SLUG Mailing List Archives - Re: [chat] Re: [SLUG] [OT] Someone trying to hack me

To: chat slug <slug-chat@xxxxxxxxxxx>
Subject: Re: [chat] Re: [SLUG] [OT] Someone trying to hack me
From: Jeffrey Borg <jeffrey@xxxxxxxxx>
Date: Wed Sep 19 23:54:01 2001

yeah and so far today in about 13 hours I have had
/sbin/iptables -L TUXPACKET -n | wc -l
   1091

so 1091-8 = 1083 rules to block infected m$ boxes.

and many of those are still knocking.

I wish I could sue microsoft, because that's the common problem here. I
mean we have 1083 boxes, 3 worm authors, 1 os manufacturer.

By that logic it must be the os manufacturers fault.

so that's microsoft. where do I ask to get my money for wasted bandwidth?

Oh make the count 1087 now an extra 4 new machines just good hooked.


I can only wonder can netfilter cope with this many rules :-)

On Wed, 19 Sep 2001, Ken Foskey wrote:

>
> Some of us are stuck with the economic reality of working on Windows.
> This means we have to have the real article hanging around somewhere.
> Why do you think there is cygwin?
>
> I admit that the message was better placed in Chat than in the full
> list, slamming the guy many times is probably not going to win any
> windows converts browsing our archives.  One post, 'try your luck on
> chat and dont post directly windows questions here' would be better.
>
> I feel like I am playing mother hen, I appologise for that but I want
> more people to come into the Linux fold.  That means showing an even keel.
>
> Some porting actually requires people to have Windows and Linux, one
> would be their preferred platform however.
>
> To answer the questions...
>
>
> > I am convinced someone is trying to hack me, or crack rather. I am sitting
> > on a dialup connection, and there's strange traffic happening. Even when I'm
> > not FTP'ing or anything, I see I have sent out like half a megabyte or
> > something.
>
> >
> > I am using Windows 98 SE on this particular connection.
>
>
> As noted elsewhere there is a new virus going around, minda.  there is a
> fix in network associates site so check there.
>
> I get regular hits on my cable modem at present from code red, I do not
> run an open web server.  Optus sent out a note saying expect this for
> ever and ever.  Basically there are moronic Windows users that would
> never patch their boxes.
>
> > Is there a packet sniffer for Windows that I can sit on the connection to
> > inspect all incoming and outgoing traffic, and get the IP address of the
> > other side, etc?
>
>
> Cant help, windows tools I know of are either expensive or awful.  As
> suggested,  a real firewall around Linux is cheap and reliable.  I have
> a P100 and have no problems at all on a cable modem.
>
> > What is the best firewall that I can install for Windoze 98?
>
>
> As mentioned elsewhere zonealarm.  I have heard nothing but good reports
> on it.   The vunerability is that it is so popular so it must be subject
> to specific attacks at some point.
>
> Good luck,
> KenF
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://lists.slug.org.au/listinfo/slug-chat
>

Follow-Ups:
- Re: [chat] Re: [SLUG] [OT] Someone trying to hack me
  - From: Andre Pang

References:
- [chat] Re: [SLUG] [OT] Someone trying to hack me
  - From: Ken Foskey

Messages sorted by: [ date | thread ]
Prev by Date: [chat] Re: [SLUG] [OT] Someone trying to hack me
Next by Date: [chat] Re: [SLUG] www.thiefware.com
Previous by thread: [chat] Re: [SLUG] [OT] Someone trying to hack me
Next by thread: Re: [chat] Re: [SLUG] [OT] Someone trying to hack me