Security Compromised

Discussion in 'Computer Security' started by john, Dec 5, 2006.

  1. john

    john Guest

    It has become apparent that someone has manged to get my ip address from
    postings to newsgroups. Their emails subjects and sender, fictious of
    course, to my in box, contain phrases making it quite clear they object
    to my posts. I never open them.
    This of course means my every communication including on line bill
    paying is now probably hacked.
    What can I do to stop these hackers?
    Since I promptly deleted these emails I don't have anything to give my
    provider right now. No doubt that I have posted this it will be quiet
    for a while. I just thought it was coincidence the first several suspect
    emails or I would have informed the provider.
    I have the usual firewalls and security and spy ware detectors. It seems
    all pretty much useless, it seems, from this, and what others have said.
     
    john, Dec 5, 2006
    #1
    1. Advertising

  2. john

    Todd H. Guest

    john <@global.net> writes:

    > It has become apparent that someone has manged to get my ip address
    > from postings to newsgroups. Their emails subjects and sender,
    > fictious of course, to my in box, contain phrases making it quite
    > clear they object to my posts. I never open them.


    You may be coming to a rash conclusion. It's possible that you may
    just be getting spam that correlates to things you've posted.

    Have you ever posted to usenet with a replyable email address?

    You IP address may have nothing to do with it.

    > This of course means my every communication including on line bill
    > paying is now probably hacked.


    > What can I do to stop these hackers?


    If you think you've been hacked, for peace of mind, the best thing to
    do is backup your data to an external drive, disconnect from the
    network, to insert original windows media, reboot, and reinstall
    including repartitioning the disk and reformating. Then, plug in
    behind a hardware firewall router, and run windows update to get the
    latest security updates.

    > Since I promptly deleted these emails I don't have anything to give my
    > provider right now. No doubt that I have posted this it will be quiet
    > for a while. I just thought it was coincidence the first several
    > suspect emails or I would have informed the provider.


    What makes you think it's gone beyond coincidence?

    Having your IP address from your posting headers doesn't help anyone
    send email to your account unless you happen to be in the rather
    unusual situation of running your own SMTP server.

    You may just be getting spam or email hack attempts that synthesize
    words you have posted online, perhaps by an automated mean, or if
    someone has it out for you they could be manually mailing you these
    things if there is any suspicion that they could track down a real
    email address for you to do so.

    > I have the usual firewalls and security and spy ware detectors. It
    > seems all pretty much useless, it seems, from this, and what others
    > have said.


    What are the names of these? It's possible that you may have used
    some rogue anti-malware software that may be spying on you.

    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 5, 2006
    #2
    1. Advertising

  3. Todd H. wrote:

    > Then, plug in behind a hardware firewall router, and run windows update to
    > get the latest security updates.


    Wouldn't a proper configuration or the Windows Firewall provide the same
    effect?
     
    Sebastian Gottschalk, Dec 5, 2006
    #3
  4. john

    erewhon Guest


    > Wouldn't a proper configuration or the Windows Firewall provide the same
    > effect?


    No. It wouldn't.

    You really have no clue do you?
     
    erewhon, Dec 5, 2006
    #4
  5. john

    Jim Watt Guest

    On Tue, 05 Dec 2006 11:20:36 -0700, john <@global.net> wrote:

    >It has become apparent that someone has manged to get my ip address from
    >postings to newsgroups.


    How strange as its not shown here.

    I believe tin foil hats are very effective.
    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Dec 5, 2006
    #5
  6. john

    Todd H. Guest

    Sebastian Gottschalk <> writes:

    > Todd H. wrote:
    >
    > > Then, plug in behind a hardware firewall router, and run windows update to
    > > get the latest security updates.

    >
    > Wouldn't a proper configuration or the Windows Firewall provide the same
    > effect?


    It would require one to trust a software firewall on an unpatched
    machine for the time it takes for updates to be downloaded and
    applied, and as such, not something I'd recommend when effective
    hardware firewalls can be had for $50.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 6, 2006
    #6
  7. john

    km Guest

    Well, unless you email address really is , which I presume it
    isn't, there is no way to get your email address from the messages you're
    posting unless you specifically include it in the text. The only IP address
    in the headers is 69.28.186.77 which is for Limelight Networks, and I'm
    assuming you're not either of the admins whose email addresses are listed
    in the whois record.

    About the only thing one can surmise from the headers is that you use
    Thunderbird 1.5.0.8 on Windows and perhaps that you post via
    news.highwinds-media.com.

    In short, you're being unnecessarily paranoid. Just sounds like spam to me.
     
    km, Dec 6, 2006
    #7
  8. km wrote:

    > Well, unless you email address really is , which I presume it
    > isn't,


    And yours for sure isn't 4xr.com, this domain doesn't even
    exist. Why are almost all people too stupid to follow some simple RFCs?
     
    Sebastian Gottschalk, Dec 6, 2006
    #8
  9. john

    Jim Watt Guest

    On Wed, 6 Dec 2006 15:37:54 +0100, Sebastian Gottschalk
    <> wrote:

    >km wrote:
    >
    >> Well, unless you email address really is , which I presume it
    >> isn't,

    >
    >And yours for sure isn't 4xr.com, this domain doesn't even
    >exist. Why are almost all people too stupid to follow some simple RFCs?


    are you really suggesting we should post real email addresses here ?

    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Dec 6, 2006
    #9
  10. john

    km Guest

    Jim Watt wrote:

    > On Wed, 6 Dec 2006 15:37:54 +0100, Sebastian Gottschalk
    > <> wrote:
    >
    >>km wrote:
    >>
    >>> Well, unless you email address really is , which I
    >>> presume it isn't,

    >>
    >>And yours for sure isn't 4xr.com, this domain doesn't even
    >>exist. Why are almost all people too stupid to follow some simple RFCs?

    >
    > are you really suggesting we should post real email addresses here ?


    Obviously a new definition of 'stupid' ;-)
     
    km, Dec 7, 2006
    #10
  11. km wrote:

    > Jim Watt wrote:
    >
    >> On Wed, 6 Dec 2006 15:37:54 +0100, Sebastian Gottschalk
    >> <> wrote:
    >>
    >>>km wrote:
    >>>
    >>>> Well, unless you email address really is , which I
    >>>> presume it isn't,
    >>>
    >>>And yours for sure isn't 4xr.com, this domain doesn't even
    >>>exist. Why are almost all people too stupid to follow some simple RFCs?

    >>
    >> are you really suggesting we should post real email addresses here ?

    >


    Yes and no.

    At first, it's stated that you should use a mailbox you're responsible for.
    "mailbox" in terms of RFC means a mail account that is able to receive
    eMail without errors - *no one ever demands you to actually read that
    stuff*. Yes, it's fully valid to use something like
    which is configured to delete every incoming people. The purpose is not to
    receive eMail, but to not submit errors if you don't want to receive eMail.

    So no, I'm not suggesting it and you're really too stupid to draw simple
    concequences from an RFC.

    The next point is that you can setup mailboxes for separate usage. No one
    demands you to use your private eMail address for Usenet feedback.

    But the most important point: What's wrong with that after all? If you want
    to communicate, you have to able to receive communication, and therefore
    you'll also receive unsolicited communcation ("spam"). So what? That's what
    spam filters are good for, and Bayesians filters do an excellent job after
    some initial training. Therefore, the usually proposed spam problem doesn't
    exist.

    So yes, such a suggestion wouldn't be wrong either.

    > Obviously a new definition of 'stupid' ;-)


    We should really get used to Orwellian Newspeak.
     
    Sebastian Gottschalk, Dec 7, 2006
    #11
  12. john

    Todd H. Guest

    Sebastian Gottschalk <> writes:

    > But the most important point: What's wrong with that after all? If you want
    > to communicate, you have to able to receive communication, and therefore
    > you'll also receive unsolicited communcation ("spam"). So what? That's what
    > spam filters are good for, and Bayesians filters do an excellent job after
    > some initial training. Therefore, the usually proposed spam problem doesn't
    > exist.


    Latest numbers I've seen put spam% at 91% of internet email. Toss a
    usenet address into the mix, and my own sampling indicates nearly 4
    nines worth of it.

    On certain addresses, Bayeian filters aren't keeping up, and why sign
    up for the extra cpu load and crap to sort through?

    The days of a replyable address on usenet are long gone I'm afraid.

    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 7, 2006
    #12
  13. john

    km Guest

    Sebastian Gottschalk wrote:

    >> Obviously a new definition of 'stupid' ;-)

    >
    > We should really get used to Orwellian Newspeak.


    Actually, my definition of 'stupid' would include people who don't realise
    that 'REMOVE.THIS' in an email address means ... well ... 'remove this'.

    As for all that pompous twaddle about RFCs, that's the sort of nonsense I
    leave to self-important, mini-Hitler nerds. I know that there are techies
    who live and die by that kind of thing, but for those of us with real lives
    (which means not having separate email addresses just to deal with the spam
    and other drivel that results from using 'real' email addresses in
    newsgroups), that kind of thing really has no relevance at all. I mean, if
    this really does matter to you, then I genuinely pity you.

    What a loser. Still, that's what killfiles are for, no?
     
    km, Dec 7, 2006
    #13
  14. km wrote:

    > Sebastian Gottschalk wrote:
    >
    >>> Obviously a new definition of 'stupid' ;-)

    >>
    >> We should really get used to Orwellian Newspeak.

    >
    > Actually, my definition of 'stupid' would include people who don't realise
    > that 'REMOVE.THIS' in an email address means ... well ... 'remove this'.


    My mail program does not recognize REMOVE.THIS, however almost any address
    harvester does. Actually some people intentionally put it in for that
    reason, and therefore one doesn't really know if it's supposed to be there.
    So what to do now? Fiddle around with trying? Sorting out bounces? Sorry,
    not with me, dude! If you put a wrong address in there, then you're a liar
    and/or a violator of RFC standards. And you won't get any helpful personal
    feedback. Won't waste my time on you.

    > As for all that pompous twaddle about RFCs, that's the sort of nonsense I
    > leave to self-important, mini-Hitler nerds.


    And I think you're an idiot who doesn't respect rules established by a
    community.

    > I know that there are techies
    > who live and die by that kind of thing, but for those of us with real lives
    > (which means not having separate email addresses just to deal with the spam
    > and other drivel that results from using 'real' email addresses in
    > newsgroups), that kind of thing really has no relevance at all.


    Wouldn't be "I hereby declare I'm an idiot/asshole." be a much shorter
    expression of your position?

    > I mean, if this really does matter to you, then I genuinely pity you.


    So? I just want to click on "reply to poster via eMail", type in my message
    and send it - am I really that unnormal? Or are you just an idiot?

    > What a loser. Still, that's what killfiles are for, no?


    Right. *PLONK*
     
    Sebastian Gottschalk, Dec 7, 2006
    #14
  15. john

    Todd H. Guest

    Sebastian Gottschalk <> writes:

    > So? I just want to click on "reply to poster via eMail", type in my message
    > and send it - am I really that unnormal?


    Yes.

    Because the normal people have come to realize that the RFC was
    written before the spam explosion, and that it's an acceptable
    tradeoff for folks to munge or otherwise attempt to thwart harvesting
    vs the ability for Sebastian to click reply to sender without having
    to do some editing or non-machine like thinking.

    And hell, in your scenario, what's the point if it has to go to a
    bitbucket email address anyway?

    If there were extremely effective antispam solutions that were
    pervasive, this wouldn't be an issue, but the spam war is being lost.

    > Or are you just an idiot?


    I think you're a bit off your pedantic rocker here Sebastian.

    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 7, 2006
    #15
  16. Todd H. wrote:

    > Sebastian Gottschalk <> writes:
    >
    >> So? I just want to click on "reply to poster via eMail", type in my message
    >> and send it - am I really that unnormal?

    >
    > Yes.


    So, I'm using the medium eMail as it's supposed to be used. And therefore
    I'm unnormal? You must be kidding.

    > Because the normal people have come to realize that the RFC was
    > written before the spam explosion,


    People might realize that the RFC does not state that you should ever read
    that mailbox - just that you should make sure that _others_ don't get any
    errors. That's just a mater of politeness, nothing else.

    What's wrong with writing a little comment in your signature:

    "Don't ever dare to reply. I won't read any mail sent to the address in the
    From: header".

    But stop lying around with your mail address so someone actually writes you
    a mail, wants to send it, and then can't because the mail address is
    invalid.

    And stop pulling _your_ spam on the future owners of today non-existent
    domains.

    > and that it's an acceptable
    > tradeoff for folks to munge or otherwise attempt to thwart harvesting
    > vs the ability for Sebastian to click reply to sender without having
    > to do some editing or non-machine like thinking.


    No, that's just nonsense, since it's nowhere mutually exclusive.

    > And hell, in your scenario, what's the point if it has to go to a
    > bitbucket email address anyway?


    See above.

    > If there were extremely effective antispam solutions that were
    > pervasive, this wouldn't be an issue, but the spam war is being lost.


    Guess you're living in another universe. Or you're just stupid. Bayesian
    filters at the back-end do an excellent job, at least for private users.
    Told to you by someone who uses his mail address almost anywhere on the WWW
    as well as on Usenet.
     
    Sebastian Gottschalk, Dec 7, 2006
    #16
  17. Todd H. wrote:

    > There are techniques around Bayes.


    There are at best techniques to limit the efficiency linearly, which means
    it takes a constant multiple of the usual time to adjust to it, whereas the
    rate of false positives does not degrade. Want a refresh of knowledge on
    cutting hyperplane, Bayesian sorting and self-learning?

    > So what bayes engine are you using that's so effective?


    Mozilla Mail. And there's nothing special to it.
     
    Sebastian Gottschalk, Dec 7, 2006
    #17
  18. john

    Todd H. Guest

    Sebastian Gottschalk <> writes:

    > Guess you're living in another universe. Or you're just stupid. Bayesian
    > filters at the back-end do an excellent job, at least for private users.
    > Told to you by someone who uses his mail address almost anywhere on the WWW
    > as well as on Usenet.


    You'd be wrong on several counts.

    I deal with a lot of messages every day that spamassassin misses, and
    one of the several tests these spams are missing on are Bayes tests.
    There are techniques around Bayes.

    So what bayes engine are you using that's so effective?


    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Dec 7, 2006
    #18
  19. john

    kurt wismer Guest

    Todd H. wrote:
    > Sebastian Gottschalk <> writes:
    >
    >> But the most important point: What's wrong with that after all? If you want
    >> to communicate, you have to able to receive communication, and therefore
    >> you'll also receive unsolicited communcation ("spam"). So what? That's what
    >> spam filters are good for, and Bayesians filters do an excellent job after
    >> some initial training. Therefore, the usually proposed spam problem doesn't
    >> exist.

    >
    > Latest numbers I've seen put spam% at 91% of internet email. Toss a
    > usenet address into the mix, and my own sampling indicates nearly 4
    > nines worth of it.
    >
    > On certain addresses, Bayeian filters aren't keeping up, and why sign
    > up for the extra cpu load and crap to sort through?
    >
    > The days of a replyable address on usenet are long gone I'm afraid.


    no problems here... i post with my real address and over the past week
    i've gotten about 2 spams per day, almost all of them caught by
    thunderbird's junk mail filter...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Dec 8, 2006
    #19
  20. john

    Jim Watt Guest

    On Fri, 08 Dec 2006 00:31:33 -0500, kurt wismer <>
    wrote:

    >no problems here... i post with my real address and over the past week
    >i've gotten about 2 spams per da


    I get around three hundred and am willing to forward
    them to you if you feel left out :)

    They are well filtered out, but occasionally a good one
    goes too. We all deserve a better replacement system
    for email.
    --
    Jim Watt
    http://www.gibnet.com
     
    Jim Watt, Dec 8, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. shahidsheikh....com
    Replies:
    5
    Views:
    3,712
    farmerc
    Sep 21, 2007
  2. Jene Keller
    Replies:
    4
    Views:
    535
  3. Steve

    Has my Internet Explorer been Compromised ?

    Steve, Sep 27, 2004, in forum: Computer Security
    Replies:
    5
    Views:
    877
    Hairy One Kenobi
    Sep 30, 2004
  4. Replies:
    10
    Views:
    665
    David H. Lipman
    Jun 29, 2006
  5. Sirius
    Replies:
    2
    Views:
    408
    Sirius
    Oct 31, 2004
Loading...

Share This Page