Slashdot Mirror
Am I a Spam Zombie?
ReallyCurious asks: "Recently, I've noticed a lot of junk email in my inbox reporting 'Mail delivery failure' or 'Undeliverable'. Some of these had documents attached, so I figured this was just a worm variant. But these messages keep coming. I worry that my machine has been turned into a 'Spam Zombie'. I don't see any suspicious processes running, but maybe it only runs for a few seconds, and at irregular times. I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')! Is there an open or free virus fighting solution that's reliable and available for Windows? I'd be happy to run it ASAP."
It may not be your system spewing out spam, but simply someone spoofing your domain.. happens to me every once in a while
Most of those are forged to look like bounces.
You are being MICROattacked, from various angles, in a SOFT manner.
The bounces you're getting are from other spam using you as the From address. Spam sent from your machine would have random addresses not necessarily your own. But you might still have a trojan running that could be used to send spam so you should check.
What makes you think you're going to get delivery failures for outgoing spam? If you're a spam zombie, I doubt it is going out with your email in the from: field.
Why not run a free firewall and watch for any alerts that something is trying to connect to the internet? Zonealarm will do fine.
If you're a bit more techie you can use winpcap or similar to capture the traffic.
There's no excuse to be wide open. You'll soon do something about it when your ISP wakes up to the problem and cuts you off. I appreciate how people can get caught inadvertantly by malware (I was hosting a trojan for a few hours last week inbetween upgrades) but I don't appreciate you leaving it this long, then asking slashdot when it's plainly obvious what you need to do.
Cheers.
I've been having the same, and I know for a fact I'm not infected. This is just another worm.
It will happen.
Most likely your email address is getting used as the return address and little more - the returned mail thing affects everyone to some degree. If you were being used as a spam zombie, you'd probably not notice any change in returned mails, as the zombies generally use someone else's address again as the return addy. I'm fairly sure the return addresses aren't always randomised, as on my domains I see a bucketload of spam all from the same email address, so whoever lives there must be getting a bucketful of bounces.
Still, you really should get an antivirus solution to ease your worries. I use AVG from Grisoft, which is available in a free edition.
Of course, the bounces are plain annoying - when I get ACTUAL bounces from mail I send, I often delete them based on subject line, not realising that the person I was trying to contact is none the wiser. Booo
The poster sounds like a good candidate for MJR's ultimately secure firewall.
Try Zonealarm?
You're running Windows 98 with no virus software. I'm surprised you can use the machine at all. I constantly get requests from people to clean up their Win98 machines. They are usually riddled with spyware, trojans and diallers. Don't bother with new antivirus. Get a new operating system.
cL0h
ok if you run windows you need a virus checker
are you a home user ?
if so
http://free.grisoft.com/freeweb.php/doc/2/
and get avg for free
Now you need a firewall
http://www.free-firewall.org/
then I would advice get rid of spyware with spybot
donate something to the project if you like it...
http://www.safer-networking.org/en/download/
regards
John Jones
but if you're running a win98 without firewalling/serious tweaking.. ..you're probably owned or at least at risk. though in all fairness they're probably some other spammers who just happen to use your mail add as the sender.
go with FREE solutions, they exist.
http://www.free-av.com/ free virus scanning
http://www.free-firewall.org/ some free firewalling
world was created 5 seconds before this post as it is.
Here is the link to their free version This works well, and is completely free for personal use.
"Send an Instant Karma to me" - Yes
http://www.avast.com/eng/avast_4_home.html Home version is free
We get bounces to the support address at the company I work at all the time. Someone has decided to use our support address as the 'from:' address in their crappy spam. Anytime they send it to a non-existant address, we get the bounce. Our system is updated and locked down, so they aren't coming from us, but YMMV.
Either way, I'd suggest running that address through a spam block of some kind to filter out the crud or just give it up entirely if you can.
Even people that believe in pre-destiny look both ways before crossing the street.
antivir seems to work ok,
and is updated afaik.
Spyware removal software is obligatory on windwos as well.
We should never insult folks for asking "stupid" questions, but rather admire the courage it took to ask.
"To confine our attention to terrestrial matters would be to limit the human spirit." -Stephen Hawking
OK. I'm a dual booting guy. Obviously my linux, which I use mostly, has no problems. However, my windows install also has no problems. I only got a virus once ever because after a clean XP install a worm got to me before I got to windowsupdate.
The point is that you do NOT need anti-virus software. Anti-virus anti-spyware software should be used only to cleanup already busted systems. Your system cannot be infected if you take proper care to prevent it. Even if you are running windows on a cable modem all day.
1) NEVER download an e-mail attachment.
2) Use Firefox instead of IE.
3) Use Thunderbird instead of Outlook
4) Do NOT visit untrustworthy websites
5) Do NOT download any software from the internet and install it. Even if it looks trusty from tucows or download.com do a google search to see if it it spyware first.
6) Have a firewall like zone alarm or sygate, or better have another computer between you and the net with a firewall on it. Or have a hardware firewall. Proper network level security keeps the worms out almost guaranteed.
7) If you have wireless lock it down. You don't want a drive by person to start sending spam out your pipe.
8) DO get all the windows updates that are security fixes. The ones that aren't security fixes you can choose to get or not get at your own discretion.
If you do those things then there is almost no way you can get hit. It's really that simple. And if you DO get hit, its usually easier to re-install due to the degrading nature of windows. Any windows install, even a clean one, falls apart over time. The registry fills with more and more junk. Improperly uninstalled apps leave files behind here and there. Hidden variables change and are not changed back. Even the cleanest installs seem to last at most 18 to 24 months except in very controlled business environments.
Dont pay for anti-virus software, its a ripoff. Just re-install and then take proper preventative measures so it doesn't happen again.
The GeekNights podcast is going strong. Listen!
http://www.clamwin.net/ is an allegedly good antivirus program.
Also, http://www.spybot.info/ has been alleged to be a good antispyware program.
Since the SMTP protocol doesn't have any authentication of the sender (except within an ISP/Domain with SMTP-AUTH), it's easy for a spammer/virus to send mail pretending to be you. That's called a 'joe-job' after one of the early occurrences of it.
A recently proposed solution (though not without it's problems) is SPF (Sender Policy Framework) http://spf.pobox.com/ where a domain owner can publish the list of servers which are authorized to send mail as being from a user of their domain.
Until it's widely deployed, not just on the publishing side, but on the checking side, it won't be real useful. However it's nearly trivial for the DNS owner to publish the records and since big ISPs like AOL and Yahoo are starting to check them it does protect you from being Joe-Jobbed to a large number of mailboxes.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Most likely it just means you have a lot of dumb friends.
To simplify; their systems get infected or hijacked and your e-mail address appears in their addressbooks so the trojan/virus abuses your email address.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
These authentic looking bounce messages have attachments that you're going to open, right? Don't do it! That's the payload that delivers the trojan/worm.
So...duh.
Courage? It's posted from ReallyCurious, who doesn't have an e-mail address apparently, and who doesn't seem to have a Slashdot account. It's not exactly courageous to post a message anonymously.
Aside from that, this discussion topic is really lame for Slashdot. This is a board, for techies, am I right? What's wrong with assuming that a member of this site should be capable of finding such simple answers somewhere else. Is this site going to become News for Nerds, Free Tech Support for everyone else?
AVG works pretty well, i've found. I used it on all the machines that came in when I used to work at a computer shop and it caught pretty much all of them.
:)
I run it on my windows systems at home, too.
So consider this as another vote for AVG.
You should probably also consider a firewall, there are couple of free ones out there, including Zone Alarm and so on.
My email addy? should be easy enough.
Bah. Im suprised no one has mentioned housecall yet:
http://housecall.antivirus.com
Housecall is a web-based virus scanner that, since it is loaded anew every time, always has the latest virus definitions. Since it installs nothing but temporary cache files, you dont have to worry about it slowing down your machine.
Because of the nature of the application it can't always clean the offending virii/malware, but it will at least alert you to their presence and give you their names so that you can manually remove them. When combined with stinger, spybot and google it's an excellent choice for on-site calls to machines without AV or for your old boxen that just cant afford the extra cycles for full-time AV bloat.
If you prefer to do the offline thing, try the Knoppix anti-virus distribution (weak link I know). Once again it isn't a permanently installed application and since the OS isn't running it can slap down bugs before they're loaded into memory.
Cheers!
Whatever...I found the topic interesting, and the replies gave me useful information that I'll use to secure my gf's (and my) machines. Sorry if all regular slashdot readers aren't Uber-geeky enough to pass the coolness criterium. ;-)
BTW, don't be put off by my high /. UID--I lost my first PW along the way, and don't know how to fix it. Oh, do you remember when Linux was still on comp.os.minix? I do.
no, you aren't a spam relay. configure your smtp servers and domain names with spf and you will reduce but not end the spam being spoofed from your email address.
Bounce messages are completely non-indicative of spam zombie status. I would bet my entire life savings that his email address is in the list of fake address that various mailer worms or spam programs use as the fake "From:" header. Sometimes those lists are automagically pulled from internet searches. So that way he gets innundated with bounce messages, not the spammer.
He probably just used his email address online once, or sent email to someone who's infected. Now his email address is seen as a good deflection target.
I should know. I get tons of emails like this on various accounts that I've used on message boards or mailing lists.
The one way to know if you're a zombie bot (without doing a scan for rogue software) is when you seem to be uploading a lot of data, or have lots of bursty system activity for no discernable reason.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
Most of the posts haven't really been answering the question. Most of the posts have been helpful advice about how to stop being a spam-zombie, but haven't been answering whether or not he currently is one.
m /
With apologies, because the connection I just made to them was a bit slow, there are:
http://openrbl.org/
http://moensted.dk/spa
http://www.dnsstuff.com/tools/ip4r.ch
Unfortunately my domain is in there, because it really refers to my ISP-assigned IP, and their whole block is listed.
The living have better things to do than to continue hating the dead.
This is really important for those of you who do a clean install of XP and don't want to get 0wn3d in the process:
0) Prerequisites: XP Professional w/Corporate Volume License (you can actually derive this from an XP Home CD, a text editor and a CD Burner, exactly how this is done is left as an excercise for the reader)
1) Install XP disconnected from the Internet. Use the CVL key to bypass the need to register XP on the internet.
--- Alternatively, you can just do a phone registration without a standard retail XP... they're avaiable like 24-7.
2) When you get to the point where they talk about network settings, make sure to go enable the Internet Connection Firewall on any adapters you have.
3) Finish the installation, reboot.
4) Double check in Network Connections that your adapters have that little lock on them.
5) Put computer back on network/Connect to internet
6) Run windows update.
7) Reboot (if required)
8) Return to step 6 (if required)
9) Only at this point would you consider removing the ICF. But you don't have to unless you need to, or you get a better, 3rd party firewall to take it's place.
Or just install XP Service Pack 2 slipstreamed. This will have ICF enabled by default (as it should be).
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
> gene therapy cocktail that will make your penis glow in the dark
Ummmm, where can I get some of that? I think it would impress the ladies.
- For the complete works of Shakespeare: cat
I agree. This one is an okay question. However that question from the guy who couldn't figure out how to block the light from an LED was outrageously stupid. A good proportion of these Ask Slashdot questions are rather dumb, so I can sympathize with this guy's response.
Stop the Slashdot Effect! Don't read the articles!
I don't know when Linux was on comp.os.minix, so I can't very well tell you if I remember that time frame. Maybe it was back in the good ol' days when I was running my own BBS! BTW, geek pissing contests are always lame, but I win =P
Except for the part about degradation of the registry. Look, I've got systems that are running Win 98SE and even 2 still running Win 95.
One of the Win 95 machines has been running for 7 YEARS without having to reload the OS. I have swapped hardware in and out, and changed drivers. The last time the OS was changed was when I put the 6 Gig drive in (1997) and I needed to upgrade from Win 95 ver B to ver C (B didn't support drives that big).
One of the Win 98 machines is now 4 years old, with no reloads, the other is only about 18 months old.
I run them all now on a router with a hardware firewall. The 95 machine is hardwired, the 98's are Wi-fi. Cable modem coming out the other end. There is NO anti-virus software installed, though adaware still runs on them every so often. I did install all the patches from MS.
Oh, and one more item of security for your Wi-fi system. Put passwords on your disk drives. You can teach all the other machines in your network to remember the passwords, but joe drive by can not access the drives if he breaks thru the first layer of security. Like anything else, he will go somewhere else where it is easier to get thru.
Everyone else already said you most likely aren't infected, but if your machine is totally unsecured, the first thing I'd recommend is getting a good software firewall installed and running. There are many different products out there with prices varying from free to darn expensive. I'll let someone else link to them for Karma. :)
If you practice reasonably safe internet usage (e.g. not opening attachments you aren't expecting, not visiting websites from random links, not visiting shady websites) then your chances of catching a worm or virus drop to a comfortably low percentage if you have a solid firewall blocking all unnecessary incoming and outgoing traffic.
From there you can find a reasonable free antivirus that you can run once a week or use it to examine any attachments that you do feel you need to open.
All I wanted was a rock to wind a piece of string around, and I ended up with the biggest ball of twine in Minnesota
If the originating ip address matches your ISP, there's a good chance, though as others here have said, most of the time, these bounces are from spam that uses one address from its mailing list for the "TO" header and another for the "FROM" header.
NEVER run Windows without solid anti-virus. If something on your machine is interfering with the anti-virus, fix your machine until anti-virus runs. If your anti-virus interferes with something else, don't run that something else. Seriously. It's that dangerous. Being used for spamming is the least of your potential problems.
You are doing nothing to stop your PC from being abused because you can't find free as in beer software?
Adaware SE Personal www.lavasoft.de
Zone Alarm Firewall www.zonelabs.com
F-Prot Antivirus www.f-prot.com
All commercial products free for personal use.
Now, install those and stop the spammers, please.
Keep your definitions updated, okay?
The latest Slashdot meme.
Some trojans use the zombie's address book as a source for spoofed names. For example, let's say you e-mail George W. Bush a lot and president@whitehouse.gov is in your address book. You pick up a trojan somehow and it will find that address and use it as the "From" address when sending out the spam/virus. Bounce messages will go to president@whitehouse.gov.
Are you feeling zombified?
------
There's a fine line between cuddling and holding someone down so they can't get away.
NEVER download an email attachment.
.doc.pif
Then how are you supposed to open it? People do send legitimate attachments.
Do NOT visit untrustworthy sites
What exactly is a trustworthy site these days? Javascript and even HTML have been used to download malicious code. Even well known and respected sites have been affected.
Proper network level security keeps the worms out almost guaranteed.
Worms yes, because they infect networks. But viruses and trojan horses infect machines.
-Do beware of emails with single word subjects from people that you do not know.
-Do beware of emails with double file extensions on their attachments i.e.
-Do beware of malicious code that can spread via filesharing, instant messenging and IRC.
-Turn off unnecessary services
-Run as a restricted user if possible if you are using NT or a variant of NT such as Windows 2000 or XP.
-A virus scanner is still recommended because it's better to be safe than sorry
I run AntiVir http://www.free-av.com/ .
-- Andy
Right now Amazon, OfficeMax, CompUsa, Staples, Circuit City, and TigerDirect all have this commercial product for free or almost free. This is not uncommon. I actually just got a free upgrade to Norton from Outpost last week. I haven't tried the Grisoft free stuff.
Also, my DSL modem has a "WAN" light, but nothing to say what's coming in vs going out. Turning logging on demonstrated that nearly all unaccountable activity was incoming probes, and I breathed easier. I also helped more than one sysadmin/netadmin identify zombies on their own networks, but it took some learnin' to see what probes were harmless vs those that were malicious. You're absolutely right about bounce messages---a brief "View Sources" against the headers, particularly the Received-From header, usually shows their origin being very far away from me.
This is not my sandwich.
A good way to get cheap anti-virus software is to buy LAST YEAR'S version from eBay. I recently bought Norton Systemworks 2003 (which includes Norton Antivirus) from eBay for $10 (including shipping). It was the real deal, not some pirated or used version. The software comes with one year of free virus updates. Since virus updates cost more than $10 per year, I think I'll just buy the 2004 version next year to get another year of free updates. Make sure you buy from a reputable dealer since there are a lot of pirated copies floating around, and who knows if they haven't been pre-infected before you buy!
If you don't have or use a firewall already, you need one for sure. The one built into WinXP SP2 is decent. You should also be running anti-spyware software like Spybot and Ad-Aware. Also turn on automatic updates so you will always have the lastest OS patches. And switching to Mozilla instead of using IE is a great idea for security.
The five pillars of Windows PC security (for home users) are firewall, antivirus, removing spyware, automatic updates, and Mozilla. Do those five things, and your computer is likely to be very secure. Or at least someone else's computer will be a more appealing target!
If you find your computer is infected with many pieces of spyware and viruses, you may be better off just formatting your drive and reinstalling everything. Sometimes it's the only way to get all that junk off there.
("Frequently"? They always forge the sender. Anyhow...)
I really like qmail, but it does make the braindead design of accepting mail, then processing it. (For reasons of efficiency or something; it's supposed to be a feature.)
The folks at LinuxMagic make a replacement that's a bitch to get working, but does all kinds of checking during the SMTP transaction, like valid user checking, virus scanning, etc. You're supposed to be able to plug in arbitrary checkers, but I never got around to trying. The valid-user checking alone is worth it. (They have a funny logo, too.)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
http://www.google.com/search?q=free+virus+scanner& sourceid=firefox&start=0&start=0&ie=utf-8&oe=utf-8
Holy christ, use Google first. Criminy. These questions get dumbver every day.
Comment of the year
There's a difference between:
"Are there any free virus scanners?"
And:
"Which free virus scanners do you recommend?"
If this guy had spent even 5 seconds on Google, he'd KNOW there are free virus scanners for Windows all over the place. The first entire page of results for "free virus scanner" are all free virus scanners for Windows.
This guy just didn't put in any effort at all.
For the record, I recommend AVG Antivirus and Sygate Personal Firewall. ZoneAlarm might look pretty, but it's hard to configure and has some incompatibilities.
Comment of the year
I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')!
If you have a Windows 98 machine with no anti-virus software, then stay off of the Internet. Period. You have no right to endanger and inconvenience others just because you're too cheap/poor to buy anti-virus software and too computer-illiterate to type "free antivirus software" into Google (hint).
It reminds me of someone with 20/200 vision operating a car without glasses because glasses cost too much. "Oops! Sorry about your poodle! Didn't mean to run over your kid; sorry. Uh oh, hit another parked car."
He could try simply deleting Lookout! Express and replacing it with some less vulnerable mail client. The majority of the viruses I've seen involve that horrible package in one way or another, and ditching it removes at least part of the problem.
I get boatloads of these things, as well as spam (filtering is your friend) -- my email address is fairly public and in a lot of address books. I'm not about to abandon it as it's within a domain I lease.
I run behind a fairly hardened firewall, and am moving towared a Linux iptables-based firewall/router/home server.
What ticks me off is when such a message bounce indicates that the original message contained a virus. How dare someone accuse me of sending a virus just because their mail daemon received a spoofed From: header? They could at least check the route the mail took against that header to get an idea if it's bogus. But, often automatic smam/virus filters are pretty stupid and trust the From: address. Still, I wonder if someone, somewhere, "out there" is blacklisting me because someone else forged my identity. Sounds like a defamation suit if I could find the bastards.
And that's the rub. Often when I've received such bounces, when the originator can be identified, they refuse to help in providing a copy of the original email, headers intact, that might permit tracking down the source: either a spammer, or a spam-zombie. I wonder if I could sucessfully file "theft of computer services" charges against such an organization: they're sending me unsolicited bounces, and furthermore, refusing to backup the allegation that they're bouncing messages from me. I wonder if the anti-spam legislation that's out there can be used as a club against those who send bounces to spoofed From: addresses and refuse to acknowledge or correct their mistake.
You could've hired me.
I've used AVG. Some people prefer AntiVir.
I've never found virus programs to be worth it - if a new worm comes out, they are rarely quick enough to update and in the meantime they always seem to really slow down your computer.
Instead, I run a web-based anitvirus program (http://housecall.antivirus.com/) about once a month.
Obviously I also take other precautions - only connect to the internet via a NAT router, never open email attachments, etcetera but Housecall is good, and it's free.
This was mentioned on /. a while back, but /. search is down and I couldn't find it quickly on Google.
Try AVG free virus software. much more light weight that macafee or norton....good luck
Sig Hansen?
Dude,
:) Talk about shooting yourself in the foot...
you just published your address on SlashDot as a mailto link.
Jouni
Jouni Mannonen | Game Designer, Consultant
As in the world of trucks (there is always someone with a bigger one), on Slashdot there is always someone with a lower ID, and amung geeks there is always someone older that was running flight simulations on a slide rule. Wait... is that what you ment by geek pissing contests or were you talking about golden showers?
Try this.
You know, that used to be "You know you've been MUDding too long when.."
Marxist evolution is just N generations away!
If you're running Windows 98 with no antivirus and you're posting a question like this on Ask Slashdot, then yes, you are a spam zombie...
:)
(Okay, mod me flamebait now, it was worth it!
Spoofage, I get these all the time, just look at the headers. NEXT!
I hate sigs.
Stop Using Microsoft Products!
The above is not worth reading.
I've had anti-virus software for years and kept it up to date and it never once blocked a virus.
However, I've spent many hours undoing the damage done to my machine by the virus scanners themselves. And I've spent a lot of money buying new versions.
Which person is the sucker? The one who is constantly spending time and money maintaining virus scanner installations that never block an infection or the one that has to deal with an infection every decade or so?
I don't see anything wrong with making a risk assessment and deciding that you're better off without a scanner.
Jesus saves....And takes 1/2 damage.
I don't see anything wrong with making a risk assessment and deciding that you're better off without a scanner.
It's not your place to make a "risk assessment" for your potential victims. All it takes is one f***-up by you and thousands of people end up being bombarded with viruses/worms from your infected PC.
And I've spent a lot of money buying new versions.
And I've spent a lot of money buying auto insurance. Maybe I should just make a "risk assessment" and decide that anyone I run into can just lump it.
Again with the hint: Type "free antivirus software" into Google.
I was on a mailing list once where a guy claimed to have never had a virus and to have never run AV software. He's run Windows 95, right upto WIndows XP.
He is carrying already too much dosh for the good of his soul and we don't want to lumber him with more than he can handle.
Use a Win emulator in Linux, there are several very good out there that allow you to use your cranky copy of W98 if you need to do so.
No reason to shell out more money for the guys in Redmond.
You wanna play games? Get a PS2, a Gamecube or a GBA. They are cheaper than a full version of Windows XP.
IANAL but write like a drunk one.
Parent was replying to Finni, modded to negative one. Not the article. Get all the facts before you sling accusations.
Don't try and terminate the spyware's running processes.
"Don't try to terminate".
If that's too much typing for you,(without any spaces put there by Slashdot) yields: http://www.ravantivirus.com/
"its."
I've found the following helpful for the no-budget set:
Avast Home Edition Virus Scanner
Spybot Search and Destroy
HijackTHIS - Find out whats in your PC. (semi-advanced)
The site for HiJackThis seems to be down for now. THere are a few other little nifty freebie aps in there, too. Heres a mirror download site
AdAware - picks up a lot of crap in your PC
(Anyone wanna offer up a few opinions on this stuff? You know you do.)
Of course, the obligatory comment of "Use Mozilla, keep your shit patched, don't click every OK button you see" still applies.
s'wut i sed.
-jim
You are quite right. If he doesn;t know by now, then why should any one tell him. All this "learning" and "asking for advice"... terrible.
Although your response assumed he asked "Where do I find free avnti-virus software?" whereas he actually asked "How can I tell if I am a spam-zombie?"
Could you please give me a list of your approved "Ask Slashdot" questions so we can run all submissions past your superior list before wasting any more of anyones time with questions that you obviously know the answers too.
b3 4phr41d 0f my 4bov3-4v3r4g3 c0mpu73r kn0wI3dg3!
MadDwarf
http://www.mail-abuse.com/services/mds.html
If you are on the list, you are a zombie.
These authentic looking bounce messages have attachments that you're going to open, right? Don't do it! That's the payload that delivers the trojan/worm. To an improperly secured system
Bold portion my addition.
Snowden and Manning are heroes.
spaaaaaaaam....... spaaaaam....... gurgle..... spaaAAaam...... *lurches*
Snowden and Manning are heroes.
yup, because blaster, sasser, sobig and mydoom all were able to infect '98 machines. oh wait, what's that they didn't? it's actually the windows XP machines which were infected oops i guess your arguement just got shot to hell.
Snowden and Manning are heroes.
Again with the hint: Type "free antivirus software" into Google.
So you are the guy telling people to download random software from the internet and install it. Thank you very much.
Snowden and Manning are heroes.
Actually, the way I found out I was a spam zombie [well, the machine I was borrowing... long story] was precisely by running antivirus software. That, and all 56+ windows updates since XP came out!
:-)
But in the process, I found I could get all kinds of useful info from this one website, that I am surprised nobody has recommended yet:
http://www.virusall.com/
It rocks. Virusall.com has a whole page listing free antivirus packages, and another whole page about free online checkers like MyV3 and Trend Housecall. This was one way I got around the Hosts bug, that some of the viruses had installed--the hosts list didnt have some of those minor vendors.
I just wish there were one product that covered what adaware does AND what antiviruses do. That, and Zonealarm with *detailed* packet statistics!
I can dream.
Be sure to download the DOS version rather than the Windows version. The DOS version is free (as in beer), and runs great under any DOS-based Windows (3.1, 95, 98, ME.) It's quite thorough, and only scans when you manually run it (so you don't have to worry about it eating any resources.)
The Windows version of F-Prot, OTOH, isn't free.
can you recommend free/shareware software for Windows to check my computer for trojans?
cheers
"If you have a Windows 98 machine with no anti-virus software, then stay off of the Internet. Period."
Why? Surely it would be more secure than a fully-patched WindowsXP machine?
(Assuming you use well-designed browser and applications, Win98 doesn't have a lot of things to exploit w.r.t. the internet, compared to 2000/XP, which use LSASS, Windows Messenger, RPC, NetBios, file and print server, etc.
So you are the guy telling people to download random software from the internet and install it. Thank you very much.
Ever heard of a review? How goddamned hard is it to do a little research on your own? Apparently too hard, so here' a link to a PC World review of free anti-virus software. But you're too clever to fall for that, aren't you? You figured out that Grisoft, Alwil, and H+BEDV Datentechnik GmbH (makers of AVG, Avast, and AntiVir anti-virus software respectively) are all providing free-for-personal-use anti-virus software that contains Trojan horses, viruses, worms, and malware because... because... well, just because!
It's pretty damned silly to refer to anti-virus packages which have undergone scrutiny, testing, and review in the user community and the press as "random software from the internet."
yup, because blaster, sasser, sobig and mydoom all were able to infect '98 machines. oh wait, what's that they didn't? it's actually the windows XP machines which were infected oops i guess your arguement just got shot to hell.
No, you didn't poke ANY holes in my argument. None. Zero. Zilch. Nada.
You really are as dumb as a bag of rocks, aren't you? Do you have any idea of the number of exploits that have affected Windows 98 boxes? Any idea at all? Didn't think so. Did I say that Windows XP machines should be on the net without anti-virus protection? Gee, I didn't say that, did I? Now shut your pie hole and try reading before you post.
Why? Surely it would be more secure than a fully-patched WindowsXP machine?
No, it would not, but neither should a Windows XP machine be on the net without anti-virus software.
actually since I ran windows 98 and ME for several years i would know, not once did i get attacked by a remote exploit, now sure there are lots of ways for an infected executable or a local user to escalate privlidges, due to almost no isolation of processes, but win 9x is nearly impenetrable from the outside since it does not run network services the way NT/200(0|3)/XP does... speaking of dumb as a bag (box?) of rocks
Snowden and Manning are heroes.
i was not referring to that software, just your suggestions to use google. Just because something comes up high in the google results does not mean it is safe.
Snowden and Manning are heroes.
i was not referring to that software, just your suggestions to use google.
What's wrong with using a search engine to search for things? That seems pretty logical to me. You search for "free antivirus software", click on the links, search for reviews of packages that look promising, and choose one based on your research.
Just because something comes up high in the google results does not mean it is safe.
I never said that a high rank in Google meant something was safe, did I?
actually since I ran windows 98 and ME for several years i would know, not once did i get attacked by a remote exploit
So what? Most viruses/worms come in through exploits in Internet Explorer, Outlook Express scripting, e-mail attachments, the disk that Billy brought home from his friend's house, the "cute" attachment that cousin Millie e-mailed, etc.
now sure there are lots of ways for an infected executable or a local user to escalate privlidges, due to almost no isolation of processes, but win 9x is nearly impenetrable from the outside since it does not run network services the way NT/200(0|3)/XP does...
Sure, it's almost impenetrable if you never run a network enabled app. If 98 is so incredibly secure, who was spreading all of those viruses before 2000 was released? There sure weren't that many compromised copies of NT 3.51 and 4.0 floating around that they would account for the infections.
speaking of dumb as a bag (box?) of rocks
You were saying?
P.S. You didn't answer my questions: "Did I say that Windows XP machines should be on the net without anti-virus protection?"
is a replacement smtpd for qmail; it's pretty easy to set up, and has great filtering capabilities.
Aside from the obvious ability to reject mail to non-existent mailboxes, it also supports uribl, dnsbl, and other blacklists, can do greylisting if you want, etc.
The neatest feature it has, though, is to wait a few seconds after the connection before sending it's "banner". If the remote MTA sends a helo before the banner is sent, it just drops the connection. [it is a violation for the MTA to begin pipelining before the local host has said it supports ESMTP and pipelining]. This feature alone blocks 20% of all mail I get, all of which is spam sent by dedicated spam hosts, or zombies, because many of them violate this to increase the rate they send.
So what? Most viruses/worms come in through exploits in Internet Explorer, Outlook Express scripting, e-mail attachments, the disk that Billy brought home from his friend's house, the "cute" attachment that cousin Millie e-mailed, etc.
Which is why you can advise them NOT to run those pieces of crap (use Firefox+Thunderbird or just Mozilla) and they'll be immune to most things.
Yeah, I run Win 98 SE myself. I've been on a broadband connection. I've kept up my A/V. I have some common sense and am a good admin. I've yet to be infected/trojaned/etc. and I check for such things manually as well as with all the standard programs.
Remember how we always talk about a "good admin" having a lot to do with keeping a computer secure? I'm probably more secure than the average kidiot n00b who just installed an old copy of RedHat they got in the back sleeve of a "Learn Linux in 24 Hours" book which they checked out from the library. Only to be 0wned the minute they set up IRC and joined #l33t-d00dz asking how to hack, because they were IRCing as root...
Stuff it, n00b.
While you're right that that search shows AVG Antivirus (a very useful program for home users), nothing prevents a malicious Googlebomb, and I certainly don't trust all the sponsored links on the other search, for Spybot Search & Destroy...
I know what you meant. I know what you said. You should stuff it before you make yourself out to look like more of an idiot for giving bad advice and being too foolish to accept correction.
What do I know? I've been there too. I was wrong. Thankfully, I eventually listened to reason.
Stuff it, n00b.
HAHAHAHAHAHA! Come back when you have over 20 years of professional software engineering experience.
I know what you meant. I know what you said.
Apparently you do not, since you've read all kinds of things into my one-sentence that I never wrote, implied, or intended.
You should stuff it before you make yourself out to look like more of an idiot for giving bad advice and being too foolish to accept correction.
I gave excellent advice: Again with the hint: Type "free antivirus software" into Google. That was it. The whole thing. I didn't say "Search for 'free antivirus software' in Google and install the first thing you come to without doing any further research." You and your little buddies came up with that brain-damaged idea and then tried to attribute it to me. Had you actually typed "free antivirus software" into Google, you would have found links to online ratings, user discussions, magazine reviews, etc.
I was wrong.
You still are.
Now stop trolling and go away.
Which is why you can advise them NOT to run those pieces of crap (use Firefox+Thunderbird or just Mozilla) and they'll be immune to most things.
Go to the average user's home and just look at the amount of spyware, adware, etc. on their system and you'll be horrified. You can give them all of the advice that you want, but as soon as some web site promises a nifty toolbar or some other free thing, they download it. Or they will open the attachment with the dancing baby sent by Aunt Millie, unaware that it's a trojan horse dropping IRC-controlled zombie-ware on their system.
I've kept up my A/V. I have some common sense and am a good admin.
Thank you for proving my point. Despite being a skilled computer user and having good common sense, you still recognize the need for antivirus software. All it takes is one slip-up without the AV softare and your system is toast. I recognize that, too, and have AV software on all of my systems for that reason.