hijack this

Discussion in 'Computer Security' started by ian holding, Mar 2, 2004.

  1. ian holding

    ian holding Guest

    url please
     
    ian holding, Mar 2, 2004
    #1
    1. Advertising

  2. Frank le Spikkin, Mar 3, 2004
    #2
    1. Advertising

  3. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In article <Hs71c.89$54.8@newsfe1-win>, on Tue, 2 Mar 2004 21:59:27 -0000, "ian holding"
    <>
    wrote:

    | url please

    Why? Are you stupid? Incapable of using google?

    <http://www.spywareinfo.com/~merijn/downloads.html>

    <davidp />

    - --
    David Postill

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com
    Comment: Get key from pgpkeys.mit.edu:11370

    iQA/AwUBQEUI3nxp7q1nhFwUEQLVYwCg93tT8IElNwZJ4RVexFIT1bVV/5EAniG1
    IqcnzHVw1xtxDWxClo+3wO1x
    =fkEg
    -----END PGP SIGNATURE-----
     
    David Postill, Mar 3, 2004
    #3
  4. ian holding

    *Vanguard* Guest

    ***** Regarding Ian's post:

    "ian holding" said in news:Hs71c.89$54.8@newsfe1-win:
    > url please


    Go to http://www.spywareinfo.com/~merijn/cwschronicles.html.

    At this moment, I cannot reach www.spyware.com. It is either down or
    maybe getting DOS'ed. It's host at IP address 209.133.47.12 is
    reachable via traceroute and can be pinged so the host is up and
    reachable but the web site is down or maybe getting attacked again.

    ***** Regarding David's post:

    "David Postill" said in news::
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1


    And why are you so stupid as to digitally sign messages posted to
    newsgroups? Probably not best to call folks stupid (you didn't like it,
    either) and just point out that they could have found the topic more
    quickly themself by doing the web search (and, of course, you could
    provide the resultant search URL if you were really interested in
    pointing them in the correct direction while trying to train them to
    first perform web searches). You think readers in newsgroups are really
    interested in verifying your identity? When and if the discussion goes
    offline via e-mail, then use digital signing in the e-mail but only if
    it really is an identifying certificate (the freemail certs from Thawte
    are a bad joke and only usable to encrypt but not really to identify).

    Doesn't Forte Agent permit the use of digital signatures just for e-mail
    accounts but NOT for news accounts? Or is that a deficiency of whatever
    PGP plug-in you use? The PGP signature just adds more crap within the
    message that is not germaine to the post (when reading posts in
    text-only format). Why doesn't the MIME in your post use
    "Content-Disposition: attachment; filename=<whatever>" so the signature
    is handled as an attachment instead of showing it inline with the rest
    of your message? We really don't need to be seeing your PGP hash strewn
    in your message.

    RFC 2183, "Communicating Presentation Information in Internet Messages:
    The Content-Disposition Header Field"
    (http://www.cis.ohio-state.edu/cs/Services/rfc/rfc-text/rfc2183.txt)
    "Content-Disposition is an optional header field. In its absence, the
    MUA may use whatever presentation method it deems suitable." Could be
    inline, like how I ended up seeing your unwanted PGP hash within a
    text-only view of your post.

    Configure your MUA (mail user agent; i.e., Forte Agent) to insert
    "Content-Disposition: attachment" for the MIME part for your digital
    signature. This assumes Forte Agent itself isn't screwed up regarding
    PGP-created digital signatures and forgets to insert the disposition
    parameter (as "attachment" mode), or your PGP plug-in isn't screwing up
    Forte. But then the RFC deals with signatures used in e-mail, not for
    newsgroup posts, probably because it doesn't make sense to digitally
    sign messages in newsgroups. Yet RFC 1847, "Multipart/Signed and
    Multipart/Encrypted"
    (http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1847.html), as referenced
    by http://www.templetons.com/usenet-format/signed2.html, discusses how
    you should be using a multipart MIME to separate the signature from the
    message. You don't do that, either. Don't add digital signatures to
    your posts until you've got Forte or the PGP plug-in fixed so you don't
    assault us readers with having to view your PGP hash garbage along with
    your
    message.

    Since you're using Forte Agent, I have a side-topic question. Did they
    ever fix it so that it will handle multiple news servers? Or do users
    still have to define a separate config file for each server and have to
    open a separate instance of Forte Agent to connect to that news server?
    That is, do Forte users still have to define N config files for N news
    servers and open N instances of Forte? If so, that sucks. That was my
    biggest complaint that immediately terminated my trial of Forte. If
    Forte is still screwed up that way, I'll see if Mozilla's Thunderbird is
    a better NNTP client than Outlook Express (although I use OE-QuoteFix to
    alter some of OE's misbehaviors). I connect to multiple news servers
    which Outlook Express can handle quite well. It's surprising that Forte
    missed such an obvious function.

    It's actually quite amazing how many folks never look before asking. It
    is referred to as the knee-jerk response. Find a problem and post right
    away, like the kid running to mommie to ask where are his socks (or
    hubby yelling about where is his tie). Of course, doing a Google (or
    other engine) search doesn't guarantee you find a link to the correct
    site. There are trap sites out there for most of the anti-spyware tools
    that are bogus and try to trap those doing web searches into using a
    modified tool that is actually spyware. So asking here might've been a
    double-check that what was found in a search is probably what the
    community considers the correct place to get the tool.

    If the OP doesn't have the intelligence to know how to do web searches,
    or if they are so new at doing web or computer stuff, then HijackThis
    isn't going to be of much help to them. It isn't a magic bullet that
    automates the task of un-hijacking your computer. It provides a big
    list of the most common places that hijacks occur and lets you decide if
    something there look suspicious (which means you must have a clue as to
    what might be expected there or recognize what is there). There is a
    button to provide more info on a selected item but most of it is very
    generic and useless help and, again, you need to have some base
    knowledge to justify your decision on what to do regarding a suspicious
    item in the list. HiJackThis is not a one-button automated fix-it tool.
    It is really a hint tool to point you at possibilities (and may not
    include everywhere that your system can get hijacked).
     
    *Vanguard*, Mar 3, 2004
    #4
  5. In article <>, on Wed, 3 Mar 2004 11:55:18 -0600, "*Vanguard*"
    <> wrote:

    | ***** Regarding Ian's post:
    |
    | "ian holding" said in news:Hs71c.89$54.8@newsfe1-win:
    | > url please
    |
    | Go to http://www.spywareinfo.com/~merijn/cwschronicles.html.
    |
    | At this moment, I cannot reach www.spyware.com. It is either down or
    | maybe getting DOS'ed. It's host at IP address 209.133.47.12 is
    | reachable via traceroute and can be pinged so the host is up and
    | reachable but the web site is down or maybe getting attacked again.

    It's working from here.

    | ***** Regarding David's post:

    <snip />

    | Doesn't Forte Agent permit the use of digital signatures just for e-mail
    | accounts but NOT for news accounts?

    No idea. I will investigate...

    | Or is that a deficiency of whatever
    | PGP plug-in you use?

    Currently using PGP tray. It will not sign/encrypt the current window
    (if the window is an agent window) but will sign/encrypt the clipboard.

    Not sure whether that is an agent bug or a pgptray bug.

    <snip />

    | Since you're using Forte Agent, I have a side-topic question. Did they
    | ever fix it so that it will handle multiple news servers?

    <snip />

    I have used agent to read multiple news servers for a long time
    (I cheat by using hamster as a local news server).

    I've not checked if the latest agent (version 2.0) removes this restriction
    (I can't afford to upgrade anyway as I'm currently earning a pittance)

    <davidp />

    Post not digitally signed to avoid offending Vanguard with my "PGP hash
    garbage" :)

    --
    David Postill
     
    David Postill, Mar 4, 2004
    #5
  6. ian holding

    *Vanguard* Guest

    "David Postill" said in news::
    >> At this moment, I cannot reach www.spyware.com. It is either down or
    >> maybe getting DOS'ed. It's host at IP address 209.133.47.12 is
    >> reachable via traceroute and can be pinged so the host is up and
    >> reachable but the web site is down or maybe getting attacked again.

    >
    > It's working from here.


    Sorry, I mentioned a user page at http://www.spywareinfo.com but said I
    couldn't reach http://www.spyware.com. The first site is unreachable by
    me but can be reached using anonymizer.com. Today samspade.org is also
    unreachable so there is some problem with a host along the route that I
    get stuck with (route are not dynamic for end users). When I tried
    again to connect to http://www.spywareinfo.com but failed, and then
    about 10 minutes later it worked (but the traceroute seems to look
    different than before so I guess I now get a different route and that
    one works).

    > I have used agent to read multiple news servers for a long time
    > (I cheat by using hamster as a local news server).


    The instructions at
    http://www.forteinc.com/agent/faq.php#BB639CE8986FEDFC88256C1E005A25BE
    still makes it evident that Agent has a problem handling multiple news
    servers in forcing the user to manually create subdirectories to
    separate the records for each news server along with editing and
    maintaining separate copies of agent.ini, one for each news server.
    This FAQ item doesn't state that it only applies to prior versions of
    Forte. Users shouldn't have to be manually creating subdirectories and
    making copies of an INI file to get the client to support multiple
    servers.

    Are you using Hamster to provide newsgroups to other users, or is there
    some advantage in running your own local news server despite all the
    hardware resources needed for it?


    --
    ____________________________________________________________
    *** Post replies to newsgroup. E-mail is not accepted. ***
    ____________________________________________________________
     
    *Vanguard*, Mar 4, 2004
    #6
  7. In article <>, on Thu, 4 Mar 2004 11:35:59 -0600, "*Vanguard*"
    <> wrote:

    <snip />

    | > I have used agent to read multiple news servers for a long time
    | > (I cheat by using hamster as a local news server).
    |
    | The instructions at
    | http://www.forteinc.com/agent/faq.php#BB639CE8986FEDFC88256C1E005A25BE
    | still makes it evident that Agent has a problem handling multiple news
    | servers in forcing the user to manually create subdirectories to
    | separate the records for each news server along with editing and
    | maintaining separate copies of agent.ini, one for each news server.
    | This FAQ item doesn't state that it only applies to prior versions of
    | Forte. Users shouldn't have to be manually creating subdirectories and
    | making copies of an INI file to get the client to support multiple
    | servers.

    From <http://www.forteinc.com/agent/roadmap.php>

    "Agent 2.1
    Status: Development ETA: Q2-2004
    Multiple News Servers

    Agent 2.1 will support multiple news servers within a single instance of Agent. You can access
    multiple Usenet servers including free servers from your ISP or premium news servers such as Agent
    Premium Newsgroups. In addition, you can access private news servers that are independent of the
    public Usenet. Private servers are hosted by corporations and other organizations to provide product
    support and organization-related discussion groups."

    So it could be "real soon now" :)

    | Are you using Hamster to provide newsgroups to other users, or is there
    | some advantage in running your own local news server despite all the
    | hardware resources needed for it?

    I like agent and prefer to have all my news groups visible in one instance.

    Hamster allows me to do this.

    <davidp />

    --
    David Postill
     
    David Postill, Mar 5, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. bern

    hijack of explorer

    bern, Jul 5, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    689
    Shep©
    Jul 5, 2003
  2. Me
    Replies:
    2
    Views:
    1,313
  3. tomm

    homepage hijack!!

    tomm, Dec 17, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    412
    Rob K
    Dec 17, 2003
  4. joevan

    Hijack this log por favor

    joevan, Feb 20, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    636
    °Mike°
    Feb 20, 2004
  5. ºoºfizzyºoº

    Prosearching hijack

    ºoºfizzyºoº, Mar 3, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    762
    Penna Elabi
    Mar 4, 2004
Loading...

Share This Page