[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: intruders [Fw: Today's WinInfo: July 12]

PureBytes Links

Trading Reference Links

 
<x-html><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META content="MSHTML 5.00.2614.3401" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV>Ton:</DIV>
<DIV>&nbsp;</DIV>
<DIV>I&nbsp;think it's dangerous to assume that with file sharing turned off, 
one is safe from attack.&nbsp; Even if one <EM>does </EM>assume their files 
can't be accessed (which I'm not willing to gamble on, considering all the 
trojan horses out there), there are many other forms of attack like land 
attacks, denial of service, nukes and ping attacks that can give you a lot of 
grief.</DIV>
<DIV>&nbsp;</DIV>
<DIV>The Microsoft article certainly doesn't make me feel any better about Back 
Orifice as far as I can see.&nbsp; BO and its many of variations are nasty and 
from what I understand, only a good anti-virus application will detect the 
trojan and failing that, only a good firewall will prevent the related port 
accesses.</DIV>
<DIV>&nbsp;</DIV>
<DIV>Regards.</DIV>
<BLOCKQUOTE 
style="BORDER-LEFT: #000000 2px solid; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px; PADDING-LEFT: 5px; PADDING-RIGHT: 0px">
  <DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
  <DIV 
  style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B> 
  A.J. Maas </DIV>
  <DIV style="FONT: 10pt arial"><B>To:</B> <A 
  href="mailto:metastock@xxxxxxxxxxxxx"; 
  title=metastock@xxxxxxxxxxxxx>Metastock-List</A> </DIV>
  <DIV style="FONT: 10pt arial"><B>Sent:</B> July 13, 1999 16:11</DIV>
  <DIV style="FONT: 10pt arial"><B>Subject:</B> Re: intruders [Fw: Today's 
  WinInfo: July 12]</DIV>
  <DIV><BR></DIV>
  <DIV><FONT size=2>To clear some myths..........................</FONT></DIV>
  <DIV><FONT size=2></FONT>&nbsp;</DIV>
  <DIV><FONT size=2>For as long as you do not "Share" any files, disks, 
  printers,&nbsp;folders or even Net-adapters, you are save from</FONT></DIV>
  <DIV><FONT size=2>anyone entering </FONT><FONT size=2>your PC.</FONT></DIV>
  <DIV><FONT size=2>
  <DIV><FONT size=2>If you haven't done any of the&nbsp;file, folder, disk, 
  printer and netadapter </FONT><FONT size=2>sharing (also in the Control 
  Panel's Nethood/</FONT></DIV>
  <DIV><FONT size=2>Networking and the Win95/98 Context Menu's options for 
  "Sharing", then no-one can intrude onto your PC</FONT></DIV>
  <DIV><FONT size=2>with you in command (and as otherwise is described in the 
  article below).</FONT></DIV></FONT></DIV>
  <DIV><FONT size=2>This "Sharing", apart from the Control Panel's Nethood and 
  the Win95/98 Context Menu's options,</FONT></DIV>
  <DIV><FONT size=2>are privaleges you can also set for any of the "Users" 
  of&nbsp;your PC's Windows sessions. </FONT><FONT size=2>The program&nbsp;to do 
  so</FONT></DIV>
  <DIV><FONT size=2>is "C:\Windows\Poledit.exe".</FONT></DIV>
  <DIV>&nbsp;</DIV>
  <DIV><FONT size=2>The above is for Win95/98 only, for as WIN-NT4/2000 requires 
  a top secret "NTconfig.pol" file stored on server for</FONT></DIV>
  <DIV><FONT size=2>setting the&nbsp;"Sharing of the Network's NetHood, Server 
  and&nbsp;WKS's </FONT><FONT size=2>files, folders, printers and 
  disks".</FONT></DIV>
  <DIV>&nbsp;</DIV>
  <DIV><FONT size=2>Regards,<BR>Ton Maas<BR><A 
  href="mailto:ms-irb@xxxxxxxxxxxxx";>ms-irb@xxxxxxxxxxxxx</A><BR>Dismiss the 
  ".nospam" bit (including the dot) when replying.<BR><BR><BR></FONT><FONT 
  size=3>___________________________________________________________________________<BR><BR>WinInfo: 
  Windows news and information -- Copyright (c) 1995-9 Paul Thurrott<BR>Visit 
  WinInfo on the Web at WUGNET: <A 
  href="http://www.wugnet.com/wininfo";>http://www.wugnet.com/wininfo</A><BR>___________________________________________________________________________<BR><BR>Today's 
  WinInfo:<BR>&nbsp; Microsoft challenges BackOrifice myths<BR>&nbsp; Microsoft 
  bringing USB hardware to the Macintosh<BR><BR><BR>Microsoft challenges 
  BackOrifice myths<BR><BR>With the release this week of Windows NT hacking tool 
  "BackOrifice 2000,"<BR>Microsoft has launched an informational campaign of its 
  own, designed to<BR>derail myths about the malicious program. According to a 
  report on<BR>Microsoft's Security Advisor Web site, BackOrifice 2000 is a 
  remote control<BR>application that must be stealthily installed so that 
  attackers can take<BR>over a Windows NT-based network. The program enables 
  remote hackers to do<BR>anything they could do were they to be logged onto the 
  machine locally: Run<BR>programs, delete files, and the 
  like.<BR><BR>"BackOrifice 2000 is a remote-access tool that was developed with 
  the intent<BR>of harming users," says Jason Garms, the lead product manager 
  for Windows NT<BR>security at Microsoft. "It is a tool that has no legitimate 
  purpose other<BR>than exposing users' machines to people on the Internet. 
  Users who are<BR>tricked into getting this thing installed on their system are 
  vulnerable to<BR>the attacker, who can then do anything that the victim can 
  do--move the<BR>mouse, open files, run programs, etc.--which is little 
  different from what<BR>legitimate remote-control software can do. Back 
  Orifice, however, is<BR>designed to be stealthy and evade detection by the 
  user."<BR><BR>For BackOrifice to find its way onto your system the hacker must 
  have<BR>physical access to the machine with a valid login or you must be 
  tricked<BR>into installing it; typically this is accomplished by sending users 
  the<BR>program as an email attachment that must be executed. To prevent 
  this<BR>program from taking over your system, just use common sense: Always 
  run an<BR>anti-virus program with up-to-date virus definitions and don't let 
  anyone<BR>gain unauthorized physical access to your machine. Perhaps most 
  importantly,<BR>don't execute email attachments from unknown 
  people.<BR><BR>One of the biggest myths perpetrated by the makers of 
  BackOrifice is that<BR>program takes advantage of security inadequacies that 
  are inherent in<BR>Windows and Windows NT. This is simply not true: 
  BackOrifice could have been<BR>written to attack *any* kind of computer 
  system. The hackers that wrote it<BR>simply decided to attack Windows, which 
  is the most popular computing<BR>platform by far. In fact, as Microsoft notes, 
  BackOrifice doesn't actually<BR>target Windows per se at all: It targets 
  users, who often don't understand<BR>security issues well enough to not 
  execute email attachments from unknown<BR>sources.<BR><BR>Another common myth 
  centers on the goal for BackOrifice: In an attempt to<BR>protect themselves 
  from legal problems, the creators of BackOrifice are<BR>pretending that it is 
  a legitimate remote control application. However, this<BR>is not the case: 
  BackOrifice is designed to escape detection and exceeds the<BR>needs of remote 
  control software. And it doesn't prompt the user when it<BR>installs on the 
  system.<BR><BR>"The creators [of BackOrifice] claim that this is a useful 
  administration<BR>tool, but it doesn't even prompt people when it installs 
  itself on the<BR>system. It doesn't warn them that it's getting installed. 
  And, once it's<BR>installed, it makes the system available to other people on 
  the Internet.<BR>That is a malicious act," says Garms. "I am personally 
  unaware of any major<BR>customers of ours who consider this to be a remote 
  administration tool as<BR>the folks who created it claim. Quite the contrary, 
  they consider it a piece<BR>of malicious code. Unfortunately, there are some 
  users who were duped by the<BR>press releases from the organization that 
  released the software, and did<BR>install it on their systems."<BR><BR>For 
  more information about Microsoft's response to BackOrifice 2000, 
  please<BR>visit the Microsoft Security Advisor Web site:<BR>&nbsp; <A 
  href="http://www.microsoft.com/security/bulletins/bo2k.asp";>http://www.microsoft.com/security/bulletins/bo2k.asp</A><BR><BR><BR><BR><BR>Microsoft 
  bringing USB hardware to the Macintosh<BR><BR>Microsoft Corporation will 
  announce the availability of its first USB<BR>hardware for the Macintosh, the 
  IntelliMouse Explorer, a "no ball" mouse<BR>that the company will release this 
  fall for Windows as well. According to<BR>rumors, Microsoft will also be 
  porting other USB hardware to the Macintosh,<BR>including possibly all of the 
  company's joystick/entertainment hardware,<BR>such as the FreeStyle Pro 
  GamePad and the Sidewinder Precision Pro joystick.<BR><BR>Expect an official 
  announcement from Microsoft at MacWorld New York 
  next<BR>week.<BR><BR>___________________________________________________________________________<BR><BR>Visit 
  WinInfo on the Web at WUGNET: <A 
  href="http://www.wugnet.com/wininfo";>http://www.wugnet.com/wininfo</A><BR><BR>To 
  unsubscribe from the WinInfo list, simply send an E-mail message to<BR><A 
  href="mailto:listserv@xxxxxxxxxxxxxxxxxxxx";>listserv@xxxxxxxxxxxxxxxxxxxx</A> 
  with the phrase "unsubscribe wininfo" (no<BR>quotes) in the body. If you are 
  having problems unsubscribing or any other<BR>problems with the list, please 
  write Keith Furman at <A 
  href="mailto:listadmin@xxxxxxxxxx";>listadmin@xxxxxxxxxx</A>.<BR>___________________________________________________________________________<BR></DIV></BLOCKQUOTE></FONT></BODY></HTML>
</x-html>From ???@??? Tue Jul 13 20:44:21 1999
Return-Path: <majordom@xxxxxxxxxxxxxxxxxx>
Received: from listserv.equis.com (listserv.equis.com [204.246.137.2])
	by purebytes.com (8.8.7/8.8.7) with ESMTP id TAA18457
	for <neal@xxxxxxxxxxxxx>; Tue, 13 Jul 1999 19:50:04 -0700
Received: (from majordom@xxxxxxxxx)
	by listserv.equis.com (8.8.7/8.8.7) id KAA00422
	for metastock-outgoing; Wed, 14 Jul 1999 10:40:38 -0600
X-Authentication-Warning: listserv.equis.com: majordom set sender to owner-metastock@xxxxxxxxxxxxx using -f
Received: from freeze.metastock.com (freeze.metastock.com [204.246.137.5])
	by listserv.equis.com (8.8.7/8.8.7) with ESMTP id KAA00417
	for <metastock@xxxxxxxxxxxxxxxxxx>; Wed, 14 Jul 1999 10:40:34 -0600
Received: from cs102.riyadh.zajil.com (root@[212.26.73.5])
	by freeze.metastock.com (8.8.5/8.8.5) with ESMTP id UAA03428
	for <metastock@xxxxxxxxxxxxx>; Tue, 13 Jul 1999 20:27:02 -0600 (MDT)
Received: from msx201.jeddah.zajil.com (msx201.jeddah.zajil.com [208.162.203.74])
	by cs102.riyadh.zajil.com (8.9.0/8.9.0) with ESMTP id NAA22560
	for <metastock@xxxxxxxxxxxxx>; Wed, 14 Jul 1999 13:13:58 +0300 (AST)
Received: from waheeb (mdm215.jeddah.zajil.com [208.162.203.94])
	by msx201.jeddah.zajil.com (8.9.0/8.9.0) with SMTP id FAA19151
	for <metastock@xxxxxxxxxxxxx>; Wed, 14 Jul 1999 05:05:12 +0300 (AST)
Message-ID: <004601becd9f$0fa63ec0$5ecba2d0@xxxxxx>
From: "Raidak" <raidak@xxxxxxxxx>
To: "Metastock List" <metastock@xxxxxxxxxxxxx>
Subject: converting ascii file
Date: Wed, 14 Jul 1999 05:15:31 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.72.3110.37
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.37
Sender: owner-metastock@xxxxxxxxxxxxx
Precedence: bulk
Reply-To: metastock@xxxxxxxxxxxxx
Status:   

i have an eod ASCII file which contains the following fields for 250 stocks:
symbol, date, high, low close, vol.
AA,00,00,00,00
BB,00,00,00,00

I have tried with the downloader but i couldn't get good results.

Thanks

raidak