16. 2014 - Zontar schooled him, doxed him, caught him in several other lies. 17. 2014-2015 - Bouldin repeatedly explained why OS hosts files are not suitable security against botnets, but Kowalrus didn't understand the technical aspects. Currently seems very confused about basic networking and how malware works. Doesn't understand basic Python, and believes the hosts file cannot be bypassed even after seeing Python code that does the bypassing. When provided proof that malware with millions of infections (Ramnit, Gameover Zeus) can bypass the hosts file (and other OS protection mechanisms), he called the malware "edge cases." 18. Still has not done anything since his long-since-deleted security guide from 2007 or his text file manager from 2010. Declares victory over everyone on every forum he has ever visited. Currently has no friends.
Other events on Jan 31st: * Guy Fawkes was executed. * Germany used poison gas at a large scale for the first time in history of warfare. * The Soviet Union exiled Leon Trotsky. * Harry Truman announced a program to develop the hydrogen bomb. * Viet Cong launched the Tet Offensive.
Illogical? Only if you don't understand logic. Since you never took logic classes, you probably don't.
Here, I updated your timeline:
Alex Kowalrus In a Nutshell (A Life of Failure) 0. Birthday was January 31st (see below). 1. 198x - Got a mediocre degree in IT from LeMoyne University. No computer science degree. LeMoyne actually disbanded their CS department from 1994 - 2008. 2. Fired from Sunbelt in 2000. Never found full-time employment again, much less as a software engineer. Moved back in with mom in Syracuse. 3. 2000 - Banned from Arstechnica. Rejoined under another name (lied) to argue for himself. 4. 2003 - Tried to argue with Dr. Russinovich (of sysinternals.com) in comments below Russinovich's blog. Other forum posters schooled him. Nevertheless, he still claims he beat Russinovich in an argument that Russinovich did not realized happened. 5. 2006 - Someone opened petition on petitiononline.com to have APK put to death. It got (at least) 29 signatures. 6. 2007 - Banned from Antionline.com. Everyone there hated him. Copy/pasted his "security guide," which everyone agreed was not good. 7. 2008 - Actually got paid $100 for his security guide as a newsletter prize, and thus claims, to this day, that he's a "security professional." 8. 2008 - Admitted he doesn't understand UNIX: "I am more of a Win32 guy the past few years though, so I must ask [what iptables is]." 9. 2008 - Made legal threats against Thor Schrock, but turned out to be bluffing. Embarrassed publicly by Schrock. 10. 2010 - Mom gave him the house (worth $100,000, counting land). He currently lies about that, claiming to be independently wealthy. 11. 2010 - Wrote a crappy file manager in Pascal that performs terribly. Nobody would pay for it. 12. Managed to get malwarebytes to host his file manager because it's free. Lied and denied it's just a file manager, but Malwarebytes calls it what it is: a "Small program for managing the hosts file" 13. 2011 - BarbaraHudson caught him in a lie - that he had plenty of +5 modded posts on slashdot. They were all at -1. 14. 2011 - Attempted to re-add garbage to Wikipedia 20 times on the Windows hosts file. Had it removed each time. Complained in the editorial pages, but was shot down. 15. 2012 - Embarrassed on slashdot for his text file manager's extremely poor performance (11 minutes to sort 1.8 million strings). Currently claims he "chose" Python because C++ does not perform as well. Pasted Python but failed to indent lines, showing he did not understand the basics of Python.
Ever bought real estate? It's possible to do that for tax purposes from relative & 1 time gift stuff etc.- et al. IS that what was PAID though? You must wonder (houses worth 100k + land around it worth more too I paid for but helped Dad). Taxes, taxes, taxes & capital GAINS are key.
You really are condescending. That's (part of) why nobody likes you.
The $1 sales price means the house was a gift. If you actually handed over more money than that (doubtful), then you committed fraud.
I knew you were stupid, but not so stupid to RENT, which evidently you do still, lol!
Ha, yeah, nice try.
(I do, 2 of them, AS in CS + BS in MIS
Assocates in CS is meaningless. You don't get into real CS classes until Junior year. This means you have a BS in MIS (a circa 80's degree, at that).
... where I was also a lettering NCAA athlete 1st string no less for a many time national or divisional champ... how about you, creampuff? No?? Didn't think so!)
Congrats. But then you started smoking, and now you sit around playing Diablo all day.
All you have now is arstechnica lies I long ago disproved in the post parent to yours... all done now?
Disproved? I read the posts. People criticized your shitty software, and you flew off the handle and got banned for it. You made a lot of enemies there. By the way, I noticed someone started a petition to have you killed in 2006. According to the archive.org page, it got at least 29 signatures. So, congrats on that, too!
Uhm, call LeMoyne's CS dept, & computer center. It was VAX 1180 during my time @ LeMoyne 1984-1987.
Funny, the tax assessor said she sold it to you in 2010 for $1. So I guess you were actually just living at mom's house until 2010, when she gave it to you.
UNIX & VMS here.
Just cause you said it doesn't make it true. Your internet history shows otherwise - a windows luser.
APK In a Nutshell (A Life of Failure) 1. Got a mediocre degree in IT. No computer science degree. 2. Fired from Sunbelt in 2000. Never found full-time employment again, much less as a software engineer. 3. Mom gave him a house. He lied about it, and claimed to be independently wealthy. 4. 2000 - Banned from Arstechnica. Rejoined under another name (lied) to argue for himself. Everyone there hated him. 5. 2003 - Tried to argue with Russinovich in forums of Russinovich's blog. Other forum posters schooled him. Nevertheless, claims he beat Russinovich in argument that Russinovich did not realized happened. 6. 2007 - Banned from Antionline. Everyone there hated him. Pasted his "security guide," which everyone agreed was not good. 7. 2008 - Actually got paid $100 for his security guide, and 7 years later claims he's a "security professional." 8. 2008 - Admitted he doesn't understand UNIX: "I am more of a Win32 guy the past few years though, so I must ask [what iptables is]." 9. 2008 - Made legal threats against Thor Schrock, but turned out to be lying. Embarrassed publicly by Schrock. 10. 2010 - Wrote a crappy file manager in Pascal that performs terribly. Nobody would pay for it. 11. Managed to get malwarebytes to host his file manager because it's free. Lied and denied it's just a file manager, but Malwarebytes calls it what it is: a file manager. 12. 2011 - BarbaraHudson caught him in a lie - that he had plenty of +5 modded posts on slashdot. They were all at -1. 13. 2011 - Attempted to re-add garbage to Wikipedia 20 times on the hosts file. Had it removed each time. 14. 2012 - Embarrassed on slashdot for his text file manager's extremely poor performance. Pastes Python but fails to indent, showing he does not understand the basics of Python. 15. 2014 - Zontar schooled him, doxed him, caught him in several other lies. 16. 2014-2015 - Bouldin repeatedly explained why hosts files are not suitable security against botnets, but he didn't understand the technical aspects. Seems very confused about basic networking and how malware works. Refers to malware with millions of infections as "edge cases." Doesn't understand basic Python, and believes the hosts file cannot be bypassed even after proof otherwise. 17. Still has not done anything since his long-since-deleted security guide from 2007 or his file manager from 2010.
"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)
Haha, yeah, nobody in enterprise does use hosts files for security. That's some consumer-grade shareware shit.
Spybot doesn't even seem to think it's a good feature, because you haven't been able to link anywhere other than that forum where they even admit having the feature.
Anyone can use it + see they do & MANY use that program stupid!
You can keep your consumer-grade shareware/freeware. Enterprise uses solutions like Damballa.
YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!
Didn't see it - it was buried under your verbal diarrhea. As many others have noted, your English is terrible.
WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):
Congrats, you got $100 seven years ago. You're a real pro!
Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!
You didn't even understand the cases I presented. And they aren't edge cases, they are malware with millions of infections. But that was lost on you, because you don't understand anything.
Ha, you can keep reposting that list, but none of those are failures on my part, and half of it doesn't even involve me in any way.
You, on the other hand are a total failure and liar. You claimed you quit Sunbelt, but actually you were fired. You claim to be independently wealthy, but you have a $100,000 house that your mom gave you.
You've been banned from dozens of sites (in other words, dozens of failures), and each time try ridiculous arguments that everyone on the site shuts down (so let's just call that several hundred failures).
And now, you are a complete failure because you write super shitty software that is slow. You don't understand computing or security.
Now you see why I've referred to you as a parade of delusion. You're a total fuckup imagining ways that someone you know nothing about has failed.
Your amateurish security guide sucked, you don't know anything about security, and you're a windows luser. You write shitty freeware in Pascal, and you have no job. You've been caught in lie after lie, and frankly, everybody you have ever known hates you.
So, then, you are admitting the hosts file is not effective at blocking botnet c&c channels. Take that out of your list of extravagant claims of the benefits of hosts files.
How many times is a dumbshit like YOU going to *try* pull that on me, menial? Are there hostnames here that are still online?? Yes, ZEUS botnet (as a SINGLE example) https://zeustracker.abuse.ch/m...
If your approach only blocks 5-10% of domain names, then it is NOT effective for security. This might fly in your shareware consumer world, but that is not enterprise-grade.
Any OTHER kind, such as the edge case RARE types you noted (out of 'desperation') MY SECURITY GUIDE catches via Layered Security/Defense in Depth practices -> http://forums.pcpitstop.com/in...
You DO NOT HAVE A SECURITY GUIDE. I actually looked for it, and the closest I could find was where you posted it, but everybody thought you were an idiot and banned you. Not what I would call "success."
"Sounds like you've washed out of every job you've had."
Wouldn't matter, since if YOU are 'state of the art' in "security engineers" (allegedly)? You suck...
Yeah, you have totally washed out of every job you had, and now you've been an author of (shitty) shareware. Found this gem:
The best thing I could find anyone say about you, from a friend, was:
Vortac said:
The only thing I don't like about him (although I've gotten over it), is he thinks everyone is an idiot. He just hasn't had any real experience, deadlines to meet, or being a team player within an organization.
And the worst thing is, you're a really shitty programmer!
For my Hosts Engine, I chose Object Pascal since it's beaten even MSVC++ in strings work which my app does HEAVILY - dumb thing for you to say:
Funny, because you got called out for very poorly performing code (that just sorted some strings and took 11 minutes) here. And here are the kinds of things people said about your code a few years ago:
Man with no head wrote:
Of course spamming forums with publicity ads is kind of lame; don't take it personally, but you brought it upon yourself.
Now as regarding the actual package, I find the UI kind of weird and you don't seem to be following Windows UI guidelines (That's a no-no in Tog speak).
The feature set is kind of questionable; I fail to see the real value of your product really.
And to finish my rant, I got these errors on startup on my Win2k SRV SP1 system.
You can run your update as often as you like, but malware reverse engineers are not providing you an up-to-the-minute list of all DGA domains. Even if they did, you wouldn't get the domains until the malware had already connected up for its C&C of the hour. Hosts files are a bad strategy for modern botnets because techniques like DGA were designed to defeat static blocklists.
No, I have repeatedly: My layered security guide addresses it which you can easily read since you ADMIT seeing various sources to it here http://it.slashdot.org/comment... since WHEN YOU BLOCK AVENUES MALWARES USE TO GET INTO YOU, THEY CAN'T INFECT YOU: Pure truth.
So, then, you are admitting the hosts file is not effective at blocking botnet c&c channels. Take that out of your list of extravagant claims of the benefits of hosts files.
Uhm, I never wrote a FileManager 1st of all, lol, & secondly? Again:
Yeah, you wrote a file manager in Pascal.
By the way: As a professional software engineer since 1994 here, DB security IS part of the job. To be that job title, you also HAVE to be a network admin with FULL rights to do it. Security IS a HUGE part of it, dumbass (talking out your ass again as usual). I've also taken jobs as a techie before that killing viruses by the MANY 1,000's for clients (using ProcessExplorer & a Windows Install CD recovery console alone even, not needing anything more, even rootkits), & as a network admin/engineer too before graduating to MIS/IS/IT level coding.
Sounds like you've washed out of every job you've had. It's funny, because if I google your name, all I find is you pissing off people in Internet forums over the past 9 years. Repeatedly.
P.S.=> You are NOT in my league. Nor will you ever be. Answer these questions in my ps here to prove otherwise -> http://slashdot.org/comments.p... [slashdot.org]
Hahhaa.. no, I'm not going to give my personal details to some mental patient on the Internet. Let's just say I moved past Pascal when I was in high school.
I made my monies, doing well enough to NOT have to work anymore in fact (it's great, early retirement)
Uh no, you are not independently wealthy. You are unemployable. If you apply for a job, the employer will google you and see you are a total whack job who needs medication.
You can run your update as often as you like, but malware reverse engineers are not providing you an up-to-the-minute list of all DGA domains. Even if they did, you wouldn't get the domains until the malware had already connected up for its C&C of the hour. Hosts files are a bad strategy for modern botnets because techniques like DGA were designed to defeat static blocklists.
And you keep insisting you have a multi-decade security background, but all you have to show for it is a file manager written in Pascal:
I.E. - I have a 21 yr. long career in security for database work as a pro + a guide for layered security for people that need it: Amateurs mostly need it, not pros.
And you keep citing your guide, which is from the "tips n tricks" section of a newsletter, but the guide is not up anymore. Apparently they didn't think it was worth much.
http://forums.pcpitstop.com/in... [pcpitstop.com]
See that guide, it does that!
Misquoting me AGAIN? LEARN TO READ! What's in my LAYERED SECURITY GUIDE DOES blocks infestation vectors!
It shows how to cut off the sources of infestation & firewalls + hosts (which security pros GALORE backed me on vs. your bs, fool) do the rest even stopping infected systems from "talking back" to their C&C controllers (think Iron Man in Avengers 1 killing the central command in the black hole).
I have yet to see a security guide, just a dead link.
Bouldin omits apk's 21 yr career in security != dumb selective quoting. Apk's been there and done that at levels I now suspect you can't touch. Are you even over 21? You'd have to be at least that and more to be a pro with 21 yrs to your credit in security as apk has. Are you really a security pro? Prove it. That's all I want to see now. How old are you? I doubt you've been a security pro at all much less one that has a 21 yr career as apk has on levels in coding and networking.
First off, we know this is you, Kowalrus.
Second, no, you do not have a 21 year career in security. You have a 15 year career of being a total asshole in internet forums.
You really have not proven that you've ever had a job, although it does seem likely you worked at Sunbelt but were fired because everybody hates working with you.
You can run your update as often as you like, but malware reverse engineers are not providing you an up-to-the-minute list of all DGA domains. Even if they did, you wouldn't get the domains until the malware had already connected up for its C&C of the hour. Hosts files are a bad strategy for modern botnets because techniques like DGA were designed to defeat static blocklists.
Perhaps because you are an amateur, and don't understand malware, security, botnets, or anything beyond Pascal on Windows 2000?
"yes, malware can trivially disable your hosts file or the windows firewall." by bouldin (828821) on Sunday May 24, 2015 @09:15AM (#49763123)
Not if you secure yourself vs. their methods of getting in which my guide does (cuts off all avenues) first.
So.. hosts file means strong security as long as you never get an infection in the first place? Surely you realize how stupid that sounds.
Clue: You won't even SAY WHERE YOU WORK yet YOU CLAIM you are a "security engineer"??? LMAO - No, don't think so.
Ha, I don't want you harassing me at work, idiot.
I don't? My ware UPDATES DAILY dimwit (every 12 hours automatically) & more if you do it manually often as you like (every hour if you want, defeating even DGA's stupid) & blocking them, ala:
You can run your update as often as you like, but malware reverse engineers are not providing you an up-to-the-minute list of all DGA domains. Even if they did, you wouldn't get the domains until the malware had already connected up for its C&C of the hour. Hosts files are a bad strategy for modern botnets because techniques like DGA were designed to defeat static blocklists.
That's why real antimalware vendors like Damballa don't rely on a static DNS blocklist, much less a hosts file on the OS.
YOU SAYING THAT WON'T BLOCK A DGA ENDPOINT or C&C? Wrong... hosts block *ANY* host-domain/subdomain name! ANSWER THAT SIMPLE QUESTION!
I already answered this question - NO. You didn't believe me and called it "hypothetical bullshit," so I provided 4 lines of Python that trivially bypass hosts files.
You can't corrupt bypass my hosts file by the way.
Again: DID I SAY HOSTS STOP EVERYTHING? Never. Show me WHERE I HAVE ok? I never have once. Nothing by itself does.
You keep claiming hosts files stop botnet communication, which is clearly not true.
I've proven I have TONS OF GUIDES FOR THAT even PAID FOR ONES I WROTE that actually work (with testimonials too)
No, you provided one dead link that may have hosted 1 guide 7 years ago. And that was a site for AMATEURS to submit their text files, and win a $100 prize if their amateurish text files were accepted.
I saw the PCpitstop page earlier, but all the guide links were dead then, too.
It's on multiple sites as stated searching "How to Secure Windows 2000/XP" as you yourself already know liar from your post there in that link above, lol!
Then it shouldn't be hard for you to find a link to your own paper.
Hosts don't stop botnets? Ok - they block access to their C&C servers easily also like Zeus -> https://zeustracker.abuse.ch/m... [abuse.ch] easily by host-domain-subdomain names fool...
The Domain Generation Algorithm is a method for a criminal to regain access to his botnet. Based on the current date, random-looking domain names are calculated and the malware reaches out via the Internet to see if that domain exists.
There is a new set of domains every day. For some DGAs, the domains are only up an hour. By the time you find them on a blog somewhere, they are not being used anymore.
(Yes, we all KNOW IT'S YOU *trying* to "support yourself" via truly unidentifiable anonymous coward 'supporters' Bouldin, lol, & THAT IS HILARIOUS + piss poor 'tactics', moron... totally transparent.)
Yeah genius, I was making fun of you for doing exactly the same thing. It is hilarious!
Yeah, he's a total amateur! He thinks you can block botnet traffic with hosts files! I even showed him some Python that bypasses hosts, but he got really confused.
Slashdot Mirror
Let me guess. You have some goofy visual basic script to get around Slashdot's lameness filter. You must be proud.
#owned
16. 2014 - Zontar schooled him, doxed him, caught him in several other lies.
17. 2014-2015 - Bouldin repeatedly explained why OS hosts files are not suitable security against botnets, but Kowalrus didn't understand the technical aspects. Currently seems very confused about basic networking and how malware works. Doesn't understand basic Python, and believes the hosts file cannot be bypassed even after seeing Python code that does the bypassing. When provided proof that malware with millions of infections (Ramnit, Gameover Zeus) can bypass the hosts file (and other OS protection mechanisms), he called the malware "edge cases."
18. Still has not done anything since his long-since-deleted security guide from 2007 or his text file manager from 2010. Declares victory over everyone on every forum he has ever visited. Currently has no friends.
Other events on Jan 31st:
* Guy Fawkes was executed.
* Germany used poison gas at a large scale for the first time in history of warfare.
* The Soviet Union exiled Leon Trotsky.
* Harry Truman announced a program to develop the hydrogen bomb.
* Viet Cong launched the Tet Offensive.
Illogical? Only if you don't understand logic. Since you never took logic classes, you probably don't.
Here, I updated your timeline:
Alex Kowalrus In a Nutshell (A Life of Failure)
0. Birthday was January 31st (see below).
1. 198x - Got a mediocre degree in IT from LeMoyne University. No computer science degree. LeMoyne actually disbanded their CS department from 1994 - 2008.
2. Fired from Sunbelt in 2000. Never found full-time employment again, much less as a software engineer. Moved back in with mom in Syracuse.
3. 2000 - Banned from Arstechnica. Rejoined under another name (lied) to argue for himself.
4. 2003 - Tried to argue with Dr. Russinovich (of sysinternals.com) in comments below Russinovich's blog. Other forum posters schooled him. Nevertheless, he still claims he beat Russinovich in an argument that Russinovich did not realized happened.
5. 2006 - Someone opened petition on petitiononline.com to have APK put to death. It got (at least) 29 signatures.
6. 2007 - Banned from Antionline.com. Everyone there hated him. Copy/pasted his "security guide," which everyone agreed was not good.
7. 2008 - Actually got paid $100 for his security guide as a newsletter prize, and thus claims, to this day, that he's a "security professional."
8. 2008 - Admitted he doesn't understand UNIX: "I am more of a Win32 guy the past few years though, so I must ask [what iptables is]."
9. 2008 - Made legal threats against Thor Schrock, but turned out to be bluffing. Embarrassed publicly by Schrock.
10. 2010 - Mom gave him the house (worth $100,000, counting land). He currently lies about that, claiming to be independently wealthy.
11. 2010 - Wrote a crappy file manager in Pascal that performs terribly. Nobody would pay for it.
12. Managed to get malwarebytes to host his file manager because it's free. Lied and denied it's just a file manager, but Malwarebytes calls it what it is: a "Small program for managing the hosts file"
13. 2011 - BarbaraHudson caught him in a lie - that he had plenty of +5 modded posts on slashdot. They were all at -1.
14. 2011 - Attempted to re-add garbage to Wikipedia 20 times on the Windows hosts file. Had it removed each time. Complained in the editorial pages, but was shot down.
15. 2012 - Embarrassed on slashdot for his text file manager's extremely poor performance (11 minutes to sort 1.8 million strings). Currently claims he "chose" Python because C++ does not perform as well. Pasted Python but failed to indent lines, showing he did not understand the basics of Python.
You really are condescending. That's (part of) why nobody likes you.
The $1 sales price means the house was a gift. If you actually handed over more money than that (doubtful), then you committed fraud.
Ha, yeah, nice try.
Assocates in CS is meaningless. You don't get into real CS classes until Junior year. This means you have a BS in MIS (a circa 80's degree, at that).
Congrats. But then you started smoking, and now you sit around playing Diablo all day.
Disproved? I read the posts. People criticized your shitty software, and you flew off the handle and got banned for it. You made a lot of enemies there. By the way, I noticed someone started a petition to have you killed in 2006. According to the archive.org page, it got at least 29 signatures. So, congrats on that, too!
Even if you had gotten a CS degree (you didn't), that was a way shitty school that actually disbanded the CS department from 1994 - 2008.
Funny, the tax assessor said she sold it to you in 2010 for $1. So I guess you were actually just living at mom's house until 2010, when she gave it to you.
Just cause you said it doesn't make it true. Your internet history shows otherwise - a windows luser.
APK In a Nutshell (A Life of Failure)
1. Got a mediocre degree in IT. No computer science degree.
2. Fired from Sunbelt in 2000. Never found full-time employment again, much less as a software engineer.
3. Mom gave him a house. He lied about it, and claimed to be independently wealthy.
4. 2000 - Banned from Arstechnica. Rejoined under another name (lied) to argue for himself. Everyone there hated him.
5. 2003 - Tried to argue with Russinovich in forums of Russinovich's blog. Other forum posters schooled him. Nevertheless, claims he beat Russinovich in argument that Russinovich did not realized happened.
6. 2007 - Banned from Antionline. Everyone there hated him. Pasted his "security guide," which everyone agreed was not good.
7. 2008 - Actually got paid $100 for his security guide, and 7 years later claims he's a "security professional."
8. 2008 - Admitted he doesn't understand UNIX: "I am more of a Win32 guy the past few years though, so I must ask [what iptables is]."
9. 2008 - Made legal threats against Thor Schrock, but turned out to be lying. Embarrassed publicly by Schrock.
10. 2010 - Wrote a crappy file manager in Pascal that performs terribly. Nobody would pay for it.
11. Managed to get malwarebytes to host his file manager because it's free. Lied and denied it's just a file manager, but Malwarebytes calls it what it is: a file manager.
12. 2011 - BarbaraHudson caught him in a lie - that he had plenty of +5 modded posts on slashdot. They were all at -1.
13. 2011 - Attempted to re-add garbage to Wikipedia 20 times on the hosts file. Had it removed each time.
14. 2012 - Embarrassed on slashdot for his text file manager's extremely poor performance. Pastes Python but fails to indent, showing he does not understand the basics of Python.
15. 2014 - Zontar schooled him, doxed him, caught him in several other lies.
16. 2014-2015 - Bouldin repeatedly explained why hosts files are not suitable security against botnets, but he didn't understand the technical aspects. Seems very confused about basic networking and how malware works. Refers to malware with millions of infections as "edge cases." Doesn't understand basic Python, and believes the hosts file cannot be bypassed even after proof otherwise.
17. Still has not done anything since his long-since-deleted security guide from 2007 or his file manager from 2010.
Hey, what do you know? Even malwarebytes thinks your program is just a file manager:
So your one claim to fame IS a file manager written in Pascal. For which nobody pays you.
Hey nice copy-paste. So why did you lie about being independently wealthy? Why didn't you just say your mom gave you your house?
You don't understand security or computing, Kowalrus.
Haha, yeah, nobody in enterprise does use hosts files for security. That's some consumer-grade shareware shit.
Spybot doesn't even seem to think it's a good feature, because you haven't been able to link anywhere other than that forum where they even admit having the feature.
You can keep your consumer-grade shareware/freeware. Enterprise uses solutions like Damballa.
Didn't see it - it was buried under your verbal diarrhea. As many others have noted, your English is terrible.
Congrats, you got $100 seven years ago. You're a real pro!
You didn't even understand the cases I presented. And they aren't edge cases, they are malware with millions of infections. But that was lost on you, because you don't understand anything.
Ha, you can keep reposting that list, but none of those are failures on my part, and half of it doesn't even involve me in any way.
You, on the other hand are a total failure and liar. You claimed you quit Sunbelt, but actually you were fired. You claim to be independently wealthy, but you have a $100,000 house that your mom gave you.
You've been banned from dozens of sites (in other words, dozens of failures), and each time try ridiculous arguments that everyone on the site shuts down (so let's just call that several hundred failures).
And now, you are a complete failure because you write super shitty software that is slow. You don't understand computing or security.
Go back to school. Go to a real school this time.
Do you seriously think anybody believes this isn't you? Or are you really that fucked up in the head that you have multiple personalities?
Now you see why I've referred to you as a parade of delusion. You're a total fuckup imagining ways that someone you know nothing about has failed.
Your amateurish security guide sucked, you don't know anything about security, and you're a windows luser. You write shitty freeware in Pascal, and you have no job. You've been caught in lie after lie, and frankly, everybody you have ever known hates you.
If your approach only blocks 5-10% of domain names, then it is NOT effective for security. This might fly in your shareware consumer world, but that is not enterprise-grade.
You DO NOT HAVE A SECURITY GUIDE. I actually looked for it, and the closest I could find was where you posted it, but everybody thought you were an idiot and banned you. Not what I would call "success."
Yeah, you have totally washed out of every job you had, and now you've been an author of (shitty) shareware. Found this gem:
So you don't even understand UNIX. You are quite the security professional.
You have been banned from almost every forum you've ever joined. Like when you were banned in 2000 from arstechnica, and rejoined as a different name to defend yourself. Or when you were banned after trying to spam your shitty security guide in 2007.
The best thing I could find anyone say about you, from a friend, was:
And the worst thing is, you're a really shitty programmer!
Funny, because you got called out for very poorly performing code (that just sorted some strings and took 11 minutes) here. And here are the kinds of things people said about your code a few years ago:
So, then, you are admitting the hosts file is not effective at blocking botnet c&c channels. Take that out of your list of extravagant claims of the benefits of hosts files.
Yeah, you wrote a file manager in Pascal.
Sounds like you've washed out of every job you've had. It's funny, because if I google your name, all I find is you pissing off people in Internet forums over the past 9 years. Repeatedly.
Hahhaa.. no, I'm not going to give my personal details to some mental patient on the Internet. Let's just say I moved past Pascal when I was in high school.
Uh no, you are not independently wealthy. You are unemployable. If you apply for a job, the employer will google you and see you are a total whack job who needs medication.
You still have not responded to this:
And you keep insisting you have a multi-decade security background, but all you have to show for it is a file manager written in Pascal:
And you keep citing your guide, which is from the "tips n tricks" section of a newsletter, but the guide is not up anymore. Apparently they didn't think it was worth much.
I have yet to see a security guide, just a dead link.
First off, we know this is you, Kowalrus.
Second, no, you do not have a 21 year career in security. You have a 15 year career of being a total asshole in internet forums.
You really have not proven that you've ever had a job, although it does seem likely you worked at Sunbelt but were fired because everybody hates working with you.
You still have not responded to this:
Perhaps because you are an amateur, and don't understand malware, security, botnets, or anything beyond Pascal on Windows 2000?
So.. hosts file means strong security as long as you never get an infection in the first place? Surely you realize how stupid that sounds.
Uh, what? Parse error
Ha, I don't want you harassing me at work, idiot.
You can run your update as often as you like, but malware reverse engineers are not providing you an up-to-the-minute list of all DGA domains. Even if they did, you wouldn't get the domains until the malware had already connected up for its C&C of the hour. Hosts files are a bad strategy for modern botnets because techniques like DGA were designed to defeat static blocklists.
That's why real antimalware vendors like Damballa don't rely on a static DNS blocklist, much less a hosts file on the OS.
I already answered this question - NO. You didn't believe me and called it "hypothetical bullshit," so I provided 4 lines of Python that trivially bypass hosts files.
Another parse error, but yes, malware can trivially disable your hosts file or the windows firewall.
You keep claiming hosts files stop botnet communication, which is clearly not true.
No, you provided one dead link that may have hosted 1 guide 7 years ago. And that was a site for AMATEURS to submit their text files, and win a $100 prize if their amateurish text files were accepted.
Newsflash: if you got paid $100 once, as a prize, you are not a professional.
You still don't understand malware or botnets. The domain changes more often than you would get updates, so your list is always out of date.
As I showed you with the Python code, it's trivial to bypass hosts files.
As I showed you with a previous link, malware (e.g. Ramnit) can disable the firewall and change DNS settings, anyway.
I saw the PCpitstop page earlier, but all the guide links were dead then, too.
Then it shouldn't be hard for you to find a link to your own paper.
Oh really? Hosts files cannot stop DGA botnets. Read the following from Gameover Zeus begins using DGA:
There is a new set of domains every day. For some DGAs, the domains are only up an hour. By the time you find them on a blog somewhere, they are not being used anymore.
Yeah genius, I was making fun of you for doing exactly the same thing. It is hilarious!
Yeah, he's a total amateur! He thinks you can block botnet traffic with hosts files! I even showed him some Python that bypasses hosts, but he got really confused.
So you don't actually have a security guide?
The guide from over 7 years ago for win2000?
Link is broken. Why did they take it down?