Tracker Book Material - Online

Discussion in 'Computer Security' started by Leythos, Sep 11, 2003.

  1. Leythos

    Leythos Guest

    Ok, everyone, I found enough time to do what I said I would do - now
    we're waiting on the Tracker to catch up with me.

    I have been emailed the first of 5 snippets that Tracker feels would be
    a good example of her work. I have only formatted it so that it would
    fit nicely on the frame - I did NOT change any content in any way.

    I would ask a couple things - read the HOUSE RULES. Don't flame me, this
    may be our "last, best hope for man kind" (as was taken from B5).

    When you reply to me, put the word TRACKER in the subject line so I can
    automate the email filtering. The account is a throw-away email account,
    so bombing it won't impact me.

    Please only send me CONSTRUCTIVE / TECHNICAL responses - we're security
    people, not lamers. If you send me anything that is abusive I will
    delete and mark your address for auto-delete, and I will NOT forward it
    to Tracker.

    If the Tracker(s) don't get me the rest of the info before the weekend
    is done I will remove the site.

    I will post responses to Trackers info in the email - I won't post all
    of them, but ones that I think best address the issues with it. If the
    site does well, we can then point people to it for corrections.

    You can find the site at http://24.123.143.102 -

    The site is CPU and Bandwidth throttled so as not to impact the rest of
    the server. The entire set of pages are simple text, so it should load
    rather well. I limited it to 128kbps upstream.

    Sincerely,
    Mark - A security minded person.


    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 11, 2003
    #1
    1. Advertising

  2. Leythos

    Jim Watt Guest

    On Thu, 11 Sep 2003 22:30:34 GMT, Leythos <> wrote:

    >
    >You can find the site at http://24.123.143.102 -
    >
    >The site is CPU and Bandwidth throttled


    and returns HTTP 403.6 - Forbidden

    Oh my forbidden knowledge.
    --
    Jim Watt http://www.gibnet.com
     
    Jim Watt, Sep 12, 2003
    #2
    1. Advertising

  3. Leythos

    Leythos Guest

    In article <>,
    _way says...
    > On Thu, 11 Sep 2003 22:30:34 GMT, Leythos <> wrote:
    >
    > >
    > >You can find the site at http://24.123.143.102 -
    > >
    > >The site is CPU and Bandwidth throttled

    >
    > and returns HTTP 403.6 - Forbidden
    >
    > Oh my forbidden knowledge.
    > --
    > Jim Watt http://www.gibnet.com
    >


    I can't imagine why - I tested it through 4 other external connections.
    I will remove the IP restrictions in the firewall - I block most non-US
    countries.

    Mark

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 12, 2003
    #3
  4. Leythos

    Leythos Guest

    In article <>,
    _way says...
    > On Thu, 11 Sep 2003 22:30:34 GMT, Leythos <> wrote:
    >
    > >
    > >You can find the site at http://24.123.143.102 -
    > >
    > >The site is CPU and Bandwidth throttled

    >
    > and returns HTTP 403.6 - Forbidden


    Jim,

    I had blocked about 50 subnets due to firewall detection of scans and
    spammers - I opened it for this site.

    Mark

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 12, 2003
    #4
  5. Leythos

    Leythos Guest

    Re: Tracker Book Material - Online (feedback update)

    Feedback Update - we've had 4 people provide feedback already. All was
    constructive and nothing in the way of flames.

    I will try and get some of this posted under a new link called - CH1
    Responses. this weekend.

    Mark


    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 12, 2003
    #5
  6. Leythos

    Frode Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    For anybody somewhat curious but too lazy to check the site. She's sent 4
    "chapters" (a few lines of text each), and it's the exact same junk
    (literally, looks like copy'n'paste) she's been posting here repeatedly for
    ages now. My personal favorite is still how your computer's clock will tell
    you if you've been compromised.


    - --
    Frode



    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.2

    iQA/AwUBP2FnN+XlGBWTt1afEQJZVwCgp7YDXr26LkVMZt7B7GfwfeeRDloAnip9
    lol2jW09+zmfDJqgZyx3CGHf
    =264o
    -----END PGP SIGNATURE-----
     
    Frode, Sep 12, 2003
    #6
  7. Leythos

    donut Guest

    Leythos <> wrote in news:MPG.19cac1addae3e137989c4a@news-
    server.columbus.rr.com:

    >
    > I have been emailed the first of 5 snippets that Tracker feels would be
    > a good example of her work. I have only formatted it so that it would
    > fit nicely on the frame - I did NOT change any content in any way.


    *sigh* Dick, Jane & Sally was more interesting.

    So far, all I see is paranoia over misunderstandings of the policies of
    certain ISPs, and the most basic info about hidden folders.

    Yes, she is correct that a malicious hacker (thanks for using that term,
    Debbie, as we all know that most hackers are not malicious) could install a
    Trojan Horse on your computer and control it, even disabling your firewall.
    This is basic first grade security stuff.

    What she does not explain (so far) is how the Trojan Horse can get there in
    the first place if:

    1. Your firewall is properly configured.

    2. You are sensible about opening emails with attachments, and downloading
    ..exe files.

    3. You have software installed that will detect changes in your OS and file
    hierachy.

    4. You have disabled ActiveX and Install On Demand in IE (assuming you use
    that browser at all.)

    5. You use good AV, spyware and Trojan detection software.

    6. You have an ounce of brains and security knowledge.

    So far, I haven't seen anything WRONG in what's been posted. The whole
    thing about the ISPs and extra email addresses was confusing. For someone
    in another state to log into her email, of course she gave them the
    password. They couldn't have logged in otherwise. If they have the
    password, then of course they are free to do whatever they want with the
    account.

    Too much ado about very little, so far. ;)
     
    donut, Sep 12, 2003
    #7
  8. Leythos

    Solbu Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On fredag 12. september 2003, 01:58 Leythos tried to express an opinion:

    > I block most non-US countries.


    Why? *just beeing qurious*

    - --
    Solbu - http://www.solbu.net
    Remove 'ugyldig' for email
    *****************************************
    PGP key ID: 0xFA687324
    *****************************************
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iD8DBQE/YX7CT1rWTfpocyQRAvdkAKDudbRRCoMrctcyb4yQ9EDj9w8D2ACfa2rf
    nWGnxPDIRpQ6FGiVSzkvOys=
    =fFy9
    -----END PGP SIGNATURE-----
     
    Solbu, Sep 12, 2003
    #8
  9. Re: Tracker Book Material - Online (feedback update)

    Leythos Spilled my beer when they jumped on the table and proclaimed
    in <>:

    > Feedback Update - we've had 4 people provide feedback already. All
    > was constructive and nothing in the way of flames.
    >
    > I will try and get some of this posted under a new link called - CH1
    > Responses. this weekend.


    Like I said in e-mail, Mark, thanks for doing this. Maybe we all
    can put this mess to bed once and for all soon...

    NOI


    --
    Your on ignore, talk to yourself. - Tracker the loon, to the user
    named Nasty
    in msg ID: <>
     
    Thund3rstruck, Sep 12, 2003
    #9
  10. Leythos

    Ned Guest

    > On fredag 12. september 2003, 01:58 Leythos tried to express an opinion:
    >
    > > I block most non-US countries.

    >
    > Why? *just beeing qurious*
    >
    > - --

    Same here, why?
     
    Ned, Sep 12, 2003
    #10
  11. Leythos

    Peter Jones Guest

    "Frode" <> wrote in
    news::

    > For anybody somewhat curious but too lazy to check the site. She's sent 4
    > "chapters" (a few lines of text each), and it's the exact same junk
    > (literally, looks like copy'n'paste) she's been posting here repeatedly for
    > ages now. My personal favorite is still how your computer's clock will tell
    > you if you've been compromised.


    I particularly like *this*:

    > > > HACKERS SECRET WEAPONS:
    > > > A. Hackers disable your Daylight Savings Time.


    Exactly *why* would a hacker disable your DST? (And does that mean that,
    since we do not *have* DST here in Queensland, that we are a more attractive
    target for hackers? One less step for them to perform once they've taken
    control of our machines...)

    Overall, I get the impression of it being more paranoid ramblings than
    anything else, with generous helpings of FUD and little or no technical (or
    otherwise useful) information.

    *shrug*

    Pete.
     
    Peter Jones, Sep 12, 2003
    #11
  12. Leythos

    Leythos Guest

    In article <89f8b.29459$>,
    says...
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > On fredag 12. september 2003, 01:58 Leythos tried to express an opinion:
    >
    > > I block most non-US countries.

    >
    > Why? *just beeing qurious*


    My servers are part of my development business - like some companies
    doing remote development, I have servers in the USA for in-country
    remote development teams. The servers run about 50 sites that provide QA
    and Development staging areas for products. None of these sites are the
    customers production sites, they are to provide the developers and
    customers team with access to what we are building.

    In monitoring my firewall logs, I see that most of the scanning of my
    network addresses comes from foreign countries - since all my
    clients/developers are US based, I block as many foreign subnets as
    possible. While blocking does not prevent anything itself, if they are
    blocked that's one more layer where they can't start trying anything.

    In my experience, blocking Asia, Middle Eastern and Eastern countries
    has done no harm to my network, but it has cut down on the log files and
    even spam email.

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 12, 2003
    #12
  13. Leythos

    Leythos Guest

    In article <>,
    says...
    [snip]
    > For anybody somewhat curious but too lazy to check the site. She's sent 4
    > "chapters" (a few lines of text each), and it's the exact same junk
    > (literally, looks like copy'n'paste) she's been posting here repeatedly for
    > ages now.


    While I agree with you - it's the same short material we've seen before,
    I have asked Tracker(s) to send more material so that we can either
    validate them or show them where they are misguided. Here is a copy of
    the email I sent requesting more copy and an explanation of why:

    Tracker,

    Yes, I know it's your book. The intent of offering you this opportunity
    was for you to put your best examples of your knowledge on the site so
    that the lead technical people in the security groups could provide
    truly constructive feedback, so that you might be able to correct some
    things, and so that if you could see true constructive feedback in a
    positive light that you might change your path.

    The information you've sent is full of the same stuff I've seen you post
    many times before and I hate to say this (don't be offended) it's very
    poorly written. The entire 4 sections you've sent should be under one
    chapter on the website, there is only enough content in those 4 sections
    for one chapters worth, not 4 chapters worth of content.

    If I can take the time to do this for you, and if you are going to take
    me up on the offer, I would hope that you would at least provide your
    best examples of what you want the security specialists to see.
    Remember, many of the people that are in those groups get paid/make a
    living off knowing security and many (like me) have more than 15 years
    experience. Most of us started off reading the Usenet posts and now we
    are giving back to Usenet to help others. Helping you with this
    understanding, like I am now, is the most extreme I've gone too
    (website, multiple emails, etc) for anyone.

    You should really understand, to be taken seriously in a security group
    (or any group), you are going to have to show a lot of technical
    knowledge in the subject matter. I would suggest that you send a lot
    more information for me to post.

    This should be your shining moment - the people in the security groups
    are going to judge your merit based on your work (that I'm taking the
    time to post on a website for free), not any personal prejudice that
    they have built up over the last couple years. I've seen to it that only
    constructive feedback will be given, I will filter any abusive comments,
    and I will start sending you the comments this weekend. This is your 15
    minutes of fame - use it well or you will never live this one down. I've
    given you the keys to being authenticated in the security groups, it's
    up to you to use them.

    Mark


    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 12, 2003
    #13
  14. Leythos

    MyndPhlyp Guest

    "Peter Jones" <> wrote in message
    news:Xns93F4D779AB9D1prjpp1516202119@210.49.20.254...
    >
    > Exactly *why* would a hacker disable your DST? (And does that mean that,
    > since we do not *have* DST here in Queensland, that we are a more

    attractive
    > target for hackers? One less step for them to perform once they've taken
    > control of our machines...)


    Perhaps hackers ... er, malicious hackers ... took over Queensland long ago
    which is why you do not observe daylight savings time. (Sneaky little
    bastards.)
     
    MyndPhlyp, Sep 12, 2003
    #14
  15. Leythos

    CyberDroog Guest

    On 12 Sep 2003 06:54:13 GMT, donut <> wrote:

    >Yes, she is correct that a malicious hacker (thanks for using that term,
    >Debbie, as we all know that most hackers are not malicious) could install a
    >Trojan Horse on your computer and control it, even disabling your firewall.
    >This is basic first grade security stuff.
    >
    >What she does not explain (so far) is how the Trojan Horse can get there in
    >the first place if:


    I agree. That seems to be a glaring omission. "They install a Trojan
    Horse which disabled your anti-virus and firewall protection".

    How??? Debbies solution to this, as posted here many times is... to
    install anti-virus and firewall programs, and disable some Windows
    services.

    Those Windows services, according to Debbie, make the anti-virus and
    firewall programs useless. That is flat out false. You can have every
    service Windows offers active. All the popular firewall programs, by
    default, prevent *any* connection to the net.

    That means you have to configure the firewall to allow access. Now that
    does involve some security mindedness and a bit of knowledge. But that is
    something about which Debbie, as far as I have seen, has never uttered a
    single word.

    I took a look at the site. It goes without saying that chapter 1 and
    chapter 2 are essentially talking about the same thing. Why two
    "chapters"? Note that the term chapter must be taken loosely. Each
    consists of only a few paragraphs.

    Chapter 3, outlining the curious, and apparently magical, way in which
    malicious hackers install trojans and replace your firewall and anti-virus
    software, also contains the following odd statement.

    "If you want to learn more about computer security, if you’re a beginner,
    one avenue is to read-up on configuring your mail and browsing
    applications. Google and Yahoo also have Newsgroups and message boards
    pertaining to the aforementioned. If utilizing a Windows platform, do some
    reading on configuring your Windows Internet Options both Internet and
    Local Settings. Also, spend time learning what applications in Windows are
    running and on what port they run on. "

    ??? I thought the book was supposed to *be* the security training... It
    would seem rather disheartening to buy a book about computer security and
    right off the bat being given the advice "Read some books on computer
    security".

    I hope Debbie doesn't move on to writing software. I can see her releasing
    a powerful new combination anti-virus/firewall "program" that consists of a
    single text file that says: Step 1: Get yourself Visual Basic and write an
    anti-virus/firewall program.

    Chapter 4 contains Debbie's usual list of strange and altogether
    unexplained beliefs about how to know when your system is hacked.

    A. Hackers disable your Daylight Savings Time.

    How? Why? Why would the malicious hacker leave an obvious clue on your
    system for absolutely no benefit?

    B. The clock on the desktop can be one hour ahead or one hour behind, on
    occasion.

    Well wouldn't that be the expected result of your Daylight Savings Time
    setting being changed? I think she is padding her list.

    C. Your Network Places Icon on the desktop disappears.

    How? Why? These malicious hackers, according to Debbie, have the ability
    to install Trojan Horses on your system, replace your anti-virus and
    firewall programs, etc, etc. And again they leave such an obvious clue
    when doing so is of absolutely no benefit to them.

    D. If using a Windows platform: when you start your computer, your original
    screen will pop up, but since the hackers need to boot into their Networks,
    or Server(s), the system will quickly re-boot and the original screen will
    appear twice. But your system may re-boot twice instead of once when
    loading Windows OEM versions.

    Another fully unexplored statement. Why exactly would this happen? What's
    this extra network? Precisely what registry settings or config files cause
    the system to run this extra network? It has to run *somehow*, yet no
    details are offered.

    Etc, etc. Debbie presents a long list of commonly known Windows bugs or
    symptoms of common problems and suggests that malicious hackers are behind
    it all. No details, no proof.

    And apparently no proof *reading* either. The writing is so bad that it
    gives the impression of having been translated from Russian to English by a
    Japanese person, who knew neither Russian nor English, with the assistance
    of a Chinese friend who did know both Russian and English but only spoke
    broken Japanese.

    But hey, that *does* give Debbie a readily identifiable style...



    ---
    Our subconscious minds have no sense of humor, play no jokes and cannot tell the
    difference between reality and an imagined thought or image. What we continually
    think about eventually will manifest in our lives.

    - Madwed, Sidney
     
    CyberDroog, Sep 12, 2003
    #15
  16. Leythos

    Jim Higgins Guest

    Mark,

    You are either validating a nutcase or feeding a troll. Please
    stop.


    --
    Jim Higgins, quasimodo AT yahoo DOT com
    icbm: 33.55.34N, 80.24.21W
     
    Jim Higgins, Sep 12, 2003
    #16
  17. "CyberDroog" <> wrote in message <

    <SNIP>

    > ??? I thought the book was supposed to *be* the security training... It
    > would seem rather disheartening to buy a book about computer security and
    > right off the bat being given the advice "Read some books on computer
    > security".
    >
    > I hope Debbie doesn't move on to writing software. I can see her

    releasing
    > a powerful new combination anti-virus/firewall "program" that consists of

    a
    > single text file that says: Step 1: Get yourself Visual Basic and write an
    > anti-virus/firewall program.


    LOL! I don't wish to wade into this TRACKER/debbie controversy, but
    couldn't stop laughing here...

    R Green
    Tech Support
    --------------
    WoWsat.com
    --------------
     
    R Green - WoWsat.com, Sep 12, 2003
    #17
  18. Leythos

    Leythos Guest

    In article <>,
    says...
    > Mark,
    >
    > You are either validating a nutcase or feeding a troll. Please
    > stop.


    Jim, there are many ways to "work" with people and to educate them. As
    many of us have seen, what has been tried before is NOT working. I hope
    to be able to show her what is valid and what is not valid and hope that
    we can get on with the group - surely a weeks time will not impact us
    any more than the constant flames that appear ever time Tracker posts
    anything.

    It can't hurt and it may help.

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Sep 13, 2003
    #18
  19. Leythos Spilled my beer when they jumped on the table and proclaimed
    in <>:

    <snip>

    > In my experience, blocking Asia, Middle Eastern and Eastern
    > countries has done no harm to my network, but it has cut down on the
    > log files and even spam email.


    I started blocking China Telecom, and my scan logs went down by
    20%...so this is completely understandable...

    NOI
     
    Thund3rstruck, Sep 13, 2003
    #19
  20. Leythos

    Jim Watt Guest

    On Sat, 13 Sep 2003 07:37:20 -0400, Thund3rstruck
    <> wrote:

    >Leythos Spilled my beer when they jumped on the table and proclaimed
    >in <>:
    >
    ><snip>
    >
    >> In my experience, blocking Asia, Middle Eastern and Eastern
    >> countries has done no harm to my network, but it has cut down on the
    >> log files and even spam email.

    >
    > I started blocking China Telecom, and my scan logs went down by
    >20%...so this is completely understandable...


    True, but Europe is another thing

    I was blocking email from Japan, but someone there wanted to
    buy something and had to resort to the fax,

    --
    Jim Watt http://www.gibnet.com
     
    Jim Watt, Sep 13, 2003
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Tm9ydGhlcm4=?=

    weather tracker

    =?Utf-8?B?Tm9ydGhlcm4=?=, Mar 29, 2006, in forum: Microsoft Certification
    Replies:
    0
    Views:
    664
    =?Utf-8?B?Tm9ydGhlcm4=?=
    Mar 29, 2006
  2. anthonyberet
    Replies:
    2
    Views:
    419
    anthonyberet
    Jul 2, 2004
  3. joe

    lets 'get' tracker

    joe, Jul 6, 2003, in forum: Computer Security
    Replies:
    9
    Views:
    2,263
    Lee Higdon
    Jul 7, 2003
  4. Bruce Valentine

    Re: An idea about Tracker

    Bruce Valentine, Aug 15, 2003, in forum: Computer Security
    Replies:
    2
    Views:
    391
    Jason
    Aug 16, 2003
  5. Leythos

    Tracker - Book Review Site - it's about over

    Leythos, Sep 15, 2003, in forum: Computer Security
    Replies:
    4
    Views:
    451
    mchiper
    Oct 9, 2003
Loading...

Share This Page