any thoughts on this article?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: any thoughts on this article?

  1. #1
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539

    any thoughts on this article?

    Hey i found this on msn.com any thoughts on it? http://www.msnbc.msn.com/id/6416723/ thanx bye.
    Git R Dun - Ty
    A tribe is wanted

  2. #2
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    Nothing really that new it is just that now it is starting to be widely used not just by virus writers but by Phishers now and people donít want to hear about how viruses work because they have an anti-virus system like Nortan or Mcafee (usually not up to date) but because it is being used in Phishing scams now people want to hear about it because they could be losing money and not just their privacy.

  3. #3
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    well i hope people are smart enough not to click on email links ( that helps this spread)
    Git R Dun - Ty
    A tribe is wanted

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Better yet locate your hosts file and remove rights to write to it from everyone except administrators, then log in as a regular user for normal operation or use something like WinPatrol that monitors changes to it and removes any changes you don't intent.....

    Sometimes I think this stuff isn't rocket science.... But they sure like people to think it is.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    lol very true tiger
    Git R Dun - Ty
    A tribe is wanted

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Anti Virus programs haven't checked the Hosts file...

    and the host file was all i could get out of that artical as being the main cause of concern..

    The new technique involves changing a little-known piece of software on most Web-ready computers called a "host file." All Web sites have numeric Internet addresses, called IP addresses,
    Years ago, before the Internet's domain name system was in place, the local host file was useful, says software engineer and privacy advocate Richard Smith, who operates ComputerBytesMan.com. But now, it's just a relic, he says, kind of like an appendix on Internet software.

    "It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
    While I agree in part with this. I use the hosts file to block unwanted add sites..hmm but i havent set the file attributes to read only.. havent tried that.... but it would be as easily circumvented..

    Bloody hell .. I shouldnt eat brekfast and post replies at the same time.. some B.... beats me to it. that is the reply..an.... darn now the dogs got me breakfast..argh.
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    Member
    Join Date
    Mar 2004
    Posts
    94
    Years ago, before the Internet's domain name system was in place, the local host file was useful, says software engineer and privacy advocate Richard Smith, who operates ComputerBytesMan.com. But now, it's just a relic, he says, kind of like an appendix on Internet software.

    "It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
    Damn... Where've I been that I didn't realize this was a useless feature? Sucks to be told that features you use are useless...

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Undies: Not the file attributes.... Set the security to allow read only on all but the administrator.... That's far from easy to get around if you run normally as a normal user.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Senior Member z31200n3's Avatar
    Join Date
    Jan 2004
    Location
    Bellevegas
    Posts
    102
    As Kevin Mitnick said, the weakest link in security is the human being. Its amazing how many stupid people (fully aware of the implications of clicking said emails) STILL TAKE THE DAMNED LINK!!! Obviously, this isnt any new insight, but i just wanted to express my disbelief in the human race :-)

    -z3

  10. #10
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    "It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
    As usual, blame the wrong thing. You should have your browser
    configured so that no web site you surf to can have free access
    to write to your system files. Unfortunately, with all the javascript and
    activeX stuff enabled, they can rewrite just about anything on your
    hard drive.

    Now, if you have linux, you can tell your system to only consult the hosts
    file when dns fails. Who knows. maybe you can also do so with Windows.

    I wouldn't encourage OS designers to take this feature away. Phishers
    will just find a way to abuse DNS. Then where would we be?


    AHA!

    http://support.microsoft.com/kb/119372/EN-US/
    I came in to the world with nothing. I still have most of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides