Unless they knew the version/brand/etc of the email client, writing the trojan to use the client machines existing email client would be a little on the tricky side (unless they were supplied with the info, or retrieved it via some other method), so I'm guessing that they had the trojan send the email itself.... (I'd probably write it that way to)
So does that mean that SMTP outbound was enabled on the firewall (or more to the point, not disabled)?? What other ports are open allowing unrestricted access.
Sure, the users that plugged in the keys are at fault, but a simple rule at the bottom of the firewall rules (deny all to all) and only allowing required services would have stopped this as well.
and in western (not all the way west, out in the prairies) canada, we're having one of the mildest winters I have ever seen in my 35 years. Today is in the 'pluses' where I should be bundling up for -30 or on a good day -20.....
if you want it to learn to type better, take that old M Type, take all the caps off, take the 3 that have the home row bumps on them (J, F, 5) put them back on (maybe not in the right spots) then start grabbing caps and put them back on.
Did this 3 or 4 years ago. My typing has gotten alot better (which I could say the same for my spellin) and NOBODY want's to use my machine. (did I mention I did this at work)
or move north of the 49th to SK... never mind, twice a year there is grumblings about someone wanting DST, and that will be the end of the referances to us in the date setup screens
Gotta have one of these on gaming machine.
People say you can use it for other stuff (graphics editing, or anything else that you could use a keyboard macro for).... I'll believe them.
Actually had to use a keyboard the other day for BF1942.... that was tough.
Think Geek Plug
I still have the original one that was on my 486 when I started with my company 6+ years ago, couldn't tell you how many machines it got passed up though previous to me getting there. Probably take that one when I leave.
Even scrounged up an M type for my newer Dual Athalon.
And suprisingly some of the older (long term) staff members like them as well. Must remind them of the old green screen 3477's that we had hooked to the AS/400.
This all boggles my mind. Yes there are security risks involved with any product that features to make life easier (the more security something has the less 'user friendly' it is), but do they just have servers/multi-homed machines sitting on a live, unfirewalled connection and on thier internal network as well???? or (even worse) are these machines firewalled and have port 4444 open????
and for the CEO that bought the virus in on his machine (forget where that was mentioned) his IT guys should be shot for allowing a machine that has obviously travels from work (should be secure) to his home DSL/cable connection to not have any sort of virus protection on it (or at lease not having it scheduled to update often)
when I was asked about if we were at risk because of this at work I had to laugh, as none of these port would even be considered to be opened, especially 4444 inbound!!!!
sure these virus exploit holes in OS security, but they should have been covered off by network security!!!
> I have to admit that I've had the fewest problems
I used to work for a VAR that serviced Mac's and the local telco used 5300's for their people.... There was a "little" problem with heat. I ended up changing so many mother boards on the 5300's, that my best time from battery out, swap board, and first chimes was sub 7 minutes......
"This laptop will self destruct, well, when ever it feels like it" - my version of Mission Impossible
Slashdot Mirror
Unless they knew the version/brand/etc of the email client, writing the trojan to use the client machines existing email client would be a little on the tricky side (unless they were supplied with the info, or retrieved it via some other method), so I'm guessing that they had the trojan send the email itself.... (I'd probably write it that way to)
So does that mean that SMTP outbound was enabled on the firewall (or more to the point, not disabled)?? What other ports are open allowing unrestricted access.
Sure, the users that plugged in the keys are at fault, but a simple rule at the bottom of the firewall rules (deny all to all) and only allowing required services would have stopped this as well.
Then again, I could be wrong.
and in western (not all the way west, out in the prairies) canada, we're having one of the mildest winters I have ever seen in my 35 years. Today is in the 'pluses' where I should be bundling up for -30 or on a good day -20.....
if you want it to learn to type better, take that old M Type, take all the caps off, take the 3 that have the home row bumps on them (J, F, 5) put them back on (maybe not in the right spots) then start grabbing caps and put them back on.
Did this 3 or 4 years ago. My typing has gotten alot better (which I could say the same for my spellin) and NOBODY want's to use my machine. (did I mention I did this at work)
Didn't you see "Talking to Americans", Canada has already done this, but it was a 10 hour day mind you.
or move north of the 49th to SK... never mind, twice a year there is grumblings about someone wanting DST, and that will be the end of the referances to us in the date setup screens
for quite a while (year +) on the iSeries (old AS/400) and now the i5 (rebranded, again AS/400) boxes
n ux /dist.html
http://www-1.ibm.com/servers/eserver/iseries/li
Gotta have one of these on gaming machine. People say you can use it for other stuff (graphics editing, or anything else that you could use a keyboard macro for).... I'll believe them. Actually had to use a keyboard the other day for BF1942.... that was tough. Think Geek Plug
Old M type IBM keyboards rock.
I still have the original one that was on my 486 when I started with my company 6+ years ago, couldn't tell you how many machines it got passed up though previous to me getting there. Probably take that one when I leave.
Even scrounged up an M type for my newer Dual Athalon.
And suprisingly some of the older (long term) staff members like them as well. Must remind them of the old green screen 3477's that we had hooked to the AS/400.
This all boggles my mind. Yes there are security risks involved with any product that features to make life easier (the more security something has the less 'user friendly' it is), but do they just have servers/multi-homed machines sitting on a live, unfirewalled connection and on thier internal network as well???? or (even worse) are these machines firewalled and have port 4444 open????
and for the CEO that bought the virus in on his machine (forget where that was mentioned) his IT guys should be shot for allowing a machine that has obviously travels from work (should be secure) to his home DSL/cable connection to not have any sort of virus protection on it (or at lease not having it scheduled to update often)
when I was asked about if we were at risk because of this at work I had to laugh, as none of these port would even be considered to be opened, especially 4444 inbound!!!!
sure these virus exploit holes in OS security, but they should have been covered off by network security!!!
just my 0.02 cent candaian =~$0.013 USD
> I have to admit that I've had the fewest problems
I used to work for a VAR that serviced Mac's and the local telco used 5300's for their people.... There was a "little" problem with heat. I ended up changing so many mother boards on the 5300's, that my best time from battery out, swap board, and first chimes was sub 7 minutes......
"This laptop will self destruct, well, when ever it feels like it" - my version of Mission Impossible