I am getting hammered by something

Discussion in 'Technical' started by melbo, Sep 20, 2005.


  1. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Last night I was browsing the monkey when I got the "Page not Found" error.. I hit Google and same thing. Satellite outage i presumed and went to another PC at the house. No problems at all. Strang, I started to look through my WiFi settings and finally gave up and went to bed.

    Fired it back up today and same thing. Limited or no connectivity...ran the usual scans and finally did a system restore back to Saturday. Wored fine and I was back up and running.

    Then, 45 minutes ago, same thing happened. Was browsing the monkey and started to get 501 errors. Those are pretty rare.


    Anyway, I found what I needed and it seems to be contained for the moment. I'll update later.

    btw, I receive a few emails from "Melbo" today also, all with attachments. The routing on the emails goes through a Proxy server which is very close to the one used by govt agencies. I don't think it's that, just someone who knows there way around the system.

    What was that REM song? "What's the Frequency Kenneth?"
     
  2. E.L.

    E.L. Moderator of Lead Moderator Emeritus Founding Member

    Don't you feel the love in the air?
     
  3. Quigley_Sharps

    Quigley_Sharps The Badministrator Administrator Founding Member

    [camo] [​IMG]
     
  4. nope

    nope Monkey+++ Founding Member

    [peep] is this how you guys live? Sad that hackers can make people so paranoid. One more reason we need to control these virus's and people need to know it's not persoanl. I have seen may friendships/business relationships end over someone thinking others were sending viru's using their name or business name.
     
  5. melbo

    melbo Hunter Gatherer Administrator Founding Member

    I agree. Thanks for clearing up the impersonal nature of the Virus. It has cased a few problems when people think I am being malicious towards them.

    thanks
     
  6. ghrit

    ghrit Old, mean, and nasty Administrator Founding Member

    We are mostly here because of distrust of something, be it natural or man made. We think some preparedness for either one, whichever poison we pick, is a good thing to do. We also have a bit of fun with other things along the way. Paranoid? Maybe one or two of us do the tin hat conspiracy thing, but the large majority are pretty level. Well, compared to some of the rest of the world anyway.

    So, you might say some take random virii personally, and there is a chance that some of our "recent" experiences are indeed of a personal nature. But mostly I think we just rant on computer contamination as a major inconvenience, and do the best we can to avoid it. I for one, am among that group, I know the crap I went thru last year was a random act by some idiot that wanted to disrupt any and all things he could. I'd still shoot the SOB, it would afford me satisfaction if nothing else, if indeed he could be found.

    In any case, welcome. Watch us learn, watch us blunder over our own toes. Join in. Laugh and learn, or teach. Most of us are hard headed enough to have learned the hard way, and are willing to pass along our experiences, and pick the other's brains.
     
  7. Brokor

    Brokor Live Free or Cry Moderator Site Supporter+++ Founding Member

    I trust nobody. Except this one exotic dancer I know. b::


    Melbo, could you just send spam back to the spammer? Is that illegal?
     
  8. monkeyman

    monkeyman Monkey+++ Moderator Emeritus Founding Member

    Just do a return to sender thing on it. lol Kind of like when you get junk (snail)mail with a post paid responce envelope, fill it with rocks or etter yet lead and send it back, or put all the other junk mail in it from other people and send it back to them, then they have to pay the postage by weight to get that sent back to them. :D
     
  9. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Most of these types of emails use a false return and IP. Pretty tough to send it back. A lot of spam sends to random addys and when you reply to bless them out, bing. You are now a verified email addy. More spam on the way
     
  10. monkeyman

    monkeyman Monkey+++ Moderator Emeritus Founding Member

    Yeah, have had more experience on screwing with the snail mail junk mail senders. [troll]
     
  11. E.L.

    E.L. Moderator of Lead Moderator Emeritus Founding Member

    Well, you are in Folsum State Prison aren't you? What did you expect?

    [peep]
     
  12. Quigley_Sharps

    Quigley_Sharps The Badministrator Administrator Founding Member

    :D
     
  13. E.L.

    E.L. Moderator of Lead Moderator Emeritus Founding Member

    [do-it] [grlft] [haay] [doh]
     
  14. Quigley_Sharps

    Quigley_Sharps The Badministrator Administrator Founding Member

    :D
    noseminer_594.
     
  15. melbo

    melbo Hunter Gatherer Administrator Founding Member

    CitizenX, Is it possible for someone to deliberately and maliciously send a Virus to another system without the target knowing it? I keep having problems with one of my systems and it is not the one that is used to 'surf'. It is the Main PC in my network though that everything else runs off of.

    I was under the impression that One had to click on something or open an attachment to initiate the Virus..

    thanks
     
  16. RightHand

    RightHand Pioneer in a New World Moderator Founding Member

    Macro viruses can be in innoucous word or excel documents. Once the macro is enabled, the virus executes
     
  17. nope

    nope Monkey+++ Founding Member

    information from a passing expert

    OK I'm going to precede this with, don't get to worried, because it's probably not someone actively targeting your computer. AND DON'T DO ANYTHING I SAY without consulting a professional computer repair person, I am not liable for you ruining your information or computer hardware!

    I've worked in the computer field since I was 16 now I'm 30, and have cleaned many a virus off machines. Sadly within the last two years the level of maliciousness these viruses have been capable of is unbelievable. In some cases it has been cheaper for us to tell clients to simply purchase a brand new computer and simply pay us to harden it against attack, and purchase a backup solution, than to try and fight the virus.

    This is a long response, but it is a complicated field, and you are getting professional level advice which companies I've worked for charge $150/hr for. I'm covering the basics here, some theory, and the ultimate solution as well. Read the whole thing first, and then make a decision, this isn't a step by step guide, some or all of this may fix your problem. If you get confused just look up the terms on http://www.wikipedia.org or http://www.webopedia.com/.

    In response to the question "is it possible for someone to deliberately send a virus to another system?" yes, but if they can do that then they could do worse, so all bets are off. When you don't understand the technology that this is all built on then it can get confusing. Let me clear that up first with a horrible generalization. Computer security is the same as physical security of a building, there are a whole lot of ways to enter a building and a whole lot of ways to try and protect that building. One big difference with a computer is that once the invader is inside, it can be a real bitch to get them out. However it is highly unlikely that someone is inside your computer. IF someone has hacked into your computer a clean install is the only hope for an average joe.

    It's more likely that as has already been stated that you "picked something up" from any one of the various routes of infection. This could have been an email attachment, word macro (or other application macro), image (I know, crazy, and it is a patched hole), activex plugin through IE, or one of the other common holes in Windows/Internet Explorer, or even Firefox/Mozilla (take a look at http://www.sans.org/top20/, or http://en.wikipedia.org/wiki/Computer_security if you like diving down rabbit holes). Basically Microsoft Windows is just that, a house made out of windows. Everyone tries to shutter their system behind a firewall, but it's still just a glass house behind a wall. Each hole in an application is a possible hole for an intruder, especially applications that access the internet or actively listen on a port. Now MS has made some good improvements in the last few years, and if you keep updated, run a virus scanner, firewall, etc you are less likely to run into any issues. So what can you do about it already?

    I don't use MS Windows anymore, and haven't been actively repairing systems in the last six months so I don't remember all the details. DISABLE MS Windows restore, the virus may be reinfecting the machine through this feature. When you restore you may just be reinserting the virus in it's "startup" state before it tries to mess with your system settings, which is what you end up perceiving as it acting funny. After cleaning the virus off the system, and backing up the information feel free to re-enable Windows restore.

    Make sure you have the latest virus definitions installed, if you don't have a virus scanner I would suggest http://free.grisoft.com, and on top of that get a second opinion by running a web based scan of your computer http://housecall.trendmicro.com/, or if you are technically orientated remove the hard disk from the computer (the information is backed up right?), and use another known clean computer to scan the hard disk you are concerned about (don't open anything, or browse the files on the possibly infected drive). Viruses have been known to target Anti-virus software successfully, and this scenario often can really bork a system.

    For this next part you may need some help, or patience, and the manual that came with your computer, specifically information on the motherboard. Now after you have run the scan, and followed any operations that the virus scanner suggests (there may be some manual patches that must be applied in the scenario of really nasty buggers). Turn the computer all the way off, unplug the power cord from the back, turn off the power switch located on the power supply. What you want to do is reset the BIOS. There is a small battery on your motherboard which keeps the time, and makes sure that the settings that are required to help your operating system startup are remembered. The BIOS, CMOS, and CMOS battery are all related and older and newer hardware differ in the specifics.

    Now no one in the computer industry talks about this in relation to viruses, why? because most of them don't believe that a virus can write to the cache area on the BIOS, and this is what I was always led to believe until last year. I was explaining to some members of my LUG (Linux Users Group) about how I'd been up against this virus for two days straight, and just couldn't wipe the thing off the client's machine. Every time I would clean it, run the tools from the Antivirus companies and follow all the advice I'm giving you now, and every time the virus would reinfect. One of the Computer Science majors from the LUG explained about how it was possible and that he had run a virus infecting the BIOS cache. Low and behold I pulled out the CMOS battery (for five minutes or more). After putting it back in the compter; and powering up the machine after I'd done the ALL the steps above, the virus didn't come back.

    Virus makers are using some really advanced techniques now, hiding in the windows restore area, using grabber programs that go out and pull the full virus back off the net after you have scanned, cutting themselves into pieces and hiding in other file types. What can you do about it? If all of that was to much, then I suggest backing up your information to a Read Only medium like CDROM or DVDROM and then reinstall windows, and transfer files as you need them, running scans on them as you do. Invest in a backup solution! Hard disk space is cheap, and there are some great "one button backup" external drives out there. EVERYONE should run a backup solution!

    Here is the best advice concerning computer security anyone is going to give you this year. Keep your Windows computer, but DONT use it for surfing the net or checking email, or posting or any of that. Put it behind a firewall/router and only use it for all the really easy to use applications, if you must game ok use it for that, but minimize the use of it on the web as much as you possibly can, file trading software is a well known infection vector.

    Go and get an old beater computer, go to http://www.ubuntulinux.org or http://www.distrowatch.com and download an ISO or order a FREE cd from Ubuntu. Linux comes in different flavors, which we call distros, Ubuntu is a flavor of Linux. Pop the Linux CD into the machine and follow the directions, if you aren't sure just hit ok or it's equivalent (and who cares if you mess up, it's and old crappy machine). You'll have to learn a few things along the way but Linux has come a long way, out of the box it will surf the web, let you edit word docs, edit photos, play basic games, Instant Message, and IRC. Best of all, Linux DOES NOT get viruses, (although it can pass them through via emails, or infected files if transferred to Windows), but it's virtually immune. If you get stuck, there are friendly communities of people willing to help (because they want control of their computer that much) such as http://www.ubuntuforums.org or http://wiki.ubuntu.org. If you want to be extra safe use webmail, gmail is good, or yahoo mail, if you don't trust them get a cheap webhosting account that includes webmail http://www.1and1.com comes to mind as affordable. Optionally simply refuse email attachments, and tell people not to send you chainmails. Chainmails are the #1 way how spammers get your address.

    [rnt]

    Software is the only thing in the world that can both be patented and copyrighted simultaneously. Whenever you click OK to those license agreements as you install software you are giving up many rights. You are only permitted to lease the software. Would you buy a gun you couldn't take apart? If the software doesn't work, if it destroys your data, or in the case of MS Windows is complicit in destroying your data because it's basic theory on how to defend itself is weak. If the software accidentally leads to bodily harm (highly unlikely I know) that legal agreement you click on every time you use proprietary software indemnfies the maker. See http://www.fsf.org/ and http://creativecommons.org/ for alternatives to proprietary software models.

    I quit working in the mainstream computer industry because of these concerns. It took myself; a computer expert, a year to become moderately proficient with Linux in the way that I was with windows so I'm not going to lie and say it isn't painful, but sooner or later Microsoft will either have to change how they build their software or eat it because they have helped to screw one to many customers. Virus makers are the same, why try to identify every bad thing that could happen? Why not just identify only the things you trust, and then ignore everything else? Because there is no money in it. My apologies for the super long post, and congratulations on making it to the end. I hope that this information will serve you well, if not, well at least it was freely offered.
     
  18. RightHand

    RightHand Pioneer in a New World Moderator Founding Member

    Excellent, Excellent, Excellent. Thanks for the input. The open platform community is growing by the day and open platform is the true future in computing - not Microsoft
     
  19. E.L.

    E.L. Moderator of Lead Moderator Emeritus Founding Member

    Thank you OliverSavage. I hope you join our board, I know that many of our members including myself will benefit greatly from your experience. Thanks again and good post!
     
  20. TLynn

    TLynn Monkey+++ Moderator Emeritus Founding Member

    Extremely well thought out and written answer. My friend who studied computer technology pretty much tells me the same thing - especially about Windows. And you are so spot on with what you've said.

    I too hope you consider joining the board. But either way thank you for participating even as a guest.
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
1NTzCYzfQp3EJAGcxRodMHQMXm1u9pVTCT