Get a damn firewall !!!!!!!!!!!!!!!

[Russ]

<< the trojan must be running on the victim pc in order to accept commands!!!! the only way a program can be run is if the user executes it!!! there is no way to execute a file on somebody elses computer! >>



Wrong. If the hacker accesses your share, he just drops in the trojan. The trojan runs and makes all the changes necessary to give him control over your system, INCLUDING executing programs.

It makes registry changes, system.ini changes, win.ini changes and replaces whatever files are necessary to give remote control to the hacker.

If the user actually had to do ANYTHING, hackers would not be nearly as successful as they are.

You remind me of my insurance agent who thought he knew what he was talking about. Until his system completely crashed and I found seven different trojans on it.

He never installed a damned thing himself. But he did leave his port 139 wide open with file and print sharing bound to TCP/IP.

You just keep basking in that ignorance and sooner or later, you'll be the next victim.

Russ, NCNE

 

[josphstalinator]

Wrong. If the hacker accesses your share, he just drops in the trojan. The trojan runs and makes all the changes necessary to give him control over your system, INCLUDING executing programs.

wrong, read descartes post

AGAIN copying a file to somebody's pc and running it remotely doesnt do jack to the other pc. the user of the computer that you want to infect has to execute the file or give you permission to attach the file to a service aka registry, startup folder, win.ini

 

[josphstalinator]

If the user actually had to do ANYTHING, hackers would not be nearly as successful as they are.

bwuhahaha, your an idiot!

 

[Russ]

No, sonny, you're the idiot. Read this, and learn something. Note that one of the MANY things this particular trojan can do is execute files.

Plenty of people who NEVER open an eMail attachment are infected with trojans. It does NOT require deliberate action on the part of the user.

It does, however, require the kind of stupidity and &quot;they'll never get me&quot; arrogance that you display.

Russ, NCNE

 

[josphstalinator]

your idiocy amazes me!!! in order for sub7 to work it must be running on the victim pc! so the question is: how do you get it to run on somebody elses computer? the user has to execute it!

 

[Eug]

Hmmm... As far as my less-than-well-educated mind sees it, Joseph Stalin is correct. Correct me if I'm wrong.

EDIT: About subseven I mean.

 

[josphstalinator]

Umm... no? josphstalinator is absolutely correct.

Hmmm... As far as my less-than-well-educated mind sees it, Joseph Stalin is correct.

<Nelson from the simpsons> HA HA </Nelson from the simpsons>

 

[Eug]

<< <Nelson from the simpsons> HA HA </Nelson from the simpsons> >>


Now, now... Anyways, I'd take my statement with a grain of salt, since I'm no network expert. However, there are some good reads on some of the antivirus sites.

 

[bonkers325]

<< What's a &quot;firewall&quot;? Isn't that something in a racecar?

Russ, NCNE >>



lol

 

[Thanatopsis]

JosephStalinator,

If someone has access to your windows directory, all they have to do is place the program in the windows / startup directory. The program will execute the next time the person starts windows.

However, I don't know if you can copy a file to someone else's hard drive and get it to execute, without restarting and without a trojan running.

 

[josphstalinator]

Now, now... Anyways, I'd take my statement with a grain of salt, since I'm no network expert. However, there are some good reads on some of the antivirus sites.

thats actually a good idea. since i know im right i think ill just search norton or mcafee's faq then post a link. russ will still probably insist that file sharing allows some kind of remote admin privlages though.

 

[Russ]

Eug,

Sorry, but the idiot is dead wrong.

Here moron:



<< SubSeven can be sent as an email attachment that, once executed, can display a customized message to deceive the victim and mask the true intent of the program.

Infection can also occur through unprotected shares of the hard drive, when a user permits unauthorized read and write access. Such a situation allows an attacker to place the Trojan into the appropriate directories and edit the registry so that the SubSeven server is initialized every time the computer reboots. In this scenario, the end-user is completely unaware that infection has occurred since he or she was not required to perform any particular action. >>




Read.

I'll be awaiting your apology, twerp.

Russ, NCNE

 

[Eug]

<< If someone has access to your windows directory, all they have to do is place the program in the windows / startup directory. >>

Good point. I guess both are right. It does take the end user to activate it, even if activating it just means rebooting the computer.

EDIT: Russ, your post is noted. I guess I should have taken my own advice and read the info from the antivirus websites. Anyways, I am too tired to learn any more today. Good nite all...

 

[Thanatopsis]

<< Infection can also occur through unprotected shares of the hard drive, when a user permits unauthorized read and write access. Such a situation allows an attacker to place the Trojan into the appropriate directories and edit the registry so that the SubSeven server is initialized every time the computer reboots. In this scenario, the end-user is completely unaware that infection has occurred since he or she was not required to perform any particular action. >>



That's what I posted in my message above. So, you're right Russ that a trojan can be installed without the user doing anything. However, I think JosephStalinator was thinking that a hacker could copy a file to a remote machine and execute it, without the machine restarting. I am not sure if that is possible though.

 

[chiwawa626]

im not waisting my cpu cycles for a firewall!!! until somthing bad happens to me becasuse i dont have a firewall

 

[Russ]

Thanatopsis,

No, that's not what he said. Read his posts. He claimed that the user HAD TO EXECUTE THE TROJAN for it to be installed. He's wrong. Now, we'll see if he's man enough to admit it. I doubt it.

Russ, NCNE

 

[josphstalinator]

<< SubSeven can be sent as an email attachment that, once executed, can display a customized message to deceive the victim and mask the true intent of the program.

Infection can also occur through unprotected shares of the hard drive, when a user permits unauthorized read and write access. Such a situation allows an attacker to place the Trojan into the appropriate directories and edit the registry so that the SubSeven server is initialized every time the computer reboots. In this scenario, the end-user is completely unaware that infection has occurred since he or she was not required to perform any particular action. >>

reread this thread idiot. i have stated many times that these are the only two ways. you on the other hand seem to think that executing a file remotely is the same as executing the file locally.

 

[Russ]

I said from the very beginning that it occurs when access to shares is allowed.

Since you probably also have a short memory to go along with your obviously low IQ, I'll repeat what you said a few posts back:



<< in order for sub7 to work it must be running on the victim pc! so the question is: how do you get it to run on somebody elses computer? the user has to execute it! >>



Now, the facts:



<< In this scenario, the end-user is completely unaware that infection has occurred since he or she was not required to perform any particular action. >>



Nice try. Give up. Take it like a man, sonny. I'll repeat: Move on, you're lost.

Russ, NCNE

 

[josphstalinator]

ill quote myself

AGAIN copying a file to somebody's pc and running it remotely doesnt do jack to the other pc. the user of the computer that you want to infect has to execute the file or give you permission to attach the file to a service aka registry, startup folder, win.ini


now you

I said from the very beginning that it occurs when access to shares is allowed.

ahahahahahahahah you still dont get it! &quot;it&quot; occurs when WRITE access is allowed. simply sharing your files poses no threat!

 

[josphstalinator]

Since you probably also have a short memory to go along with your obviously low IQ, I'll repeat what you said a few posts back:



<< in order for sub7 to work it must be running on the victim pc! so the question is: how do you get it to run on somebody elses computer? the user has to execute it! >>


EXACTLY CORRECT. if there is no write access then the user must execute the file! simple as that

 

[Russ]

Here's a clue for you numbnuts: Write permission is automatic for the VAST majority of files in a Windows 95 or 98 machine.

Come on, just admit you have no idea what you were talking about.

Russ, NCNE

 

[Linux23]

My money is on Russ!

This is a very interesting thread BTW!

 

[josphstalinator]

&quot;read-only&quot; is default, the user must select &quot;full&quot;

try it and you will see

at least your implying that sharing alone isnt a threat, which is opposite of what youve been implying

 

[josphstalinator]

Write permission is automatic for the VAST majority of files in a Windows 95 or 98 machine.

what are you talking about? are you talking about accessing files over a network or on a local machine?

let me explain it to you a little more clearly, so a 5 year old can understand it

there are two ways to get sub7 on somebody's computer:

1.) the user downloads the file and runs it

2.) the user is sharing his files and has enables full access, then the &quot;hacker&quot; adds the file to the startup folder, or points to it via the registry or win.ini

simply sharing files posses no threat which is exactly the opposite of what you claim (see my sig)

 

[josphstalinator]

&quot;read-only&quot; is default, the user must select &quot;full&quot;

try it and you will see

at least your implying that sharing alone isnt a threat, which is opposite of what youve been implying

actually i take it back. i think what your referring to is files that are local which is irrelavant. remote access is the key, not local