IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Windows vX.X Forum / Well....
Post #174,261
by jb4
Picture of jb4
9/14/04 4:21:13 PM
Reply
New Well....
Seemingly no change. After the install of the Firewall, I updated the firewall and utilities (apparently mcAfee won't allow you to keep your signature files updated after one year, but it will allow you to update the rest of the suite, the Shredder, the Firewall, et. al.) All during the download of the updates (which, at 36.0Kbps, was not fast), the firewall periodically notified me about attemtps to TFTP to someplace, which I continued to manually reject. (I don't want to set the firewall to automatically reject them, because I may actually need to do a TFTP sometime, and un-blocking something you've previously blocked is a pain-inna-arse.) The log gave no indication as to the target of the TFTP attempt -- hell, it wouldn't even log that an attempt took place. After about a half an hour of this, SVCHOST dutifully attempted an illegal access and crashed...taking the clipboard with it -- just as before.

However, I saw no evidence of the other problem, of the SVCHOST truing to UDP to someplace. so maybe It helped a bit. Further monitoring is needed to verify.

I'm tempted to let the TFTP go through, and then scan the snot out of my system to see if I can find out what is trying to be downloaded.

Thanks for asking!
jb4
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT
Post #174,262
by deSitter
Picture of deSitter
9/14/04 4:23:36 PM
Reply
New !!!
Why do you think you can magically avoid the solution that everyone else has to suffer with?

And you DO know that your contributing to Internet horror, right?

FIX IT ALREADY!
-drl
Post #174,267
by jb4
Picture of jb4
9/14/04 4:42:06 PM
Reply
New Not if it means that I have to go beyond W2K SP2!!!
Sorry, BillG(e) doesn't get implicit access to my machine! Sorry, BillG(e) doesn't get an inventory of the hardware and software of my machine! Sorry, BillG(e) doesn't get to deny me access to my machine because he may think I have a pirated version of his precious OS-surrogate!

I'll fucking give him the three-finger salute before that's going to happen.

And I'm contributing not one thing to the "Internet Horror" you so colorfully refer to (whatever the fuck that is...)
jb4
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT
Post #174,268
by inthane-chan
Picture of inthane-chan
9/14/04 4:52:15 PM
Reply
New Yes, you are.
The "internet horror" is the spread of worms (such as this little TFTP jobbie) that continues to infest computers that could otherwise be patched against it.

Migrate to Linux, go back to Win9x, or get the service packs.

At least stick yourself behind a hardware firewall, and turn off all port forwarding.

I've used this one to some success:

[link|http://www.newegg.com/app/ViewProductDesc.asp?description=33-122-008&depa=1|http://www.newegg.co...33-122-008&depa=1]
Powered by the Hammer of the Gods
Post #174,308
by jb4
Picture of jb4
9/14/04 7:10:43 PM
Reply
New Dude...I'm on DIALUP!
so how is a hardware firewall or doing anything with port forwarding going to help?

And go back to win9x?!? Riiiight...no chance for corruption there, nosiree!

Now, Linux...there's a solution. Once I get a distribution together (find a decent admin primer), I'm there. Might not be a bad idea to do all my internet prowling from within Linux....

But in the interim, a Three R's looks like it is in my future.

Note that all this started happening when I installed Real's spyware. I now have the "enterprise"/gold version that someone (possibly you) pointed me to, and I will install it once I get rid of this "problem".
jb4
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT
Post #174,318
by Another Scott
9/14/04 8:45:49 PM
Reply
New I used my D-Link DI-704P on dialup before I got cable...
You should have a hardware firewall. And not just to join the l337 who have one. :-) [link|http://z.iwethey.org/forums/render/content/show?contentid=50525|#50525].

There may not be a similar cheap firewall/switch box now for modems as external consumer modems are nearly at the Dodo end of the evolutionary stick. But check around.

Oh, and you should install SP4 too. MS says nothing about Activation being required and some web sites out there say that Win2k will never require Activation. [link|http://www.microsoft.com/windows2000/downloads/servicepacks/sp4/default.asp|SP4 home]. You should get the Network install version if you're paranoid, but use a non-infected machine to get it. It's 132 MB so you might want to see if someone at work has it and not try to do it over dial-up. ;-)

HTH. Luck!

Cheers,
Scott.
Post #174,322
by folkert
Picture of folkert
9/14/04 9:01:20 PM
9/14/04 9:01:39 PM
Reply
New Yep...
If you want I know of someone that has an ISO image of W2K-SP3 that is bootable and installable with no requirement to ever be activated... ever.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
Expand Edited by folkert Sept. 14, 2004, 09:01:39 PM EDT
Expand All History
Post #174,325
by deSitter
Picture of deSitter
9/14/04 9:05:47 PM
Reply
New What he said. What I said.
-drl
     Any ideas as to WTF is going on? - (jb4) - (53) - Sept. 1, 2004, 01:55:55 PM EDT
         Re: Any ideas as to WTF is going on? - (altmann) - (16) - Sept. 1, 2004, 05:28:34 PM EDT
             Thanx...BTW I'm running W2Ksp2 - (jb4) - (14) - Sept. 1, 2004, 05:49:33 PM EDT
                 I've got tons of systems on SP4 with no home-phoning. - (Silverlock) - (13) - Sept. 14, 2004, 10:16:32 PM EDT
                     OK, Now I'm confused... - (jb4) - (12) - Sept. 15, 2004, 10:00:04 AM EDT
                         Sigh. - (pwhysall) - (11) - Sept. 15, 2004, 10:07:43 AM EDT
                             What he said. - (Silverlock) - Sept. 15, 2004, 12:21:27 PM EDT
                             Unroll yer eyes, and use them to read! - (jb4) - (9) - Sept. 15, 2004, 01:33:36 PM EDT
                                 Wow, approaching Conrattitude! -NT - (deSitter) - (1) - Sept. 15, 2004, 01:48:26 PM EDT
                                     Conrattitude! /me likes! ;-) -NT - (jb4) - Sept. 15, 2004, 01:59:09 PM EDT
                                 Ooh, snippy. - (pwhysall) - Sept. 15, 2004, 02:35:00 PM EDT
                                 Oh, and I did. - (pwhysall) - (5) - Sept. 15, 2004, 02:36:35 PM EDT
                                     Yerah, but read for *contex*t, and you'll hafta admit... - (CRConrad) - (4) - Sept. 15, 2004, 02:49:23 PM EDT
                                         I know, I know... - (pwhysall) - (3) - Sept. 15, 2004, 02:50:40 PM EDT
                                             How the **** could I? Effing bastidge. -NT - (CRConrad) - (2) - Sept. 15, 2004, 03:46:36 PM EDT
                                                 buy ticket, fly over, drink beer, fly home, nurse hangover. -NT - (Steve Lowe) - (1) - Sept. 15, 2004, 04:00:20 PM EDT
                                                     Nurse Hangover? sounds like a chr from MASH -NT - (deSitter) - Sept. 15, 2004, 04:02:35 PM EDT
             Yep exactly - he's RPC exploited seems like -NT - (deSitter) - Sept. 1, 2004, 06:33:56 PM EDT
         Antivirus installed? - (pwhysall) - (23) - Sept. 1, 2004, 11:53:28 PM EDT
             Tried Avast? Very nice, very free - (deSitter) - (1) - Sept. 2, 2004, 12:18:57 AM EDT
                 Not tried, AVG is adequate. And free. -NT - (pwhysall) - Sept. 2, 2004, 12:22:34 AM EDT
             Yes...McAfee - (jb4) - (20) - Sept. 2, 2004, 10:09:45 AM EDT
                 AVG seems to be more... - (folkert) - (19) - Sept. 2, 2004, 03:02:37 PM EDT
                     What's the oldest Win 9X AVG will run on? - (lincoln) - (18) - Sept. 2, 2004, 05:59:57 PM EDT
                         Avast www.avast.com - (deSitter) - (2) - Sept. 2, 2004, 06:01:45 PM EDT
                             Arrr -NT - (altmann) - (1) - Sept. 2, 2004, 08:24:21 PM EDT
                                 scurrrrvay knave :) -NT - (deSitter) - Sept. 2, 2004, 09:04:14 PM EDT
                         Take a look here... - (folkert) - (14) - Sept. 2, 2004, 09:18:52 PM EDT
                             Thanks for finding the info! - (lincoln) - (1) - Sept. 3, 2004, 04:53:04 PM EDT
                                 No probs. -NT - (folkert) - Sept. 3, 2004, 10:12:35 PM EDT
                             Got it...didn't help...and its getting worse.... - (jb4) - (11) - Sept. 7, 2004, 12:08:56 PM EDT
                                 Re: what cpd.exe is? - (a6l6e6x) - (2) - Sept. 7, 2004, 12:40:00 PM EDT
                                     Caveat - (drewk) - Sept. 7, 2004, 12:59:03 PM EDT
                                     Thanks. - (jb4) - Sept. 8, 2004, 01:25:49 PM EDT
                                 Re: Got it...didn't help...and its getting worse.... - (deSitter) - (7) - Sept. 7, 2004, 04:11:25 PM EDT
                                     Service Pack 1a for what? - (jb4) - (6) - Sept. 8, 2004, 01:23:13 PM EDT
                                         Sorry, thought you were on XP - (deSitter) - (3) - Sept. 8, 2004, 01:28:07 PM EDT
                                             The trouble w/ SP>2 is - (jb4) - (2) - Sept. 9, 2004, 07:57:20 PM EDT
                                                 Re: The trouble w/ SP>2 is - (deSitter) - (1) - Sept. 9, 2004, 11:03:13 PM EDT
                                                     He's talking about an implementation in the license - (jake123) - Sept. 10, 2004, 04:15:44 PM EDT
                                         Re: Service Pack 1a for what? - (pwhysall) - (1) - Sept. 8, 2004, 05:08:31 PM EDT
                                             SP4 on W2K -NT - (deSitter) - Sept. 8, 2004, 05:59:49 PM EDT
         I found something you might want to do. - (folkert) - (11) - Sept. 11, 2004, 01:11:34 AM EDT
             Oooohh! Nice! - (jb4) - Sept. 13, 2004, 09:36:30 AM EDT
             Done! - (jb4) - (9) - Sept. 13, 2004, 09:59:03 PM EDT
                 How'd it do for you? - (folkert) - (8) - Sept. 14, 2004, 01:49:23 PM EDT
                     Well.... - (jb4) - (7) - Sept. 14, 2004, 04:21:13 PM EDT
                         !!! - (deSitter) - (6) - Sept. 14, 2004, 04:23:36 PM EDT
                             Not if it means that I have to go beyond W2K SP2!!! - (jb4) - (5) - Sept. 14, 2004, 04:42:06 PM EDT
                                 Yes, you are. - (inthane-chan) - (4) - Sept. 14, 2004, 04:52:15 PM EDT
                                     Dude...I'm on DIALUP! - (jb4) - (3) - Sept. 14, 2004, 07:10:43 PM EDT
                                         I used my D-Link DI-704P on dialup before I got cable... - (Another Scott) - (2) - Sept. 14, 2004, 08:45:49 PM EDT
                                             Yep... - (folkert) - Sept. 14, 2004, 09:01:39 PM EDT
                                             What he said. What I said. -NT - (deSitter) - Sept. 14, 2004, 09:05:47 PM EDT

DUUude...
235 ms