The HD companies are arguibly more correct in this case as they are using the definition that is used everywhere else.
"1 GB=10^9 bytes" and "1 MB=10^6 bytes" are not the definitions used everywhere else...at least they weren't until the HD manufacturers started using those numbers--and getting away with it. When's the last time you bought a 268MB DIMM? Didn't think so...RAM manufacturers are still honest and call them 256MB DIMMs. Someone should've slapped the HD manufacturers down hard years ago.
Yeah, and its a right bugger at 300k/message. Over a 600k cable modem its annoying, but imagine the pain when people on dialups find 100 in their inbox.
Over the course of maybe two hours, I received 169 of them here. I figured out how to extract the first IP address from the last Received: header line (between this and some other stuff, I've learned a lot about sed and regular expressions lately), so I can say that 76 infected hosts were responsible for those messages. What I'd now like to know is if anybody knows of a way to filter mail from these addresses within qmail. Setting up a local blackhole list and using rbldns to use it won't work, since many of these messages are going through an ISP's outbound relay before they're passed on to my server. The IP address I want to filter only shows up in the header, so it's a case where you'd need to start receiving the message but cut it off if any expression from a list is matched. This would reduce bandwidth usage (169 copies of this damn virus equals 25 MB), if it's possible.
(I could set up procmail to send these messages to/dev/null, but that means they're still being received in their entirety. Something that cuts off the remote host as the message is being received is what's wanted.)
Finally, to whom at Microsoft do I send the bill for the wasted bandwidth that their software is costing me? While it is true that they patched it long ago, a strong case could be made that the hole shouldn't have been in publically-released software in the first place.
NAI has new defs that cover it now, and I assume all other others do too.
Just checked with Symantec...while the updated defs aren't available through LiveUpdate, they are available by downloading the Intelligent Updater. How smart of them...instead of sending out a couple hundred K, they force people to download 4 megs each until next Wednesday. It's their bandwidth, I suppose...
(I reran NAV after getting today's defs...it identified the file as containing Worm.Automat.AHB. SARC says nothing informative about it, but F-Secure says the following:
There is no virus known to us by this name. However, Norton Anti-Virus uses names like W97M.Automat.A to name viruses which have been detected automatically.
Another 5-10 copies arrived since my last post...busy little fscker, isn't it? Rabbits don't breed this rapidly.
My suspected-spam file had something like 50-60 new messages in it since last night. Except for one Nigerian-scam message, they all claimed to be security fixes from Microsoft (how original of them:-| ). I saved the attachment from one of them and let Nortan Antivirus take a look at it. It didn't identify any virus (even after updating signatures), but it has to be malware of some sort that just hasn't been cataloged yet.
Yeah, but windows standby sucks, at least on 9x - probably more than half the time I've had to reboot 9x boxes on standby.
Comparing a 2(?)-year-old OS to a 7+-year-old OS isn't fair. Suspend and hibernate both work fairly well on Win2K and WinXP. (I normally use hibernation...it allows the machine to power off completely, but stores the current state to the HD. It takes a bit longer than suspend as a result, but a power outage won't faze it.)
Doesn't work for me...then again, I've already fixed djbdns here to return NXDOMAIN when a lookup resolves to Verisign's squatter page. (A copy of the patch is here (the patch isn't mine, but the only place I've seen it is buried in bugs.gentoo.org) and an ebuild for your local Portage tree is here. To use the ebuild, you'll also need to copy Manifest and files/1.05-errno.patch from/usr/portage/net-dns/djbdns.)
expect that ip to get null routed by the backbone carriers real fast.
FWIW, of several URLs I tried (mostly of the form http://www.$RANDOMKEYMASHING.com/), only one brought up Verisign's catch-all page. For the rest, my proxy reports DNS errors. Maybe their servers are getting/.'d by everybody here trying it out...it'd serve them right.
It's a good thing my domains are in.us (except for one.org)...maybe crap like this will lead more people to start using ccTLDs instead.
By the way, some people still don't realize that you can just type the middle part, leave out the www dot and the dot com part, and press CTRL-ENTER. It will automatically assume (default!) that you want a dot com world wide web page.
That's one of the first things I shut off in Mozilla...does it really take you that long to type out the URL (especially when it's been put in once before and autocomplete still knows about it)? Besides, would you want your kid to type in "whitehouse," hit Ctrl-Enter, and end up here when he really meant to go here? If you're looking up some company for which you're not sure about the URL, you're better off googling for it than if you blindly assume that www.$COMPANYNAME.com is what you want.
I'm no fan of Ford (have never owned anything other than Chevy and Olds, actually), but it's a big-enough company that if some random dealer/parts vendor/etc. tried sending it a locked-up Office file, they'd send it back with instructions to resend in an open format.
And does the spammer pay, or does the pour sap with the open relay just get their connection yanked and faced with a bill they (arguably) didn't deserve?
A luser who runs an open relay and gets socked with a huge bandwidth bill (or worse) on account of spammers using his mailer deserves whatever he gets. Setting up an MTA to only accept outbound mail from selected hosts is trivial, if the software is well-designed. With the access-control software that's available (whether it's an SSH tunnel, POP-before-SMTP, or whatever), there is absolutely no reason whatsoever for anybody to run an open relay.
I used to do that for $5. That was back in 1984, but given that you're talking about a job that takes maybe 60-90 minutes, I'd have a hard time imagining that people would pay much more than $10 for one of the neighborhood kids to cut grass.
Am I the only one who had to copy and paste the text from the second linked page into a word processor to view the story?
In Mozilla, I got a Sprint ad in a huge box which overlaid the story text, making it impossible to read. I tried hovering over and such to see if it had a 'click to hide' option, but nothing. I'm not clicking the ad itself.
No problems here with Mozilla 1.4...but this might have something to do with it.
Isn't a Coming Soon page pretty common for most new domains?
I've never had one appear for mine...then again, I've always had a website ready to go as soon as the info propagates through DNS. In the "lag time" needed for that to happen, you get an error.
Maybe it does that if you're having them host your website. They shouldn't be doing that if you're hosting your site on your server...the closest thing to a "coming soon" page you should then have would be the "$HTTP_SERVER is correctly installed on this server" page that's in htdocs/index.html until you replace it. The last hosting service I used was Delphi...after I signed up for cable-modem service, I set up Apache on a machine at home, signed up with dyndns.org, and moved my website (just a cheesy personal page at the time) to my server. That was ~3.5 years ago.
When is the US going to grow up and recycle and refine spent uranium, instead of trying so hard to bury it in the ground. Other countries have breeder reactors that refine used uranium, meaning less fuel mined, less waste made, and the waste that is made has less radioactivity and half life...
You can blame Jimmy Carter for the fact that we're not doing that. (Why nothing has been done since 1981 to rescind that executive order is a valid question.)
Slashdot Mirror
"1 GB=10^9 bytes" and "1 MB=10^6 bytes" are not the definitions used everywhere else...at least they weren't until the HD manufacturers started using those numbers--and getting away with it. When's the last time you bought a 268MB DIMM? Didn't think so...RAM manufacturers are still honest and call them 256MB DIMMs. Someone should've slapped the HD manufacturers down hard years ago.
Over the course of maybe two hours, I received 169 of them here. I figured out how to extract the first IP address from the last Received: header line (between this and some other stuff, I've learned a lot about sed and regular expressions lately), so I can say that 76 infected hosts were responsible for those messages. What I'd now like to know is if anybody knows of a way to filter mail from these addresses within qmail. Setting up a local blackhole list and using rbldns to use it won't work, since many of these messages are going through an ISP's outbound relay before they're passed on to my server. The IP address I want to filter only shows up in the header, so it's a case where you'd need to start receiving the message but cut it off if any expression from a list is matched. This would reduce bandwidth usage (169 copies of this damn virus equals 25 MB), if it's possible.
(I could set up procmail to send these messages to /dev/null, but that means they're still being received in their entirety. Something that cuts off the remote host as the message is being received is what's wanted.)
Finally, to whom at Microsoft do I send the bill for the wasted bandwidth that their software is costing me? While it is true that they patched it long ago, a strong case could be made that the hole shouldn't have been in publically-released software in the first place.
Just checked with Symantec...while the updated defs aren't available through LiveUpdate, they are available by downloading the Intelligent Updater. How smart of them...instead of sending out a couple hundred K, they force people to download 4 megs each until next Wednesday. It's their bandwidth, I suppose...
(I reran NAV after getting today's defs...it identified the file as containing Worm.Automat.AHB. SARC says nothing informative about it, but F-Secure says the following:
Another 5-10 copies arrived since my last post...busy little fscker, isn't it? Rabbits don't breed this rapidly.
My suspected-spam file had something like 50-60 new messages in it since last night. Except for one Nigerian-scam message, they all claimed to be security fixes from Microsoft (how original of them :-| ). I saved the attachment from one of them and let Nortan Antivirus take a look at it. It didn't identify any virus (even after updating signatures), but it has to be malware of some sort that just hasn't been cataloged yet.
Unfortunately, the Brits did away with the death penalty a while back...now they don't have that option.
Cats and dogs are living together, and there's mass hysteria in the streets...
Comparing a 2(?)-year-old OS to a 7+-year-old OS isn't fair. Suspend and hibernate both work fairly well on Win2K and WinXP. (I normally use hibernation...it allows the machine to power off completely, but stores the current state to the HD. It takes a bit longer than suspend as a result, but a power outage won't faze it.)
Doesn't work for me...then again, I've already fixed djbdns here to return NXDOMAIN when a lookup resolves to Verisign's squatter page. (A copy of the patch is here (the patch isn't mine, but the only place I've seen it is buried in bugs.gentoo.org) and an ebuild for your local Portage tree is here. To use the ebuild, you'll also need to copy Manifest and files/1.05-errno.patch from /usr/portage/net-dns/djbdns.)
Might as well have some fun yanking their chain...or letting your computer do the same:
c=0; while true; do (echo mail from: verisign@needs.to.fuckoff.com; echo rcpt to: abuse@verisign.com; echo rcpt to: abuse@verisign.com; echo data; echo Subject: stop wildcarding .com \& .net; echo ""; echo .) | nc 64.94.110.11 25 >/dev/null; c=`expr $c + 1`; echo $c; done
Without the body in there, netcat would just wait for further input.
You must be new here...that's exactly what the average Slashbot (or liberal, more generally) wants.
http://forums.gentoo.org/viewtopic.php?t=84879&hi
There's no ebuild pushed out for it yet, but the second link describes a workaround. (Haven't tried it yet, but will in the near future.)
Someone's already asked WRT BIND. I would be more interested in a fix for djbdns, though.
FWIW, of several URLs I tried (mostly of the form http://www.$RANDOMKEYMASHING.com/), only one brought up Verisign's catch-all page. For the rest, my proxy reports DNS errors. Maybe their servers are getting /.'d by everybody here trying it out...it'd serve them right.
It's a good thing my domains are in .us (except for one .org)...maybe crap like this will lead more people to start using ccTLDs instead.
That's one of the first things I shut off in Mozilla...does it really take you that long to type out the URL (especially when it's been put in once before and autocomplete still knows about it)? Besides, would you want your kid to type in "whitehouse," hit Ctrl-Enter, and end up here when he really meant to go here? If you're looking up some company for which you're not sure about the URL, you're better off googling for it than if you blindly assume that www.$COMPANYNAME.com is what you want.
I'm no fan of Ford (have never owned anything other than Chevy and Olds, actually), but it's a big-enough company that if some random dealer/parts vendor/etc. tried sending it a locked-up Office file, they'd send it back with instructions to resend in an open format.
"Exoteric?" Is that some sort of cross between "exotic" and "esoteric?"
HTF is this a troll, or redundant? If you disagree, grow a set and reply...don't moderate.
Fscking crack-whore moderators...
It holds up pretty well...I had all of the files downloaded in just a few minutes.
A luser who runs an open relay and gets socked with a huge bandwidth bill (or worse) on account of spammers using his mailer deserves whatever he gets. Setting up an MTA to only accept outbound mail from selected hosts is trivial, if the software is well-designed. With the access-control software that's available (whether it's an SSH tunnel, POP-before-SMTP, or whatever), there is absolutely no reason whatsoever for anybody to run an open relay.
Maybe that's just how CmdrTaco most frequently misspells Slashdot...
I used to do that for $5. That was back in 1984, but given that you're talking about a job that takes maybe 60-90 minutes, I'd have a hard time imagining that people would pay much more than $10 for one of the neighborhood kids to cut grass.
No problems here with Mozilla 1.4...but this might have something to do with it.
How appropriate, that an article about spam would be submitted by a user named JoeJob.
I've never had one appear for mine...then again, I've always had a website ready to go as soon as the info propagates through DNS. In the "lag time" needed for that to happen, you get an error.
Maybe it does that if you're having them host your website. They shouldn't be doing that if you're hosting your site on your server...the closest thing to a "coming soon" page you should then have would be the "$HTTP_SERVER is correctly installed on this server" page that's in htdocs/index.html until you replace it. The last hosting service I used was Delphi...after I signed up for cable-modem service, I set up Apache on a machine at home, signed up with dyndns.org, and moved my website (just a cheesy personal page at the time) to my server. That was ~3.5 years ago.
You can blame Jimmy Carter for the fact that we're not doing that. (Why nothing has been done since 1981 to rescind that executive order is a valid question.)