Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Check for security loop holes

Reply
Thread Tools

Check for security loop holes

 
 
Ravi
Guest
Posts: n/a
 
      12-21-2003
**** Post for FREE via your newsreader at post.usenet.com ****

On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
<abuse@[127.0.0.1]> wrote:

>"Ravi" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> **** Post for FREE via your newsreader at post.usenet.com ****
>>
>> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
>> <(E-Mail Removed)> wrote:
>>
>> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
>> >>>
>> >>>http://support.microsoft.com/?id=833786
>> >>
>> >>

>http://www.microsoft.com/technet/tre...n/MS03-014.asp
>> >>
>> >> Take a look at this. Now I have not installed this patch and
>> >> many others... (I am a dial up user and simply cannot afford
>> >> to stay online to install all of them).
>> >
>> >You asked if you were safe. I gave the link with Dec 18 exploit for which

>MS
>> >did not have a patch.

>>
>> Yes thank you. That is what I am trying to find out. So
>> WITHOUT THE PATCH with a FIREWALL can I protect my self?

>
>Only until the next fix-for-an-exploit.
>
>Or, to put it another way, if you are walking down a road, there's a chance
>that you will be run-over.
>
>It doesn't matter whether you are wearing Microsoft or Open Source socks -
>although there are different probabilities for "lucky" socks ;o)


Well, I am not taking the risk with OE. One day when I
opened OE someone tried to open a note pad document.
That scares me.

Well am I atleast safe as long as I donot use OE or should I
just rename the OE file or delete it to be safe?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
*** Usenet.com - The #1 Usenet Newsgroup Service on The Planet! ***
http://www.usenet.com
Unlimited Download - 19 Seperate Servers - 90,000 groups - Uncensored
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
Reply With Quote
 
 
 
 
Ravi
Guest
Posts: n/a
 
      12-21-2003
**** Post for FREE via your newsreader at post.usenet.com ****

On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
<abuse@[127.0.0.1]> wrote:

>"Ravi" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> **** Post for FREE via your newsreader at post.usenet.com ****
>>
>> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
>> <(E-Mail Removed)> wrote:
>>
>> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
>> >>>
>> >>>http://support.microsoft.com/?id=833786
>> >>
>> >>

>http://www.microsoft.com/technet/tre...n/MS03-014.asp
>> >>
>> >> Take a look at this. Now I have not installed this patch and
>> >> many others... (I am a dial up user and simply cannot afford
>> >> to stay online to install all of them).
>> >
>> >You asked if you were safe. I gave the link with Dec 18 exploit for which

>MS
>> >did not have a patch.

>>
>> Yes thank you. That is what I am trying to find out. So
>> WITHOUT THE PATCH with a FIREWALL can I protect my self?

>
>Only until the next fix-for-an-exploit.
>
>Or, to put it another way, if you are walking down a road, there's a chance
>that you will be run-over.
>
>It doesn't matter whether you are wearing Microsoft or Open Source socks -
>although there are different probabilities for "lucky" socks ;o)


Well, I am not taking the risk with OE. One day when I
opened OE someone tried to open a note pad document.
That scares me.

Well am I atleast safe as long as I donot use OE or should I
just rename the OE file or delete it to be safe?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
*** Usenet.com - The #1 Usenet Newsgroup Service on The Planet! ***
http://www.usenet.com
Unlimited Download - 19 Seperate Servers - 90,000 groups - Uncensored
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
Reply With Quote
 
 
 
 
Ravi
Guest
Posts: n/a
 
      12-22-2003
**** Post for FREE via your newsreader at post.usenet.com ****

On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
<abuse@[127.0.0.1]> wrote:

>"Ravi" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> **** Post for FREE via your newsreader at post.usenet.com ****
>>
>> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
>> <(E-Mail Removed)> wrote:
>>
>> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
>> >>>
>> >>>http://support.microsoft.com/?id=833786
>> >>
>> >>

>http://www.microsoft.com/technet/tre...n/MS03-014.asp
>> >>
>> >> Take a look at this. Now I have not installed this patch and
>> >> many others... (I am a dial up user and simply cannot afford
>> >> to stay online to install all of them).
>> >
>> >You asked if you were safe. I gave the link with Dec 18 exploit for which

>MS
>> >did not have a patch.

>>
>> Yes thank you. That is what I am trying to find out. So
>> WITHOUT THE PATCH with a FIREWALL can I protect my self?

>
>Only until the next fix-for-an-exploit.
>
>Or, to put it another way, if you are walking down a road, there's a chance
>that you will be run-over.
>
>It doesn't matter whether you are wearing Microsoft or Open Source socks -
>although there are different probabilities for "lucky" socks ;o)


Is my post appearing?

Well, I am not taking the risk with OE. One day when I
opened OE someone tried to open a note pad document.
That scares me.

Well am I atleast safe as long as I donot use OE or should I
just rename the OE file or delete it to be safe?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
*** Usenet.com - The #1 Usenet Newsgroup Service on The Planet! ***
http://www.usenet.com
Unlimited Download - 19 Seperate Servers - 90,000 groups - Uncensored
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 
Reply With Quote
 
Ravi
Guest
Posts: n/a
 
      12-23-2003
On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
<abuse@[127.0.0.1]> wrote:

>"Ravi" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> **** Post for FREE via your newsreader at post.usenet.com ****
>>
>> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
>> <(E-Mail Removed)> wrote:
>>
>> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
>> >>>
>> >>>http://support.microsoft.com/?id=833786
>> >>
>> >>

>http://www.microsoft.com/technet/tre...n/MS03-014.asp
>> >>
>> >> Take a look at this. Now I have not installed this patch and
>> >> many others... (I am a dial up user and simply cannot afford
>> >> to stay online to install all of them).
>> >
>> >You asked if you were safe. I gave the link with Dec 18 exploit for which

>MS
>> >did not have a patch.

>>
>> Yes thank you. That is what I am trying to find out. So
>> WITHOUT THE PATCH with a FIREWALL can I protect my self?

>
>Only until the next fix-for-an-exploit.
>
>Or, to put it another way, if you are walking down a road, there's a chance
>that you will be run-over.
>
>It doesn't matter whether you are wearing Microsoft or Open Source socks -
>although there are different probabilities for "lucky" socks ;o)


Is my post appearing?
If you can see this post please tell me.

Well, I am not taking the risk with OE. One day when I
opened OE someone tried to open a note pad document.
That scares me.

Well am I atleast safe as long as I donot use OE or should I
just rename the OE file or delete it to be safe?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}
 
Reply With Quote
 
Ravi
Guest
Posts: n/a
 
      12-23-2003
*** post for FREE via your newsreader at post.newsfeed.com ***

On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
<abuse@[127.0.0.1]> wrote:

>"Ravi" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> **** Post for FREE via your newsreader at post.usenet.com ****
>>
>> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
>> <(E-Mail Removed)> wrote:
>>
>> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
>> >>>
>> >>>http://support.microsoft.com/?id=833786
>> >>
>> >>

>http://www.microsoft.com/technet/tre...n/MS03-014.asp
>> >>
>> >> Take a look at this. Now I have not installed this patch and
>> >> many others... (I am a dial up user and simply cannot afford
>> >> to stay online to install all of them).
>> >
>> >You asked if you were safe. I gave the link with Dec 18 exploit for which

>MS
>> >did not have a patch.

>>
>> Yes thank you. That is what I am trying to find out. So
>> WITHOUT THE PATCH with a FIREWALL can I protect my self?

>
>Only until the next fix-for-an-exploit.
>
>Or, to put it another way, if you are walking down a road, there's a chance
>that you will be run-over.
>
>It doesn't matter whether you are wearing Microsoft or Open Source socks -
>although there are different probabilities for "lucky" socks ;o)


Is my post appearing?
If you can see this post please tell me.

Well, I am not taking the risk with OE. One day when I
opened OE someone tried to open a note pad document.
That scares me.

Well am I atleast safe as long as I donot use OE or should I
just rename the OE file or delete it to be safe?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}


-----= Posted via Newsfeed.Com, Uncensored Usenet News =-----
http://www.newsfeed.com - The #1 Newsgroup Service in the World!
-----== 100,000 Groups! - 19 Servers! - Unlimited Download! =-----

 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      12-23-2003
"Ravi" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sun, 21 Dec 2003 17:11:32 -0000, "Hairy One Kenobi"
> <abuse@[127.0.0.1]> wrote:
>
> >"Ravi" <(E-Mail Removed)> wrote in message
> >news:(E-Mail Removed).. .
> >> On Sun, 21 Dec 2003 15:42:18 GMT, Bit Twister
> >> <(E-Mail Removed)> wrote:
> >>
> >> >On Sun, 21 Dec 2003 21:05:57 +0530, Ravi wrote:
> >> >>>
> >> >>>http://support.microsoft.com/?id=833786
> >> >>
> >> >>

>
>http://www.microsoft.com/technet/tre...chnet/security

/bulletin/MS03-014.asp
> >> >>
> >> >> Take a look at this. Now I have not installed this patch and
> >> >> many others... (I am a dial up user and simply cannot afford
> >> >> to stay online to install all of them).
> >> >
> >> >You asked if you were safe. I gave the link with Dec 18 exploit for

which
> >MS
> >> >did not have a patch.
> >>
> >> Yes thank you. That is what I am trying to find out. So
> >> WITHOUT THE PATCH with a FIREWALL can I protect my self?

> >
> >Only until the next fix-for-an-exploit.
> >
> >Or, to put it another way, if you are walking down a road, there's a

chance
> >that you will be run-over.
> >
> >It doesn't matter whether you are wearing Microsoft or Open Source

socks -
> >although there are different probabilities for "lucky" socks ;o)

>
> Is my post appearing?
> If you can see this post please tell me.
>
> Well, I am not taking the risk with OE. One day when I
> opened OE someone tried to open a note pad document.
> That scares me.
>
> Well am I atleast safe as long as I donot use OE or should I
> just rename the OE file or delete it to be safe?


Yes, the post is appearing with monotonous regularity.. The answer to your
main question remains the same.

If you insist on not patching your system, then fixed exploits will still be
there. That's kind of obvious, I'd say.

If you are unwilling to keep your system up-to-date (and that appears to be
the case) then either configure it properly or don't use OE/IE. The only
thing that I can think of that comes close to what you're claiming was an
IFRAME exploit that was fixed a year or three ago. And can be prevented by
correct configuration.

Service Packs (and, I /think/ critical updates) are available from MS on CD.
This used to be a free service, but I believe that they now charge for media
and/or postage. Don't know - the last one I ordered was for NT 3.51. Which
was a while ago.

On your last point, unless you're using Windows FE (Frankenstein Edition),
programs are unlikely to suddenly start running themselves.

H1K


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Triple nested loop python (While loop insde of for loop inside ofwhile loop) Isaac Won Python 9 03-04-2013 10:08 AM
Three more security holes in IE Imhotep Computer Security 0 03-27-2006 02:14 PM
Exploits are already circulating for the MS security holes patched this week.... Imhotep Computer Security 0 08-12-2005 08:07 PM
Security Holes Michael O'Keefe Firefox 2 03-02-2005 08:21 PM
Oct 12: Three new critical IE security holes found Bruce the Shark Computer Support 13 10-14-2004 04:01 PM



Advertisments