|
Hi all.
Somebody, plz send me some link for kazaa to
download.
thenks
----- Original Message -----
Sent: Friday, October 18, 2002 9:32
AM
Subject: Kazaa Lite Fun: was, RE: Tonight
I got hacked.
Kazaa and Kazaa Lite both have an option for
disabling the downloading of files that "might contain trojans". The
difference is, Kazaa protects you by enabling that option, and Kazaa Lite does
not. So after using Kazaa for a while, I switched to Kazaa Lite - and
assumed the same default was used. It isn't. My Win2k box was so
hosed after running a single VBS file, I had to re-install the
OS. Microsoft compounds the problem by hiding known file extensions,
so "your.hacked.jpg.vbs" becomes "your.hacked.jpg" The good news
was, I took advantage of the opportunity to make a linux partition on that
machine.
-
bill
It happend when a client machine was connected to KaZaa through the Linux
server and stored data on the server.
Joe Polk <[EMAIL PROTECTED]> wrote:
You
are correct, sort of. While it's true nothing can initiate a
connection
from the outside, a client on the inside can. It's not what
you might think,
either. Yes, a trojan could do it, but Internet
Explore can as well. So too
can things like Gator and other spyware.
Though for the most part you are
secure from root attacks by and large,
be aware your clients within your lan
can initiate contact with the
outside world and these connections can also
invite
danger.
<>
---------- Original Message
-----------
From: Bill Holland <[EMAIL PROTECTED]>
To:
"'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Sent: Thu, 17 Oct
2002 18:11:41 -0400
Subject: RE: Tonight I got hacked.
> If I
have a little $60 Netgear router, and provide no services
> through
it - do I have to worry about all this stuff? Its my
>!
understanding that no ports are being forwarded, so nothing can get
> through. Or am I mistaken?
>
> - bill
>
> -----Original Message-----
> From: Todd A. Jacobs
[mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 17, 2002
4:30 PM
> To: RedHat List
> Subject: Re: Tonight I got
hacked.
>
> On Thu, 17 Oct 2002, linux power wrote:
>
> > I thought I had a good iptables firewall, but not good
enough. Well
> > anyway it tooks a couple of months before it
happend-
>
> A firewall is insufficient in and of itself. All
a firewall does is
> allow or block access to certain ports. It
doesn't control what kind
> of traffic flows through those sockets:
that's up to the application
> or its application-layer proxy to
sort out.
>
> If you want your system to be secure, you need
to install a firewall
> of course, but you also need to disabl! e
unnecessary services,
> tighten access controls, limi! t privelege,
monitor log files, and
> many other tasks. "Security is a process,
not a product."
>
> I don't think it's been updated for
psyche yet, but take a look at
> the bastille hardening scripts and
see what you can learn. At a
> minimum, you should:
>
> - Only install packages you know you'll need. Avoid "everything
plus
> the kitchen sink" installs.
> - Use ntsysv to remove
services you don't use or understand.
> - Make heavy use of
/etc/hosts.deny and /etc/hosts.allow to restrict
> access.
> -
Disable xinetd unless you *really* need it. If you do, disable
>
any of its child services that you don't explicitly need. -
>
Install portsentry. - Configure tripwire and READ the reports.
> -
Install logsentry and READ the reports.
>
> Switching to
Windows will not solve your problem, since Windows has
> even more
exploits than Linux and is much harder to secur! e and
> monitor.
And even if you choose to do so, the list of tasks isn't
> really
all that different: lock it down, and then monitor, monitor,
monitor.
>
> There is no quick fix for security. If you
insist on looking for one,
> you *will* get hacked again, regardless
of the OS you choose to use.
>
> --
> "The only thing
that helps me maintain my slender grip on reality is
> the
friendship I share with my collection of singing potatoes."
>
> - Holly, JMC Vessel *Red Dwarf*
>
> --
>
redhat-list mailing list
> unsubscribe
mailto:[EMAIL PROTECTED]?subject=unsubscribe
>
https://listman.redhat.com/mailman/listinfo/redhat-list
>
>
--
> redhat-list mailing list
> unsubscribe
mailto:[EMAIL PROTECTED]?subject=unsubscribe
>
https://listman.redhat.com/mailman/listinfo/redhat-list
------- End of
Original Message -------
!
--
redhat-list mailing
list
unsubscribe ma!
ilto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
http://home.no.net/~knutove/knut_ove_hauge_kuren.htm
Yahoo!
Mail har fått nytt utseende ;)
Nytt design, enklere å bruke, alltid tilgang til Adressebok,
Kalender og Notisbok
|
