[OT] RE: Kazaa Lite Fun: was,
AFAIK, Kazaa isn't available for Linux. Even if it was, I'm sure it's full of spyware. -- Jonathan -- Jonathan M. Slivko Senior Account Executive EconnHosting Internet Services 90 Morningside Drive New York, NY 10027 Toll Free: 800-827-0541 Local: 212-663-1109 Fax: 212-663-1109 E-Mail:[EMAIL PROTECTED] AIM: JonMS418 MSN: [EMAIL PROTECTED] http://www.econnhosting.net/ -Original Message- From: [EMAIL PROTECTED] [mailto:redhat-list-admin@;redhat.com] On Behalf Of Edward Dekkers Sent: Saturday, October 19, 2002 11:01 PM To: [EMAIL PROTECTED] Subject: Re: Kazaa Lite Fun: was, > > Hi all. > > > > Somebody, plz send me some link for kazaa to download. > > Will somebody teach you how to search google, and how to trim your > messages. > > -- > Best regards, > Gary And learn not to ask those questions on a list which is specific to Redhat Linux, or at least learn the [OT] notation. --- Edward Dekkers (Director) Triple D Computer Services P/L -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was, RE: Tonight I got hacked.
On Sat, Oct 19, 2002 at 11:21:22AM +0800, Edward Dekkers wrote: > Just wanted to mention that on our network, when Kazaa Lite is run (throught > the Linux box), portsentry hack attempts increase at least 5-fold. This is > not coincidence IMNSHO. A person I know on another home network was > completely rootkitted, and virii installed on all 3 client PCs even with > Norton's installed on the client PCs, and portsentry and tripwire on the > Linux box. Hm, but - see other thread - neither portsentry nor tripwire are tools to prevent these things, I thought? > Kazaa seems to 'open' the boxes substantially. No idea how exactly - but I > can't ignore the results here. Question would be: Does it touch or circumvent the firewall rules, and if so: How? Is this client run with root privileges? Cheerio, Thomas -- http://www.netmeister.org/news/learn2quote.html ...'cause only lusers quote signatures! Thomas Ribbrock | http://www.ribbrock.org | ICQ#: 15839919 "You have to live on the edge of reality - to make your dreams come true!" -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was,
> > Hi all. > > > > Somebody, plz send me some link for kazaa to download. > > Will somebody teach you how to search google, and how to trim your > messages. > > -- > Best regards, > Gary And learn not to ask those questions on a list which is specific to Redhat Linux, or at least learn the [OT] notation. --- Edward Dekkers (Director) Triple D Computer Services P/L -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was,
On Sat, Oct 19, 2002 at 12:48:50PM -0400 or thereabouts, Rudolf Amirjanyan wrote: > Hi all. > > Somebody, plz send me some link for kazaa to download. Will somebody teach you how to search google, and how to trim your messages. -- Best regards, Gary Atheism is a non-prophet organization -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was, RE: Tonight I got hacked.
Hi all. Somebody, plz send me some link for kazaa to download. thenks - Original Message - From: Bill Holland To: '[EMAIL PROTECTED]' Sent: Friday, October 18, 2002 9:32 AM Subject: Kazaa Lite Fun: was, RE: Tonight I got hacked. Kazaa and Kazaa Lite both have an option for disabling the downloading of files that "might contain trojans". The difference is, Kazaa protects you by enabling that option, and Kazaa Lite does not. So after using Kazaa for a while, I switched to Kazaa Lite - and assumed the same default was used. It isn't. My Win2k box was so hosed after running a single VBS file, I had to re-install the OS. Microsoft compounds the problem by hiding known file extensions, so "your.hacked.jpg.vbs" becomes "your.hacked.jpg" The good news was, I took advantage of the opportunity to make a linux partition on that machine. - bill -Original Message-From: linux power [mailto:[EMAIL PROTECTED]]Sent: Friday, October 18, 2002 3:29 AMTo: [EMAIL PROTECTED]Subject: RE: Tonight I got hacked. It happend when a client machine was connected to KaZaa through the Linux server and stored data on the server. Joe Polk <[EMAIL PROTECTED]> wrote: You are correct, sort of. While it's true nothing can initiate a connectionfrom the outside, a client on the inside can. It's not what you might think,either. Yes, a trojan could do it, but Internet Explore can as well. So toocan things like Gator and other spyware. Though for the most part you aresecure from root attacks by and large, be aware your clients within your lancan initiate contact with the outside world and these connections can alsoinvite danger.<>-- Original Message ---From: Bill Holland <[EMAIL PROTECTED]>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>Sent: Thu, 17 Oct 2002 18:11:41 -0400Subject: RE: Tonight I got hacked.> If I have a little $60 Netgear router, and provide no services > through it - do I have to worry about all this stuff? Its my >! understanding that no ports are being forwarded, so nothing can get > through. Or am I mistaken?> > - bill> > -Original Message-> From: Todd A. Jacobs [mailto:[EMAIL PROTECTED]]> Sent: Thursday, October 17, 2002 4:30 PM> To: RedHat List> Subject: Re: Tonight I got hacked.> > On Thu, 17 Oct 2002, linux power wrote:> > > I thought I had a good iptables firewall, but not good enough. Well> > anyway it tooks a couple of months before it happend-> > A firewall is insufficient in and of itself. All a firewall does is > allow or block access to certain ports. It doesn't control what kind > of traffic flows through those sockets: that's up to the application > or its application-layer proxy to sort out.> > If you want your system to be secure, you need to install a firewall > of course, but you also need to disabl! e unnecessary services,> tighten access controls, limi! t privelege, monitor log files, and > many other tasks. "Security is a process, not a product."> > I don't think it's been updated for psyche yet, but take a look at > the bastille hardening scripts and see what you can learn. At a > minimum, you should:> > - Only install packages you know you'll need. Avoid "everything plus> the kitchen sink" installs.> - Use ntsysv to remove services you don't use or understand.> - Make heavy use of /etc/hosts.deny and /etc/hosts.allow to restrict> access.> - Disable xinetd unless you *really* need it. If you do, disable > any of its child services that you don't explicitly need. -> Install portsentry. - Configure tripwire and READ the reports. > - Install logsentry and READ the reports.> > Switching to Windows will not solve your problem, since Windows has > even more exploits than Linux and is much harder to secur! e and > monitor. And even if you choose to do so, the list of tasks isn't > really all that different: lock it down, and then monitor, monitor, monitor.> > There is no quick fix for security. If you insist on looking for one,> you *will* get hacked again, regardless of the OS you choose to use.> > -- > "The only thing that helps me maintain my slender grip on reality is > the friendship I share with my collection of singing potatoes."> > - Holly, JMC Vessel *Red Dwarf*> > -- > redhat-list mailing list> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe> https://listman.redhat.com/mailman/listinfo/redhat-list> > -- > redhat-list mailing list> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe> https://listman.redhat.com/mailman/listinfo/redhat-list---
Re: Kazaa Lite Fun: was, RE: Tonight I got hacked.
Thanks for the hints Edward. --- Edward Dekkers <[EMAIL PROTECTED]> skrev: > > Kazaa and Kazaa Lite both have an option for > disabling the downloading of > > files that "might contain trojans". The > difference is, Kazaa protects you > > by enabling that option, and Kazaa Lite does not. > So after using Kazaa > for > > a while, I switched to Kazaa Lite - and assumed > the same default was used. > > > > Just wanted to mention that on our network, when > Kazaa Lite is run (throught > the Linux box), portsentry hack attempts increase at > least 5-fold. This is > not coincidence IMNSHO. A person I know on another > home network was > completely rootkitted, and virii installed on all 3 > client PCs even with > Norton's installed on the client PCs, and portsentry > and tripwire on the > Linux box. > > Kazaa seems to 'open' the boxes substantially. No > idea how exactly - but I > can't ignore the results here. > > Regards, > > --- > Edward Dekkers (Director) > Triple D Computer Services P/L > > > > > -- > redhat-list mailing list > unsubscribe > mailto:redhat-list-request@;redhat.com?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list = http://home.no.net/~knutove/knut_ove_hauge_kuren.htm __ Se den nye Yahoo! Mail på http://no.yahoo.com/ Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was, RE: Tonight I got hacked.
> Kazaa and Kazaa Lite both have an option for disabling the downloading of > files that "might contain trojans". The difference is, Kazaa protects you > by enabling that option, and Kazaa Lite does not. So after using Kazaa for > a while, I switched to Kazaa Lite - and assumed the same default was used. Just wanted to mention that on our network, when Kazaa Lite is run (throught the Linux box), portsentry hack attempts increase at least 5-fold. This is not coincidence IMNSHO. A person I know on another home network was completely rootkitted, and virii installed on all 3 client PCs even with Norton's installed on the client PCs, and portsentry and tripwire on the Linux box. Kazaa seems to 'open' the boxes substantially. No idea how exactly - but I can't ignore the results here. Regards, --- Edward Dekkers (Director) Triple D Computer Services P/L -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: Kazaa Lite Fun: was, RE: Tonight I got hacked.
Ok. Thanks for your hint. Bill Holland <[EMAIL PROTECTED]> wrote: Kazaa and Kazaa Lite both have an option for disabling the downloading of files that "might contain trojans". The difference is, Kazaa protects you by enabling that option, and Kazaa Lite does not. So after using Kazaa for a while, I switched to Kazaa Lite - and assumed the same default was used. It isn't. My Win2k box was so hosed after running a single VBS file, I had to re-install the OS. Microsoft compounds the problem by hiding known file extensions, so "your.hacked.jpg.vbs" becomes "your.hacked.jpg" The good news was, I took advantage of the opportunity to make a linux partition on that machine. - bill -Original Message-From: linux power [mailto:[EMAIL PROTECTED]]Sent: Friday, October 18, 2002 3:29 AMTo: [EMAIL PROTECTED]Subject: RE: Tonight I got hacked. It happend when a client machine was connected to KaZaa through the Linux server and stored data on the server. Joe Polk <[EMAIL PROTECTED]> wrote: You are correct, sort of. While it's true nothing can initiate a connectionfrom the outside, a client on the inside can. It's not what you might think,either. Yes, a trojan could do it, but Internet Explore can as well. So toocan things like Gator and other spyware. Though for the most part you aresecure from root attacks by and large, be aware your clients within your lancan initiate contact with the outside world and these connections can alsoinvite danger.<>-- Original Message ---From: Bill Holland <[EMAIL PROTECTED]>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>Sent: Thu, 17 Oct 2002 18:11:41 -0400Subject: RE: Tonight I got hacked.> If I have a little $60 Netgear router, and provide no services > through it - do I have to worry about all this stuff? Its my >! ! understanding that no ports are being forwarded, so nothing can get > through. Or am I mistaken?> > - bill> > -Original Message-> From: Todd A. Jacobs [mailto:[EMAIL PROTECTED]]> Sent: Thursday, October 17, 2002 4:30 PM> To: RedHat List> Subject: Re: Tonight I got hacked.> > On Thu, 17 Oct 2002, linux power wrote:> > > I thought I had a good iptables firewall, but not good enough. Well> > anyway it tooks a couple of months before it happend-> > A firewall is insufficient in and of itself. All a firewall does is > allow or block access to certain ports. It doesn't control what kind > of traffic flows through those sockets: that's up to the application > or its application-layer proxy to sort out.> > If you want your system to be secure, you need to install a firewall > of course, but you also need to disab! l! e unnecessary services,> tighten access controls, l! imi! t privelege, monitor log files, and > many other tasks. "Security is a process, not a product."> > I don't think it's been updated for psyche yet, but take a look at > the bastille hardening scripts and see what you can learn. At a > minimum, you should:> > - Only install packages you know you'll need. Avoid "everything plus> the kitchen sink" installs.> - Use ntsysv to remove services you don't use or understand.> - Make heavy use of /etc/hosts.deny and /etc/hosts.allow to restrict> access.> - Disable xinetd unless you *really* need it. If you do, disable > any of its child services that you don't explicitly need. -> Install portsentry. - Configure tripwire and READ the reports. > - Install logsentry and READ the reports.> > Switching to Windows will not solve your problem, since Windows has > even more exploits than Linux and is much harder to ! secur! e and > monitor. And even if you choose to do so, the list of tasks isn't > really all that different: lock it down, and then monitor, monitor, monitor.> > There is no quick fix for security. If you insist on looking for one,> you *will* get hacked again, regardless of the OS you choose to use.> > -- > "The only thing that helps me maintain my slender grip on reality is > the friendship I share with my collection of singing potatoes."> > - Holly, JMC Vessel *Red Dwarf*> > -- > redhat-list mailing list> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe> https://listman.redhat.com/mailman/listinfo/redhat-list> > -- > redhat-list mailing list> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe> https://listman.redhat.com/mailman/listinfo/redhat-list--- End of Original Message ! ---! -- redhat-list mailing listunsub! scribe ma! ilto:[EMAIL PROTECTED]?subject=unsubscribehttps://listman.redhat.com/mailman/listinfo/redhat-listhttp://home.no.net/~knutove/knut_ove_hauge_kuren.htm Yahoo! Mail har fått nytt utseende Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbokhttp://home.no.net/~knutove/knut_ove_hauge_kuren.htmPrøv betaversjonen av den nye Yahoo! Mail Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok
