Internal IP Exposed [making progress]

Discussion in 'Computer Information' started by Plato, Nov 20, 2004.

  1. Plato

    Plato Guest

    OK since it only happens on my pc it has to be some software I installed
    right? So, put on various firewalls and no suprises ie let the usual
    access the internet browser, ftp, mail, etc ie the usual. No rogue apps.
    Heck, I even removed my pinger [dont need it anymore anyway] and tclock
    [which fetches time]

    STill no joy. So, lets look in add/remove. Hmmm, java web start is there
    and java2. Two separate lines. I know I never independently installed
    java so I uninstalled both and wala. No Exposed internal IP at the test
    site. So the java via any one of the 4 browsers I use was sending out my
    internal pcs IP.

    I seem to recall firefox saying something about java during the install
    but I could be mistaken. Firefox still works but Im going to put in on
    again full install to see if it's the thinggy that put that version of
    java on as it's the only major thing I've added in months.

    Anyway, thanks for all your help. ie just talking about it with you
    folks made it more interesting of a niggle to kill.
     
    Plato, Nov 20, 2004
    #1
    1. Advertisements

  2. Plato

    Robert Baer Guest

    My wild guess is that you will get Java2.
     
    Robert Baer, Nov 20, 2004
    #2
    1. Advertisements

  3. Plato

    Plato Guest

    Actually no. But when I put in Firefox fresh and went to that testing
    website it did
    say a plugin was required, and wala, it was the java plugin, afterwards
    yep, same thing
    until I took the plugin out. It was java 5.0 ie not simply a plug in for
    firefox but for
    the system.

    My guess is that my teen was using my pc and hit one of his game pages
    and it said

    "cannont view or whatever as you dont have the pluging or file or
    whatever" and he
    hit OK and installed it. Personally I never install special stuff for
    viewing webpages,
    tho I do, of course, install ware to view stuff pages have to offer on
    occasion.

    Of course I'm using an old os here with no security updates :)
     
    Plato, Nov 20, 2004
    #3
  4. Plato

    Thor Guest

    Java in some form is pretty much a necessity though for web browsers these
    days, IMHO. Either in the form of MS's outdated Java VM or Sun's Java VM
    plugin. Without it, you sacrifice much in the way of functionality, no
    matter what browser you use.
     
    Thor, Nov 20, 2004
    #4
  5. Plato

    Robert Baer Guest

    I have installed SpyBot and AdAware as suggested.
    I had the resident version of SpyBot running when i was on the web,
    and after i logged off, i had it scan, and it found the following:
    DSO Exploit: Data source object exploit (Registry change, nothing done)

    HKEY_USERS\S-1-5-21-57989841-152049171-839522115-1000\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings\Zones\0\1004!=W=3

    --- Spybot - Search && Destroy version: 1.3 ---
    2004-08-11 Includes\Cookies.sbi
    2004-11-17 Includes\Dialer.sbi
    2004-11-17 Includes\Hijackers.sbi
    2004-11-17 Includes\Keyloggers.sbi
    2004-05-12 Includes\LSP.sbi
    2004-11-17 Includes\Malware.sbi
    2004-10-05 Includes\Revision.sbi
    2004-10-25 Includes\Security.sbi
    2004-11-17 Includes\Spybots.sbi
    2004-10-21 Includes\Tracks.uti
    2004-11-17 Includes\Trojans.sbi
    ************ end copy ************

    This is the 3rd or 4th time this has happened, and there was no
    warning during the session; why?
    AdAware was not running during the session.
    I was using NetScape 6.2 at the time, running in Win2K.
    I have never seen this problem (or any others) in Win98SE running
    Netscape 4.7, which is why i am loath to "upgrade" to the latest and
    greatest stuff.
    I use Win2K as sort-of a test-bed, since it has more tools that are
    very useful; eg: ctl-alt-del brings up a task list or process list, so
    one can dynamically kill a known bot program.
     
    Robert Baer, Nov 21, 2004
    #5
  6. Plato

    Thor Guest


    The DSO exploit detection in spybot is a bug. The DSO exploit was patched by
    MS long ago. Spybot keeps complaining about the registry entry because it
    fails to put valid data in there when it "fixes" the entry, so then it keeps
    re-detecting a problem. In reality, the registry settings are irrelevent as
    long as you are patched up properly with windows updates. Nothing to worry
    about. They will fix this bug in the next release version of spybot.
     
    Thor, Nov 21, 2004
    #6
  7. Plato

    Robert Baer Guest

    Thanks; i discovered that i do not have to be on the net; that every
    time i boot to Win2K (wher SpyBot is installed), it makes that
    complaint.
    However, i use the "raw" Windows 2000 Professional 1-2 CPU OEM
    version.
    I stay away from any and all patches, because of all of the problems
    caused by them.
    I think that "the better the devil you know, than the devil you do not
    know".
     
    Robert Baer, Nov 22, 2004
    #7
  8. Plato

    Trent© Guest

    Not very wise at all.


    Have a nice one...

    Trent

    Budweiser: Helping ugly people have sex since 1876!
     
    Trent©, Nov 22, 2004
    #8
  9. Plato

    Jim Berwick Guest

    .... Are you implying you installed Win2k, and have yet to install /any/
    updates for it? If so, are you completely insane?
     
    Jim Berwick, Nov 22, 2004
    #9
  10. Plato

    Robert Baer Guest

    One of my many OSes i use is Win98SE, unpatched with Netscape 4.7 and
    i get maybe one virus per 6 months.
    Last year, in Win2K with IE 5.0 and all patches i got bombarded within
    15 minutes on the net.
    Wiping the drive and re-installing an unpatched Win2K gave me about 10
    percent of the problems; switching to Netscape 4.7 got me to zero.
    "Upgrading" to Netscape 6.2 got me back to virii etc comparable to IE.
    So, as long as one can do at least 90 percent of net related work
    using "obsolete" programs, without having to deal with garbage, my
    question is: "are you insane using the latest and so-called greatest?".
     
    Robert Baer, Nov 23, 2004
    #10
  11. Plato

    Duane Arnold Guest

    Since 2001 when I really started using the Internet, I have kept Win 2K
    Pro, Win2K Adv Server and XP Pro machines patched with the latest and
    greatest. I have gotten the Code Red worm because I didn't know what was
    happening on the Internet with IIS and one ad Trojan in that time period
    on the Win 2K machines.

    It does make one wonder due to your above statements about you protecting
    and securing any MS O/S period.

    It's too rediculous. ;-)

    Duane :)
     
    Duane Arnold, Nov 23, 2004
    #11
  12. Plato

    Thor Guest

    "get" as in become infected? Or do you merely mean "receive" in your email?
    If you mean "receive" viruses, then that has nothing to do with the email
    client you are using. It has everything to do with who, and how many people
    have your email address.
    The problem is that you are concentrating only on the browser aspect, and
    ignoring other vulnerbilities in the OS itself. Win2K (like XP) has had it's
    share of vulnerabilities that are completely independent of the browser
    being used. Using a completely unpactched OS, and thinking you are protected
    by just using Netscape 4.7 or some other outdated browser is doing nothing
    but fooling yourself into a false sense of security. Patch that box Robert.
    Just because you have been lucky and not been infected is no reason to
    assume you are protected by avoiding critical pathes. I use the latest IE,
    have always done so, have always maintained my patches, and I've NEVER been
    infected by a virus. Oh I've recieved a many viruses in emails, but that has
    nothing to do with what email client *I* use. They would contain those
    viruses if I had been using Netscape's email client, or Eudora, etc. and if
    I clicked on the infected attachment, those alternative email clients would
    afford me no better protection against the unwise choice of opening that
    attachment. Attributing your "bombardment" of viruses to having a patched OS
    is just not logical. Leaving it unpatched is what makes you more vulnerable.
    What you state as your reasoning, simply makes no sense.
     
    Thor, Nov 23, 2004
    #12
  13. Plato

    Plato Guest

    Interesting point really. From one, ie me, who uses _real_ old stuff and
    hardly ever
    gets toasted by malware. Actually I havn't been toasted at all,
    honestly, in the last
    few years the only virus that was put on my system was when I viewed an
    html email
    using _my really old copy_ of pegusus. NO damage tho, I saw it lock,
    then scanned, then
    simply deleted the bugger. I dont run an anti-virus 24/7 either.
     
    Plato, Nov 23, 2004
    #13
  14. Plato

    Plato Guest

    Good point also.


     
    Plato, Nov 23, 2004
    #14
  15. Plato

    Robert Baer Guest

    It would appear that your experience and mine are incontrast with what
    Thor mentions.
    Crazy or insane; i go on the basis of my personal experience.
    If i was rich, i would hire 3 programmers to write a "clone" to one of
    the Windows (maybe Win2000?) with the idea of minimal bugs and eazy
    fixes; and it would go into the PD for review.
    The buffer overflow problems that have existed in Windows products
    would not be repeated; why M$ has allowed such beginning programmer
    no-nos to exist from the git-go is criminal.
    The OS would have a dinky kernal; would fit on a floppy and be as 100
    percent bullet-proof as possible.
    All support the user would see would be programs on top of that; the
    user can choose what is loaded or not (similar to Win2K program task
    list).
    Only *all* of the programs would be listed (in Win2K, some are still
    hidden), and if a user clicked to end one it would do so *immediately*
    and not take minutes it if all (Win2K at times has a habit of taking a
    looooong time to end a task, and sometimes does not end it).
    There would be a complete explaination as to what each and every
    OS-related program does - a "help" available via a right click
    "properties" or similar.
    This way a user is not left guessing what is kosher and what is not.
    OS-related directories would be super-locked to everybody except the
    administrator, and the administrator would be unable to get on the web.
    Web and user work directories would be isolated from OS related
    directories - and vice-versa; one would have to work hard (at minimum)
    to move anything from one area to another.
     
    Robert Baer, Nov 24, 2004
    #15
  16. Plato

    Duane Arnold Guest

    MS has thrown out the book with how things have been done in the past with
    its .Net Standards and the MS O/S and a lot of things have been corrected
    or improved. Of course it will take sometime to be fully implemented but
    things will start to change noticeably.

    Duane :)
     
    Duane Arnold, Nov 24, 2004
    #16
  17. Plato

    Plato Guest

    The nasty boys take advantage of "loopholes". ie messenger service in
    XP, folks that have their MS email program set to auto open up anything,
    the average joe often just
    doent realize that by simply clicking on something you can get toasted.
    How about when you go to a webpage and it says you need such and such to
    properly view this page?

    Of course there are things like shockwave and such but you never know
    what will be installed really ie if its not something standard. Another
    way to get toasted.
     
    Plato, Nov 24, 2004
    #17
  18. Plato

    Robert Baer Guest

    Nobody should hold their breath...
     
    Robert Baer, Nov 25, 2004
    #18
  19. Plato

    Duane Arnold Guest

    I am already using the stuff and I have taken 4 weeks of .Net company paid
    training here recently and I have been in the books like ADO.Net, ADV .Net
    Remoting, C# Business Objects, just to name a few, the last three weeks
    hard getting up to speed. I'll start developing .Net applications and doing
    things the new way after returning from my Turkey-day holiday/vacation. Of
    course, these vast changes in how MS has done everything in the past will
    take time to make it to the home user. But it's coming and you can count on
    it happening due to the Sun/MS fallout about JAVA that forced MS to come up
    with .Net and they have thrown out the book and re-done everything.

    You need to get rid of Win 98 as it will be obsolete and dead even though
    ..Net will run on it. ;-)

    If you're in the US, then have a happy Turkey-day. I have got to hit the
    road.

    Duane :)
     
    Duane Arnold, Nov 25, 2004
    #19
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.