"National"? We don't need no stinkin' "National". National boundaries are just speedbumps on the Information Superhighway, if that. They're not significantly more useful than state boundaries or city boundaries, because the Internet is worldwide, and nations don't control it.
National Laws don't keep foreigners from initiating spam - the US doesn't have jurisdiction over all those Nigerian spammers, even though their scams are clearly fraudulent as well as annoyingly frequent.
National laws don't usually keep nation's subjects from bouncing spam off of hijacked foreign computers, or renting time on foreign hosting center services, so even though all that mail you get from Korean servers is mostly sent by American spammers, laws don't have much effect.
Becoming non-national is trivially easy, so even if national laws _do_ magically become tougher and longer and harder overnight, all a spammer has to do is spend $100 to open a corporation anywhere in the world, which is just another setup cost along with the $25 for a disposable dialup account. So you're not getting Korean-relay spam from Joe Florida Trailer-Trash,
you're getting Korean-Relay spam from the Able Baker Charlie corporation in Nigeria,
which hires the Cayman Delta Echo Fulfillment corporation to deliver Fake Viagra for them,
and CDEF hires Joe to provide local mailing services for them at an amaing profit margin.
Joe's not spamming you - it's those nasty lawless Nigerians. Joe's just a worker-boy filling actual orders.
And if your National Laws have enough jurisdictional flexibility somehow manages to charge Severe Penalties to ABC Corp, the most Effective Enforcement can do is rip up their corporate charter papers and try to confiscate the minimal amount of money floating in their Panamanian bank account.
We're shocked, SHOCKED to find SPAMMING in NIGERIA!
Then a new corporation, Global Oscar Able Tango Seesaw Corp, goes and hires CDEF to fulfill some more Fake Viagra orders.
and somehow Joe Florida Trailer-Trash keeps getting hired by random foreign companies to ship Fake Viagra to people.
Joe probably doesn't even need two foreign corporations - he can probably use a single disposable Delaware corporation, though having an extra corporate cutout helps delay things, and going foreign helps delay things, and all of the steps hide the fact that he's really the only real stockholder, and if it's useful, it's easy enough to structure things so that the corporation doesn't really make any money, because it has a lot of expenses like renting a house for its contractor to ship Fake Viagra from.
The fact that most small spammers aren't bright enough to set up a Delaware corporation, much less a Panamanian corporation, isn't a problem - most small spammers aren't very bright anyway, and the big spammers can run a "legitimate" side business in setting up disposable corporations, as well as selling "bulletproof internet access" and "complete software packages" and lists of "9 billion validated opt-in email addresses".
But legislators mostly don't understand this stuff, so unless they get lots of really deep technical and business advice over lots of time they'll write laws that are at best worthless and at worst interfere with lots of legitimate network use and make the rest of it very expensive, and the public mostly doesn't understand this stuff either, and the public doesn't have the attention span to help legislators come up with useful solutions, nor do legislators - so basically they'll do something knee-jerk that seems like a good idea at the time and write press releases that they'll snail-mail to all of their constituents about how they're stopping unwanted non-snail-mail.
But spam is just bits you don't want. So are the Ping of Death, and 30 million validated copies of the Monty Python Spam Song.mp3, and if somebody thinks it's ok for them to send you bits you don't want, they shouldn't mind if you send them bits _they_ don't want. Unfortunately, retribution while it's happening is _more_ susceptible to forging and spoofing, not less. The classic spammer "Joe Job" is to send out their spam impersonating somebody who's gotten in their way lately, so they get the flames and the spammer only gets the people who really want their Nigerian Viagra.
Spam isn't like shouting "Fire" in a crowded theater, which might lead to people running away in panic and getting injured, and even Justice Oliver Wendell Holmes who had been responsible for that over-used phrase later said he regretted it, given the amount of suppression of free speech which is done with that as an excuse.
Spam is much more like shouting "Big Sale On Viagra" in a crowded theater, which is a bit annoying if one person does it once, and makes it not worth going to the theater if too many people do it too often.
If people aren't civil enough to refrain from doing it on their own, then theaters will either start limiting who can see their movies, or stick to movies where nobody minds not being able to hear and make everybody stand all the time so they don't go yelling "Down in Front" at the spammers all the time and make the tallest people stand in the back unless they want to pay extra for front-row standing-room-only space, which still sucks but maybe they'll still get some business instead of everybody but the spammers leaving.
There are some extremists out there who believe in some magical entity called "government" that has the "legitimate" right to go beat people up and kill them for not obeying whatever orders those extremists want the "government" to give other people. There are some less extreme people who think it's ok to hire a gang of government guys to do jobs like beating people up as long as they only beat up people who deserve it, like murderers and thieves, but don't beat up people who don't deserve it, like weird musicians or people who smoke the wrong drugs or have the wrong language or skin color, and as long as the government guys doesn't get any bogus ideas about being in charge of anything just because they're good at beating people up. And there _are_ a few anarchists who also like beating up people who they don't like, but they're at least up-front about that being their individual preference, and don't pretend there's something magic about it just because they're nasty, brutish, and short.
But most of us anarchists _are_ everyday normal decent people, who get along with our neighbors and try to make the world a better place and have a good time. You've just got a really limited view of "normal" is all....
And the Internet's big enough that "wow, like really cool" gets 864000 Google(tm) hits, so yes, you're probably just not looking at the right web sites or IRC private chat boards or whatever.
Do you mean that if you're not comptuer savvy you'll get Official Automatic Updates from Microsoft, or do you mean that you'll get Unofficial Automatic Updates from Mafiaboy, Staecheldraht, MSBlaster, Slammer, IISvermin, and SpammerRelay?
The BITS paper can't find itself to download the proprietary-format document, but the abstract says that it'll soak up unused bandwidth at low priority. That means that the 100MB hotfix pretends that it won't dog down my dialup connection, but it also will take 40,000 seconds instead of 20,000 seconds to download. If I'm a dialup user, I'm not connected that long (especially because I'm usually a DSL user, so when I'm on dialup, I'm probably in a hotel or airport where I *really* don't want to stay on long.) So it'll take a few days before I've clocked enough dialup time, and by then there's another major security breach and another 150MB hotfix:-)
How reliable is a non-standard download protocol? Maybe it's described in the paper, and if I can't download the paper about BITS, I'm skeptical about using BITS to download hotfixes:-)
Is it an incremental download protocol that can restart if it's interrupted?
Can the protocol work through firewalls?
Can the protocol work through proxies?
Can the protocol work through VPNs?
Does the protocol try to work *around* VPNs?
What's the MTU size of BITS packets? Bandwidth percentage limitations are fine, but once a packet gets its turn on the wire, it's a latency hit, especially at low bandwidth.
As long as they need to drive at least an hour, or fly somewhere, and get to listen to your organizational presentation on why spamming is the last thing in the world that your company would ever consider using for advertising, it's a good start, but if you can also get enough information about who they are and what techniques they're using to avoid spam-blocking, and post it on the net, that can be fun too.
I'm not in the right place organizationally for spammers to sell me service (though I've had to help some of our sales people explain our anti-spam policy to people who wanted to buy our ISP services in simple one- or two-syllable words so they could get the concept...)
But I have had telemarketers leave me a voice-mail about getting lawn service - and they were clearly calling numbers in sequential order, at my office, in the middle of a concrete block of downtown, in a city where several thousand phone numbers in a row belong to offices that aren't anywhere near any grass. I probably should have asked them to drive by for an estimate, but this was before the spammer epidemic really took off and I wasn't as mean.
If one person called up a spammer's toll-free number and sang them the Monty Python Spam Song or Weird Al Yankovic's Spam song, they might think it was a bit odd, but if a whole bunch of people started calling up, singing them a spam song, and hanging up, they might start to think it was a _movement_.
And if one person called up their toll-free number and left them a phone number they didn't want to talk to, like their ISP's phone number, or Interpol's, or the FBI's anonymous tip line, or their local police office, or their country's government's people-selling-bad-medicine bureaucracy's complaint line, or other spammers' toll-free numbers, or other spammers' ISP contact numbers, they might also start to think they were getting slashdotted.
In the US, most houses and small offices have electricity on three wires - a neutral, 110 volts from neutral in one phase, and 110 volts from neutral in the opposite phase (and also a ground), which lets you get 220 by running the appropriate wires to your main power feed. It's mainly used for electric heat, electric clothes driers, and electric water heaters. (There are many other flavors of electric current in the world.)
Most Americans who aren't professional electricians don't have much experience working with the 220, except maybe plugging in their driers. Therefore, people don't treat it with the same respect that they should, as evidenced by FueledByRamen who needs to back away from his box slowly and call a professional electrician.
The company got the prosecutors to come up with some totally bogus interpretation of an existing law. The original law was about doing computerized attacks on computers (e.g. viruses, cracking, password cracking, etc.), and they twisted it to say that by sending email to the customers, he was USING A COMPUTER to violate the security.
Now, this *is* a US-insane kind of thing to do, and he could have been more subtle.
I agree that Tornado may have violated one of the laws, such as the ECPA, that protect the privacy of email. I'm not a lawyer, and all I know of the facts of the case are from the articles referenced above, but if they actually read and deleted the mails (as opposed to blocking new incoming mails), there may be some problems.
The government has gotten some judges to agree to bogus interpretations of when the law applies to "intercepting" email - mail sitting in a user's mailbox has gotten less protection than mail in transit, letting government snoops off the hook, so perhaps Tornado's actions aren't illegal, but they're still reprehensible.
Legal Issues of Working on Electricity
on
Solving a Wiring Mess?
·
· Score: 4, Interesting
Close the box lid. Back Away Slowly. Get on your cellphone and call a licensed electrician who also knows something about computer rooms.
If you're talking about not having a 220-volt outlet nearby, you're probably American. But you're calling it "mains power", which is usually a Commonwealth thing. Are you by chance Canadian?
In most of the US, at least if you're in a city or a medium-heavily-populated county, there's probably a building code electrical code that says who's allowed to work on what kind of electricity. Usually in a home, you're allowed to work on sockets and switches inside existing electrical boxes, and almost everywhere you're not allowed to touch the main power feed yourself, and in some jurisdictions you can install new electrical boxes and plug-in circuit breakers yourself and in some you can't. (In New Jersey, you can negotiate with the building inspectors about not noticing things, but Darwin usually wants bigger bribes than they do...) In commercial buildings, you're more likely to need a license.
If you're required to use a licensed electrician for something, and you do it yourself, various Bad Things can happen, and if you do it your self and something goes wrong, more Bad Things _will_ happen. You do not want this... And you said that it looked ugly in there - this significantly increases the chances that if you do work on it yourself, something will go wrong, or perhaps Terribly Wrong, either because it really is an ugly mess or because it's beyond your skill level or both. And if you're renting your building instead of owning it yourself, your lease probably mentions some of the requirements. If you have fire insurance or liability insurance, those contracts probably also require licensed electricians for cases like this.
An American friend of mine was over in Australia, and watched an electrician who was being really conservative with turning all the power off while installing things. Since that didn't seem to be the usual Aussie approach to life, and since electricians in the US usually aren't that careful, he asked him about it. The guy replied that the difference between wimpy US 110 and 240 was "When you touch 240, you bounce about 3 meters farther.".
Basically, don't fsck with the stuff unless you know what you're doing.
If you've got a USB memory frob with a hardware write-protect, fine. But remember that one of the reasons you might want a "Security Boot CDROM" is that you might suspect that your network is insecure and that Bad Things are happening. That's a Really Really Good Time to Use Read-Only Media.
Also, mounting writable media is a good way to pass infections between your machines. Much safer not to do that.
Since you're already doing a bit of work, and running a teergrube, and you're probably also running a domain or subdomain for your mail, it's worth adding a bunch of spambait addresses and putting them out on the web to attract spiders, and also using them to catch dictionary attackers.
So if you don't have any users name Aaron and Alice and Viagra and Zebra, the only people trying to reach them are dictionary-attack spammers and people who found their email addresses by running harvesters on your web site (or alternatively, running harvesters on Google after searching for useful phrases, so make sure you've got a lot of attractive-nuisance words like bulk email and multi-level marketing and such and some meta comments that'll help attract the search engines.)
If you want to also hack your DNS so that it gives different answers depending on who's asking, you could set things so that any DNS requests coming from an address on the less aggressive RBLs get handed the address of your teergrube, or 127.0.0.1, or the address of some other open relay.
Individual Apps crashing themselves - that can happen on any OS. It shouldn't happen in major commercial products, but that's reality, and at least most of them are better about saving their state so they fail as safely as possible. I would have said that MS Office is pretty stable about that, except my MS Office has been crashing a lot the last couple of days, and of course there's all the Word Virus and Outlook Virus crap, so maybe I won't say that.
Hardware crashes - Unavoidable.
Crashes related to third-party device drivers - yeah, fine, you can't escape that, but the OS should be designed to minimize the need for drivers and provide mechanisms for isolating them.
The whole box crashing from applications - There's simply no excuse for this. That's why operating systems have kernels, and hardware has memory protection. Unix could pretty much defend itself from this by what, 1979? It wasn't rocket science like Multics or something. The 8086 memory architecture was too baroque, but the real advantage of all the segmentation stuff was that you *could* use it for memory management. Linus delayed at least one kernel release because a root user who opened a disk drive and scribbled on it _could_ cause the OS to crash. NT 3.5x was pretty safe about this, since it still looked VMS-like inside, but in NT 4 they moved a lot of the graphics capability into the kernel for "speed", and opened up the possibility of crashes again.
Applications using up some critical resources like disk drive so the machine becomes unusable - yes, this is possible, but the resources that are that critical are very very limited, e.g. a virtual memory system lets you page out or swap out application processes to prevent it.
Applications crashing some major subsystem that doesn't take down the OS. Unix has this risk - if you hang X Windows or the graphics system, applications that don't use X can still run fine, but you may need to telnet in to restart the subsystem. But this should also be minimized - keeping separate file systems for the OS's use vs. users' applications helps a lot.
Fry's isn't exactly a grocery store, though you can get coffee beans and corn chips as well as Java books and memory chips, but you can usually walk in and pick up a couple models of very lightweight portables, and often one of them is Transmeta-based.
It'd be nice if the new chip is at least a bit faster than the Via stuff - the 800 MHz mini-itx boxes don't need fans, but are supposed to be really marginal at crunching DVDs, while the 1 GHz version of the mini-itx have fans in them. Small ones, but not quite silent. (I'm of course typing this on a laptop that's mostly quiet when it isn't overheated, and sitting next to a 233 MHz box P2 that's pretty loud when I don't have the skins off for repairs, and even louder tonight:-)
I'm sitting here at home typing on my work laptop:-) It's behind a $50 firewall (which may help this worm), but that's all when I'm not VPNed into work. When the laptop's at work it uses Port 135 and the other MS ports so it can mount file servers and printers and such, so it's configured to listen to them, and the LAN at work is configured to pass them. On the other hand, at home, the only things on Port 135 and the other MS ports are viruses and crackers. My corporate IT people could get fancy and set the internal firewalling to only listen to Port 135 from IP address ranges 10.x.x.x or whatever, but basically if I didn't have the firewall or if it let Port 135 traffic go through, my machine would be toast, and I'd bring the nice burnt toast into the office where it would start causing more trouble. It's an ugly set of problems. (Having an operating system with a fundamental clue about security helps a lot, but even there you can get application bugs, like sendmail worms and finger daemon cracks and the like.)
As my former boss at Bell Labs said when they announced the name "Lucent" for the split-off company and unveiled the red ring logo, "I bet they paid some consultant a _bunch_ of money to come up with that one." Maybe not as bad a name as the Trash-80, but it's certainly no prize.
If you're trying to share files anonymously or surreptitiously, either for privacy reasons or because you're intentionally posting Metallica songs for download, then networks like Freenet are obviously the kind of thing you want.
This is different - this is sharing perfectly legal material using normal web hosting and having some lawyer-bot threaten you because they aren't having an intelligent human look at the threat and only send out letters for real matches, not bad regexp hits.
It looks to me like they're waving around the term "good faith" because it's the magic words from the DMCA, but sending out a letter with a human's signature on it when it's very clear that none of that human's neurons have fired during the writing process strikes me as (IANAL) much closer to bad faith than good faith, especially when they seem to have an established pattern of doing this.
It's an accusation to an ISP that the ISP's customer is committing a violation of a law and should be whacked, and under the DMCA it's much safer for the ISP to whack them first and apologize later if there's a mistake. There are various legal terms for doing this sort of thing - I'm not sure which of them are torts, which might become torts if the carrier acts on them, which might be crimes (they did say "under penalty of perjury"), and which are just insults.
Blocking the various Microsoft ports will help prevent infections, but you should also block 4444 (the port the worm uses to communicate with other worms and the WormMaster) and (if it won't disrupt too much of your other activities, which it shouldn't) block tftp (which the worm uses to download attack code after getting infected.)
That's not generic advice for the DCOM bug - for that you'll need to catch whichever of the MS ports are being abused this week. But it's guesswork advice for this particular instantiation of a worm that's exploiting it so you can at least slow down this one and isolate damage, and work on patching the actual holes in Windows so that you can prevent next week's worm that uses the same bug but some other inter-worm communication path from getting in.
At least on the couple of machines I've looked at, TCP 4444 isn't used for anything (there's a UDP 4444 used for Kerberos 4-to-5 conversion or something.) TFTP gets used for things like uploading operating system versions to diskless PCs and routers, and still isn't something you should be accepting from the outside world, and for the most part (YMMV) is only used by administrators who are better off stomping worms first and upgrading routerware later. The Microsoft ports are used by all kinds of Microsoft applications - you almost certainly should be blocking them to and from the outside world, but whether to block them inside your internal nets, and where, is a decision you'll need to make based on how much of which MS network products you're actually using. (e.g. you don't want to kill all your thin-client PCs by killing off their mounts of the file servers - but you also don't want them infecting each other.)
National Laws don't keep foreigners from initiating spam - the US doesn't have jurisdiction over all those Nigerian spammers, even though their scams are clearly fraudulent as well as annoyingly frequent.
National laws don't usually keep nation's subjects from bouncing spam off of hijacked foreign computers, or renting time on foreign hosting center services, so even though all that mail you get from Korean servers is mostly sent by American spammers, laws don't have much effect.
Becoming non-national is trivially easy, so even if national laws _do_ magically become tougher and longer and harder overnight, all a spammer has to do is spend $100 to open a corporation anywhere in the world, which is just another setup cost along with the $25 for a disposable dialup account. So you're not getting Korean-relay spam from Joe Florida Trailer-Trash,
- you're getting Korean-Relay spam from the Able Baker Charlie corporation in Nigeria,
- which hires the Cayman Delta Echo Fulfillment corporation to deliver Fake Viagra for them,
- and CDEF hires Joe to provide local mailing services for them at an amaing profit margin.
- Joe's not spamming you - it's those nasty lawless Nigerians. Joe's just a worker-boy filling actual orders.
- And if your National Laws have enough jurisdictional flexibility somehow manages to charge Severe Penalties to ABC Corp, the most Effective Enforcement can do is rip up their corporate charter papers and try to confiscate the minimal amount of money floating in their Panamanian bank account.
- We're shocked, SHOCKED to find SPAMMING in NIGERIA!
- Then a new corporation, Global Oscar Able Tango Seesaw Corp, goes and hires CDEF to fulfill some more Fake Viagra orders.
and somehow Joe Florida Trailer-Trash keeps getting hired by random foreign companies to ship Fake Viagra to people.Joe probably doesn't even need two foreign corporations - he can probably use a single disposable Delaware corporation, though having an extra corporate cutout helps delay things, and going foreign helps delay things, and all of the steps hide the fact that he's really the only real stockholder, and if it's useful, it's easy enough to structure things so that the corporation doesn't really make any money, because it has a lot of expenses like renting a house for its contractor to ship Fake Viagra from.
The fact that most small spammers aren't bright enough to set up a Delaware corporation, much less a Panamanian corporation, isn't a problem - most small spammers aren't very bright anyway, and the big spammers can run a "legitimate" side business in setting up disposable corporations, as well as selling "bulletproof internet access" and "complete software packages" and lists of "9 billion validated opt-in email addresses".
But spam is just bits you don't want. So are the Ping of Death, and 30 million validated copies of the Monty Python Spam Song .mp3, and if somebody thinks it's ok for them to send you bits you don't want, they shouldn't mind if you send them bits _they_ don't want. Unfortunately, retribution while it's happening is _more_ susceptible to forging and spoofing, not less. The classic spammer "Joe Job" is to send out their spam impersonating somebody who's gotten in their way lately, so they get the flames and the spammer only gets the people who really want their Nigerian Viagra.
Spam is much more like shouting "Big Sale On Viagra" in a crowded theater, which is a bit annoying if one person does it once, and makes it not worth going to the theater if too many people do it too often.
If people aren't civil enough to refrain from doing it on their own, then theaters will either start limiting who can see their movies, or stick to movies where nobody minds not being able to hear and make everybody stand all the time so they don't go yelling "Down in Front" at the spammers all the time and make the tallest people stand in the back unless they want to pay extra for front-row standing-room-only space, which still sucks but maybe they'll still get some business instead of everybody but the spammers leaving.
But most of us anarchists _are_ everyday normal decent people, who get along with our neighbors and try to make the world a better place and have a good time. You've just got a really limited view of "normal" is all....
And the Internet's big enough that "wow, like really cool" gets 864000 Google(tm) hits, so yes, you're probably just not looking at the right web sites or IRC private chat boards or whatever.
P.S. so does your band have a web site?
Do you mean that if you're not comptuer savvy you'll get Official Automatic Updates from Microsoft, or do you mean that you'll get Unofficial Automatic Updates from Mafiaboy, Staecheldraht, MSBlaster, Slammer, IISvermin, and SpammerRelay?
How reliable is a non-standard download protocol? Maybe it's described in the paper, and if I can't download the paper about BITS, I'm skeptical about using BITS to download hotfixes :-)
I'm not in the right place organizationally for spammers to sell me service (though I've had to help some of our sales people explain our anti-spam policy to people who wanted to buy our ISP services in simple one- or two-syllable words so they could get the concept...)
But I have had telemarketers leave me a voice-mail about getting lawn service - and they were clearly calling numbers in sequential order, at my office, in the middle of a concrete block of downtown, in a city where several thousand phone numbers in a row belong to offices that aren't anywhere near any grass. I probably should have asked them to drive by for an estimate, but this was before the spammer epidemic really took off and I wasn't as mean.
And if one person called up their toll-free number and left them a phone number they didn't want to talk to, like their ISP's phone number, or Interpol's, or the FBI's anonymous tip line, or their local police office, or their country's government's people-selling-bad-medicine bureaucracy's complaint line, or other spammers' toll-free numbers, or other spammers' ISP contact numbers, they might also start to think they were getting slashdotted.
Most Americans who aren't professional electricians don't have much experience working with the 220, except maybe plugging in their driers. Therefore, people don't treat it with the same respect that they should, as evidenced by FueledByRamen who needs to back away from his box slowly and call a professional electrician.
Now, this *is* a US-insane kind of thing to do, and he could have been more subtle.
The government has gotten some judges to agree to bogus interpretations of when the law applies to "intercepting" email - mail sitting in a user's mailbox has gotten less protection than mail in transit, letting government snoops off the hook, so perhaps Tornado's actions aren't illegal, but they're still reprehensible.
If you're talking about not having a 220-volt outlet nearby, you're probably American. But you're calling it "mains power", which is usually a Commonwealth thing. Are you by chance Canadian?
In most of the US, at least if you're in a city or a medium-heavily-populated county, there's probably a building code electrical code that says who's allowed to work on what kind of electricity. Usually in a home, you're allowed to work on sockets and switches inside existing electrical boxes, and almost everywhere you're not allowed to touch the main power feed yourself, and in some jurisdictions you can install new electrical boxes and plug-in circuit breakers yourself and in some you can't. (In New Jersey, you can negotiate with the building inspectors about not noticing things, but Darwin usually wants bigger bribes than they do...) In commercial buildings, you're more likely to need a license.
If you're required to use a licensed electrician for something, and you do it yourself, various Bad Things can happen, and if you do it your self and something goes wrong, more Bad Things _will_ happen. You do not want this... And you said that it looked ugly in there - this significantly increases the chances that if you do work on it yourself, something will go wrong, or perhaps Terribly Wrong, either because it really is an ugly mess or because it's beyond your skill level or both. And if you're renting your building instead of owning it yourself, your lease probably mentions some of the requirements. If you have fire insurance or liability insurance, those contracts probably also require licensed electricians for cases like this.
Basically, don't fsck with the stuff unless you know what you're doing.
Also, mounting writable media is a good way to pass infections between your machines. Much safer not to do that.
So if you don't have any users name Aaron and Alice and Viagra and Zebra, the only people trying to reach them are dictionary-attack spammers and people who found their email addresses by running harvesters on your web site (or alternatively, running harvesters on Google after searching for useful phrases, so make sure you've got a lot of attractive-nuisance words like bulk email and multi-level marketing and such and some meta comments that'll help attract the search engines.)
If you want to also hack your DNS so that it gives different answers depending on who's asking, you could set things so that any DNS requests coming from an address on the less aggressive RBLs get handed the address of your teergrube, or 127.0.0.1, or the address of some other open relay.
I already modded my posting down :-)
It'd be nice if the new chip is at least a bit faster than the Via stuff - the 800 MHz mini-itx boxes don't need fans, but are supposed to be really marginal at crunching DVDs, while the 1 GHz version of the mini-itx have fans in them. Small ones, but not quite silent. (I'm of course typing this on a laptop that's mostly quiet when it isn't overheated, and sitting next to a 233 MHz box P2 that's pretty loud when I don't have the skins off for repairs, and even louder tonight :-)
I'm sitting here at home typing on my work laptop :-) It's behind a $50 firewall (which may help this worm), but that's all when I'm not VPNed into work. When the laptop's at work it uses Port 135 and the other MS ports so it can mount file servers and printers and such, so it's configured to listen to them, and the LAN at work is configured to pass them. On the other hand, at home, the only things on Port 135 and the other MS ports are viruses and crackers. My corporate IT people could get fancy and set the internal firewalling to only listen to Port 135 from IP address ranges 10.x.x.x or whatever, but basically if I didn't have the firewall or if it let Port 135 traffic go through, my machine would be toast, and I'd bring the nice burnt toast into the office where it would start causing more trouble. It's an ugly set of problems. (Having an operating system with a fundamental clue about security helps a lot, but even there you can get application bugs, like sendmail worms and finger daemon cracks and the like.)
As my former boss at Bell Labs said when they announced the name "Lucent" for the split-off company and unveiled the red ring logo, "I bet they paid some consultant a _bunch_ of money to come up with that one." Maybe not as bad a name as the Trash-80, but it's certainly no prize.
This is different - this is sharing perfectly legal material using normal web hosting and having some lawyer-bot threaten you because they aren't having an intelligent human look at the threat and only send out letters for real matches, not bad regexp hits.
It's an accusation to an ISP that the ISP's customer is committing a violation of a law and should be whacked, and under the DMCA it's much safer for the ISP to whack them first and apologize later if there's a mistake. There are various legal terms for doing this sort of thing - I'm not sure which of them are torts, which might become torts if the carrier acts on them, which might be crimes (they did say "under penalty of perjury"), and which are just insults.
That's not generic advice for the DCOM bug - for that you'll need to catch whichever of the MS ports are being abused this week. But it's guesswork advice for this particular instantiation of a worm that's exploiting it so you can at least slow down this one and isolate damage, and work on patching the actual holes in Windows so that you can prevent next week's worm that uses the same bug but some other inter-worm communication path from getting in.
At least on the couple of machines I've looked at, TCP 4444 isn't used for anything (there's a UDP 4444 used for Kerberos 4-to-5 conversion or something.) TFTP gets used for things like uploading operating system versions to diskless PCs and routers, and still isn't something you should be accepting from the outside world, and for the most part (YMMV) is only used by administrators who are better off stomping worms first and upgrading routerware later. The Microsoft ports are used by all kinds of Microsoft applications - you almost certainly should be blocking them to and from the outside world, but whether to block them inside your internal nets, and where, is a decision you'll need to make based on how much of which MS network products you're actually using. (e.g. you don't want to kill all your thin-client PCs by killing off their mounts of the file servers - but you also don't want them infecting each other.)
I'd say we should kill this thing now...