Im still getting hit by this worm here:
15:40:04.113119 81.152.221.231.3999 > xx.xx.xx.xx.3127: S 1676479231:1676479231(0) win 65535 (DF)
No new worm in sight.
maybe we just need to rename songs as.doc or.jpg. If that crap can still catch them, cram the song into real images or insert them into real office documents.
One may insert them into icmp packets (ping still allowed??). What if i encrypt all my email, will encryption be outlawed? The war on file sharing is turning into a war on drugs, we all know how effective it is.
I think anyone can still get packets and or out a given network can download and upload songs or anything. those big 5 labels are causing real damage trying to police the internet and deserves to die real fast
This update addresses the vulnerability addressed in Microsoft Security Bulletin 666. Find out about more recent critical updates in the Overview section.
File Name:
WindowsXP-MSTCPDRM-x86-ENU.exe
Download Size:
1261 GB
Date Published:
4/20/2004
Version:
666
Overview
This patch fixes criticals security vulnerabilities present in Windows TCP stack. This patch also add the new DRM TCP extension. When is patch is applied, your computer will connect to drm.microsoft.com prior establishing any other connection to make sure the requested end point is an authorized Microsoft partner. All rogue packets are now rejected and reported by the Windows TCP-DRM firewall (TM). This patch also upload the registry key HKEY_LOCAL_MACHINE and all subkeys and values to drm.microsoft.com so we can make sure all software is used according to their end user licence agreements.
spamassassing only flags spam, it won't "block" it. When spam is flagged by spamassassin,it's easy to block it with any email filter. The problem is i can't get spam even if i want to.
I tried to get as much spam as possible in order to test spamassassin. I posted my email address on usenet and on all porn sites i've found. I have also tried installing spyware and toolbars. Internet explorer now crash on all sites but no spam so far.
Now, i resort to post my address on slashdot sm@bigserver.hopto.org
Cute, hell yes they are but, fortunately for some (many?) of us, being cute is not a prerequisite for writing good software. IMHO, it is foolish to reject a developer because he/she is not cute so i object using this as a marketing tool
I'm afraid microsoft can threaten mono development using
software patents just like they do with samba.
We all know that the USTPO is more or less like a patent vending machine, just pay and get your patent granted. But, like Nat said, if we should worry about patents, we won't write any code.
Hmmm, 2 open source guys dancing with the microsoft cto, am i the only one afraid? IIRC, they are the ones working on the mono project, i won't be surprised if microsoft crushes them if they finally catch up.
Hard drives may be operating, i don't know if some are completly sealed off but i know some are not. What i am sure is someone using this will have a hard time reading/burning cds.
You can fix this by editing/etc/ttys. Change this line:
console "/usr/libexec/getty Pc" vt220 off secure
for this one:
console "/usr/libexec/getty Pc" vt220 off insecure
Now, the root password is asked even in single user mode.
Don't buy foonetco's router with openbsd inside, get a high end pc and install openbsd yourself. You got yourself a decent router with no backdoors in it.
The only downside is it may not support all routing protocols used on the internet or large entreprise networks.
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses ( ) Mailing lists and other legitimate email uses would be affected ( ) No one will be able to find the guy or collect the money ( ) It is defenseless against brute force attacks ( ) It will stop spam for two weeks and then we'll be stuck with it (*) Users of email will not put up with it ( ) Microsoft will not put up with it ( ) The police will not put up with it ( ) Requires too much cooperation from spammers ( ) Requires immediate total cooperation from everybody at once ( ) Many email users cannot afford to lose business or alienate potential employers ( ) Spammers don't care about invalid addresses in their lists ( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it ( ) Lack of centrally controlling authority for email ( ) Open relays in foreign countries ( ) Ease of searching tiny alphanumeric address space of all email addresses ( ) Asshats (*) Jurisdictional problems ( ) Unpopularity of weird new taxes ( ) Public reluctance to accept weird new forms of money ( ) Huge existing software investment in SMTP ( ) Susceptibility of protocols other than SMTP to attack ( ) Willingness of users to install OS patches received by email ( ) Armies of worm riddled broadband-connected Windows boxes ( ) Eternal arms race involved in all filtering approaches ( ) Extreme profitability of spam (*) Joe jobs and/or identity theft ( ) Technically illiterate politicians ( ) Extreme stupidity on the part of people who do business with spammers ( ) Dishonesty on the part of spammers themselves ( ) Bandwidth costs that are unaffected by client filtering ( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical ( ) Any scheme based on opt-out is unacceptable ( ) SMTP headers should not be the subject of legislation ( ) Blacklists suck ( ) Whitelists suck ( ) We should be able to talk about Viagra without being censored ( ) Countermeasures should not involve wire fraud or credit card fraud ( ) Countermeasures should not involve sabotage of public networks ( ) Countermeasures must work if phased in gradually ( ) Sending email should be free ( ) Why should we have to trust you and your servers? ( ) Incompatiblity with open source or open source licenses ( ) Feel-good measures do nothing to solve the problem ( ) Temporary/one-time email addresses are cumbersome ( ) I don't want the government reading my email (*) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(*) Sorry dude, but I don't think it would work. ( ) This is a stupid idea, and you're a stupid person for suggesting it. ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Doing the Right Thing should not be preempted by making a buck.
the command
grep -r " [Hh]ell " * | sed s/^.*[Hh]ell.*$/hell/ | grep hell
will single out the word hell but is is not perfect:
a) If the word you look for appears more than 1 time in the same line it will be printed only 1 time.
b) You lose the case information Hell becomes hell
c) That command is long and ugly
d) Maybe some perl gourou out there can post a 20 bytes perl script that do the thing
Just look closely at the nessus
Plugin page. You may have to give nessus the remote registry access password but it can scan an entire network quickly with no special software on client machines. Please, try it on your own machines only or be sure you are permitted to conduct that kind of scan.
Slashdot Mirror
Im still getting hit by this worm here:
15:40:04.113119 81.152.221.231.3999 > xx.xx.xx.xx.3127: S 1676479231:1676479231(0) win 65535 (DF)
No new worm in sight.
Oh, and i forgot https, if i can connect to my bank, i can download songs? no? Do i am missing something
maybe we just need to rename songs as .doc or .jpg. If that crap can still catch them, cram the song into real images or insert them into real office documents.
One may insert them into icmp packets (ping still allowed??). What if i encrypt all my email, will encryption be outlawed? The war on file sharing is turning into a war on drugs, we all know how effective it is.
I think anyone can still get packets and or out a given network can download and upload songs or anything. those big 5 labels are causing real damage trying to police the internet and deserves to die real fast
Both won't work on linux and use drm. For me, drm'ed music is useless so i'll do anything to avoid it.
They should deploy them around this place. There will be a lot of cars around here for weeks to come so they can charge a premium.
Security Update for Windows XP (KBTCPDRM-666)
This update addresses the vulnerability addressed in Microsoft Security Bulletin 666. Find out about more recent critical updates in the Overview section.
File Name:
WindowsXP-MSTCPDRM-x86-ENU.exe
Download Size:
1261 GB
Date Published:
4/20/2004
Version:
666
Overview
This patch fixes criticals security vulnerabilities present in Windows TCP stack.
This patch also add the new DRM TCP extension.
When is patch is applied, your computer will connect to drm.microsoft.com prior establishing any other connection to make sure the requested end point is an authorized Microsoft partner. All rogue packets are now rejected and reported by the Windows TCP-DRM firewall (TM).
This patch also upload the registry key HKEY_LOCAL_MACHINE and all subkeys and values to drm.microsoft.com so we can make sure all software is used according to their end user licence agreements.
System Requirements
Supported Operating Systems: Windows XP
Windows XP Professional
Windows XP Home Edition
spamassassing only flags spam, it won't "block" it. When spam is flagged by spamassassin,it's easy to block it with any email filter.
The problem is i can't get spam even if i want to.
I previously thought getting spammmed was easy.
to get that much spam???
I tried to get as much spam as possible in order to test spamassassin. I posted my email address on usenet and on all porn sites i've found. I have also tried installing spyware and toolbars. Internet explorer now crash on all sites but no spam so far.
Now, i resort to post my address on slashdot
sm@bigserver.hopto.org
Cute, hell yes they are but, fortunately for some (many?) of us, being cute is not a prerequisite for writing good software. IMHO, it is foolish to reject a developer because he/she is not cute so i object using this as a marketing tool
I'm afraid microsoft can threaten mono development using software patents just like they do with samba. We all know that the USTPO is more or less like a patent vending machine, just pay and get your patent granted. But, like Nat said, if we should worry about patents, we won't write any code.
Hmmm, 2 open source guys dancing with the microsoft cto, am i the only one afraid? IIRC, they are the ones working on the mono project, i won't be surprised if microsoft crushes them if they finally catch up.
Please, prove me pessemistic
Hard drives may be operating, i don't know if some are completly sealed off but i know some are not. What i am sure is someone using this will have a hard time reading/burning cds.
You can fix this by editing /etc/ttys. Change this line:
console "/usr/libexec/getty Pc" vt220 off secure
for this one:
console "/usr/libexec/getty Pc" vt220 off insecure
Now, the root password is asked even in single user mode.
Don't buy foonetco's router with openbsd inside, get a high end pc and install openbsd yourself. You got yourself a decent router with no backdoors in it.
The only downside is it may not support all routing protocols used on the internet or large entreprise networks.
Your post advocates a
( ) technical (*) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(*) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(*) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
(*) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(*) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(*) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Doing the Right Thing should not be preempted by making a buck.
shared source of course
the command grep -r " [Hh]ell " * | sed s/^.*[Hh]ell.*$/hell/ | grep hell will single out the word hell but is is not perfect: a) If the word you look for appears more than 1 time in the same line it will be printed only 1 time. b) You lose the case information Hell becomes hell c) That command is long and ugly d) Maybe some perl gourou out there can post a 20 bytes perl script that do the thing
Try to use regular expressions, im a beginner in this domain but have some success.
for example
grep -r hell * match hell, Shell, shell and other things.
grep -r " hell " * match the word "hell" surrounded by spaces
grep -r " [Hh]ell " * match the words Hell and hell.
$ info sed to see the wonderful world of regular expressions.
Just try this /usr/src/linux
$ cd
$ grep -r " hell " *
It is fun to read some interesting comments
Just look closely at the nessus Plugin page. You may have to give nessus the remote registry access password but it can scan an entire network quickly with no special software on client machines. Please, try it on your own machines only or be sure you are permitted to conduct that kind of scan.
Just check it out And gator encrypt "phone home" communications but you will find a report is sent each time you visit a web site. Happy sniffing