-
November 11th, 2004, 09:51 PM
#1
any thoughts on this article?
Hey i found this on msn.com any thoughts on it? http://www.msnbc.msn.com/id/6416723/ thanx bye.
-
November 11th, 2004, 10:18 PM
#2
Nothing really that new it is just that now it is starting to be widely used not just by virus writers but by Phishers now and people don’t want to hear about how viruses work because they have an anti-virus system like Nortan or Mcafee (usually not up to date) but because it is being used in Phishing scams now people want to hear about it because they could be losing money and not just their privacy.
-
November 11th, 2004, 10:31 PM
#3
well i hope people are smart enough not to click on email links ( that helps this spread)
-
November 11th, 2004, 10:44 PM
#4
Better yet locate your hosts file and remove rights to write to it from everyone except administrators, then log in as a regular user for normal operation or use something like WinPatrol that monitors changes to it and removes any changes you don't intent.....
Sometimes I think this stuff isn't rocket science.... But they sure like people to think it is.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
November 11th, 2004, 10:47 PM
#5
-
November 11th, 2004, 10:58 PM
#6
Anti Virus programs haven't checked the Hosts file...
and the host file was all i could get out of that artical as being the main cause of concern..
The new technique involves changing a little-known piece of software on most Web-ready computers called a "host file." All Web sites have numeric Internet addresses, called IP addresses,
Years ago, before the Internet's domain name system was in place, the local host file was useful, says software engineer and privacy advocate Richard Smith, who operates ComputerBytesMan.com. But now, it's just a relic, he says, kind of like an appendix on Internet software.
"It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
While I agree in part with this. I use the hosts file to block unwanted add sites..hmm but i havent set the file attributes to read only.. havent tried that.... but it would be as easily circumvented..
Bloody hell .. I shouldnt eat brekfast and post replies at the same time.. some B.... beats me to it. that is the reply..an.... darn now the dogs got me breakfast..argh.
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
November 11th, 2004, 10:59 PM
#7
Years ago, before the Internet's domain name system was in place, the local host file was useful, says software engineer and privacy advocate Richard Smith, who operates ComputerBytesMan.com. But now, it's just a relic, he says, kind of like an appendix on Internet software.
"It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
Damn... Where've I been that I didn't realize this was a useless feature? Sucks to be told that features you use are useless...
-
November 11th, 2004, 11:02 PM
#8
Undies: Not the file attributes.... Set the security to allow read only on all but the administrator.... That's far from easy to get around if you run normally as a normal user.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
November 11th, 2004, 11:41 PM
#9
As Kevin Mitnick said, the weakest link in security is the human being. Its amazing how many stupid people (fully aware of the implications of clicking said emails) STILL TAKE THE DAMNED LINK!!! Obviously, this isnt any new insight, but i just wanted to express my disbelief in the human race :-)
-z3
-
November 12th, 2004, 03:36 AM
#10
"It's useless now," he said. "But it's an attack vector.... This just points out that at some point you have to age out features and get rid of them."
As usual, blame the wrong thing. You should have your browser
configured so that no web site you surf to can have free access
to write to your system files. Unfortunately, with all the javascript and
activeX stuff enabled, they can rewrite just about anything on your
hard drive.
Now, if you have linux, you can tell your system to only consult the hosts
file when dns fails. Who knows. maybe you can also do so with Windows.
I wouldn't encourage OS designers to take this feature away. Phishers
will just find a way to abuse DNS. Then where would we be?
AHA!
http://support.microsoft.com/kb/119372/EN-US/
I came in to the world with nothing. I still have most of it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|