Gram will do it. http://www.delusional-minds.com [View Quote] andrasApr 10, 2004, 9:09am
[View Quote]
> The "helo=" tag is faked too btw., I already got some with
> "helo=oct31.de", "helo=ananas" and "helo=tnlc.com" so the > "helo=Dude" might not be the real network name either. > > > It can be faked, you are right, except the early versions did not fake it and the first couple of hundred came from the "Dude" machne. (.org, .net, .com) tnlc.com means the person was subscribed to some of the newsgroups - most likely to my ones because I got emails to the "storage.co.hu" domain which appeared only in my ngs. -- Andras "It's MY computer" (tm Steve Gibson) rossyboyApr 10, 2004, 5:15pm
lol
[View Quote] > Netsend him... > > -- > > Signed, > TheMask > > :: Owner of Delusional-Minds Hosting :: > Free world hosting.. Just a T-Gram will do it. > > http://www.delusional-minds.com > [View Quote] ananasApr 10, 2004, 8:50pm
Doesn't go through - but I guess it's even my own
firewall that blocks it, sometimes I will check the settings [View Quote] ananasApr 11, 2004, 8:11pm
Maybe ping floods would help crash this idiots connection ...
Might only be OK for a few minutes after receiving the virus mail though as it's dialup. [View Quote] bowenApr 11, 2004, 10:40pm
[View Quote]
> Maybe ping floods would help crash this idiots connection ...
> > Might only be OK for a few minutes after receiving the virus > mail though as it's dialup. Why stop there, why not write a virus to take him off the net. At least you know he'll run it. |