Get a damn firewall !!!!!!!!!!!!!!!

[Russ]

<< &quot;read-only&quot; is default, the user must select &quot;full&quot; >>



You just get dumber by the minute. The ONLY files that are read only by default are some of the system files, DLLs and VXDs. The trojan doesn't need to even use any of these in most cases. When it does, it just deletes it, and replaces it with it's own version.



<< at least your implying that sharing alone isnt a threat, which is opposite of what youve been implying >>



Even more inanity from the ignorant one. Here is exactly what I said right out of the gate:



<< If you have port 139 open (NetBIOS), and have unprotected shares while having TCP/IP bound to file and print sharing any hacker worth his salt can log in to your system and install anything he wants. >>



This is absolute fact, and I've already proven it true, and you an idiot. Give it up, already.

Russ, NCNE

 

[Russ]

<< actually i take it back. i think what your referring to is files that are local which is irrelavant. remote access is the key, not local >>



Okay, I'll repeat one more time. Now, read this very s l o w l y and try to comprehend it:



<< Infection can also occur through unprotected shares of the hard drive, when a user permits unauthorized read and write access. Such a situation allows an attacker to place the Trojan into the appropriate directories and edit the registry so that the SubSeven server is initialized every time the computer reboots. In this scenario, the end-user is completely unaware that infection has occurred since he or she was not required to perform any particular action. >>



Since read AND write are granted by default for most files on a Win95/98 machine, all the user has to do is be STUPID enough, as clearly you are, to say to the world: &quot;Here are my shares, have at them.&quot;

Once it's there, and the user doesn't have to do ANYTHING but expose his shares, remote access is enabled.

Get it, yet?

Russ, NCNE

 

[josphstalinator]

<< &quot;read-only&quot; is default, the user must select &quot;full&quot; >>



You just get dumber by the minute. The ONLY files that are read only by default are some of the system files, DLLs and VXDs. The trojan doesn't need to even use any of these in most cases. When it does, it just deletes it, and replaces it with it's own version.

IN ORDER FOR THE TROJAN TO WORK IT MUST BE EXECUTED ON THE VICTIMS MACHINE
weather or not files on the victims computer are read only or full is irrelavent, what is relavent is weather or not users that connects via the network has full access cause thats the only way to install the trojan. you need full access to put the file to the startup directory or point to it in win.ini or the registry, THAT IS FACT

so you are not vulnerable to a hacker unless you execute files that are malicious or give other uses full access. simply sharing files poses no threat!!

do you just not get it??????!!!!!!! in order for the trojan to work it must be executed!!!! that is the problem

 

[Russ]

<< IN ORDER FOR THE TROJAN TO WORK IT MUST BE EXECUTED ON THE VICTIMS MACHINE >>



THE USER DOES NOT HAVE TO EXECUTE IT. They only have to leave the machine open for the placement of the trojan. Unless you take definitive steps to prevent it, the machine is automatically open.

Windows 95 and 98 bind TCP/IP to file and print sharing by default. Most files are write eneabled BY DEFAULT. Unless you unbind the protocol, you expose your shares every time you connect to the web.

Why don't you stop barfing up garbage long enough to READ? You do know how to read, don't you? Hard to tell by the ignorance that keeps emanating from that hole in your face.

Russ, NCNE

 

[josphstalinator]

Since read AND write are granted by default for most files on a Win95/98 machine, all the user has to do is be STUPID enough, as clearly you are, to say to the world: &quot;Here are my shares, have at them.&quot;

i finally see the problem. you dont understand the difference between:

right click on a folder and choose properties then look at the attributes
and
right click on a folder and choose file sharing and look at access type

these are two different things. a files attributes can be anything cause if the user selects &quot;full&quot; under access type then he can change the attributes at will

attributes = irrelavent
access type = VERY important

a user can have his files shared but have access marked as read-only (default choice), in that case the user that is connecting to that computer can not change the attributes thus they cant write to the startup folder or edit win.ini or the registry (cause of read-only access)

 

[Russ]

<< so you are not vulnerable to a hacker unless you execute files that are malicious or give other uses full access. simply sharing files poses no threat!! >>



What exactly did you think I meant with &quot;unprotected shares&quot; in this statement? Duh.



<< If you have port 139 open (NetBIOS), and have unprotected shares while having TCP/IP bound to file and print sharing any hacker worth his salt can log in to your system and install anything he wants. >>





<< right click on a folder and choose file sharing and look at access type >>



It doesn't matter one bit what the access is on individual folders. If drive C is an unprotected share, ALL folders are accesible. This is a known (apparently not by some) vulnerability in Win95/98.

If you want to argue that users can take steps to protect themselves, well gee golly whiz, what the hell have I been saying?

You, in your blissful ignorance, have been claiming invulnerability by doing NOTHING:



<< in order for sub7 to work it must be running on the victim pc! so the question is: how do you get it to run on somebody elses computer? the user has to execute it! >>



You're wrong, you know you're wrong, and everybody reading this knows you're wrong. Do you really want to continue making a complete fool of yourself?

Russ, NCNE

 

[jacobnero6918]

Well not one to jump in a fight here but from what I understand these trojans can sit on webpages and be downloaded while you surf. Then if the program is written in a way that it will self execute because say Internet Explorer(opera, Navigator or any common app) is running.

This idea that it wont operate if you don't install it or execute it seems wrong.

 

[Russ]

<< This idea that it wont operate if you don't install it or execute it seems wrong. >>



It is wrong. The twerp just doesn't have the balls to admit he stepped on his dick.

Russ, NCNE

 

[josphstalinator]

oh please. as descartes pointed out you alluded that executing files from a remote box is the same as executing it from a local box.

then you imply that a file attributes make somebody vulnerable over network, which isnt the case at all

You, in your blissful ignorance, have been claiming invulnerability by doing NOTHING:

absolutely not. all ive ever said is that sharing files poses no threat, but allowing WRITE access does

You're wrong, you know you're wrong, and everybody reading this knows you're wrong. Do you really want to continue making a complete fool of yourself?

bwuhahahaha, obviously you havnt read posts from any of the other users

 

[josphstalinator]

<< This idea that it wont operate if you don't install it or execute it seems wrong. >>



It is wrong. The twerp just doesn't have the balls to admit he stepped on his dick.

Russ, NCNE


lol. just listen to yourself. look at my sig. you flat out say remotely running an exe will have some kind of harmful effect on the other computer

 

[monto]

love my linksys, cheap (relatively) too!

 

[josphstalinator]

This idea that it wont operate if you don't install it or execute it seems wrong.

only IF you allow random users to have write access, which ive stated time and time again

 

[Russ]

<< all ive ever said is that sharing files poses no threat, but allowing WRITE access does >>



Now, you've resorted to lying. You said:



<< for somebody to use your comp in a DOS attack you would have had to install the trojan on your machine. theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections. the user has to install it or be tricked into instaling it. >>



The user does not have to do anything. I've proven you're wrong on that, again and again.

And, one more time, because you seem to have a major problem with comprehending simple concepts:

Allowing write access is the DEFINITION of unprotected shares. This is exactly what I said in the beginning.

In any event, you feel free to wallow in your stupidity, then one day when you fire up your system and find you've been compromised because you're just too smart for all those hackers, have fun.

As for me, I have no more desire to make you look foolish this evening. I'm headed home.

Russ, NCNE

 

[vektor]

Isnt this post just a spin off of the post about steves web site(Denial of Service Attack).I think it was made last week some time if Im not mistaken.

 

[josphstalinator]

first you claim that running exe's on somebody's pc over the network is the same as running it locally. WRONG

then you imply that a file attributes make somebody vulnerable over network, which isnt the case at all. WRONG listen to yourself:
The ONLY files that are read only by default are some of the system files, DLLs and VXDs.
you dont even understand that this is completely irrelavent

<< in order for sub7 to work it must be running on the victim pc! so the question is: how do you get it to run on somebody elses computer? the user has to execute it! >>

excuse the fvck out of me for not including the &quot;or if write access is granted&quot; disclaimer, which i do specifically state several posts later to clarify

 

[Russ]

Here's your quote again, just so the people who don't read the whole thread will know how full of crap you are:



<< for somebody to use your comp in a DOS attack you would have had to install the trojan on your machine. theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections. the user has to install it or be tricked into instaling it. >>



Now, I'm out of here.

Russ, NCNE

 

[josphstalinator]

Duh. It's called file shares. If you have port 139 open (NetBIOS), and have unprotected shares while having TCP/IP bound to file and print sharing any hacker worth his salt can log in to your system and install anything he wants.

you keep refering to this as if this statement is correct. THIS STATEMENT IS FALSE. a hacker can log into the system only if he has written to the disk AND the computer has been restarted which must be done locally. writing to the disk does not give permissions to the remote user. the act of adding to the startup, registry, or win.ini AND restarting is what does it.

 

[RedFox1]

I think Russ is right -- an external user could definitely rig an unsuspecting machine to run a malicious script, or to install something that he placed on it.

-RedFox1

 

[josphstalinator]

an external user could definitely rig an unsuspecting machine to run a malicious script, or to install something that he placed on it.

which is my point exactly.

 

[josphstalinator]

Here's your quote again, just so the people who don't read the whole thread will know how full of crap you are:



<< for somebody to use your comp in a DOS attack you would have had to install the trojan on your machine. theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections. the user has to install it or be tricked into instaling it. >>



Now, I'm out of here.

Russ, NCNE


that statement is 100% correct.

[edit] and if its false then explain how its false. tricking a user to running a file via startup or attaching a trojan to a random exe file that the user willing executes are the only two ways. if you know of another way then id like to here it[/edit]

 

[Russ]

<< a hacker can log into the system only if he has written to the disk AND the computer has been restarted which must be done locally. >>



Yeah, and nobody ever restarts their Windows machine.

Russ, NCNE

 

[josphstalinator]

<< a hacker can log into the system only if he has written to the disk AND the computer has been restarted which must be done locally. >>



Yeah, and nobody ever restarts their Windows machine.


so you dont think that this method is considered a &quot;trick&quot;??

i stand by my statement:

<< for somebody to use your comp in a DOS attack you would have had to install the trojan on your machine. theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections. the user has to install it or be tricked into instaling it. >

 

[Russ]

<< for somebody to use your comp in a DOS attack you would have had to install the trojan on your machine. theres no way somebody can put the trojan on your comp even if all your ports are open and accept random connections. the user has to install it or be tricked into instaling it.

that statement is 100% correct. >>



I've already proven to everyone here that the statement is false. The user doesn't have to do a damned thing. At least take the time to read the material at the link I posted. You'll look less foolish.

Russ, NCNE

 

[josphstalinator]

I've already proven to everyone here that the statement is false. The user doesn't have to do a damned thing. At least take the time to read the material at the link I posted. You'll look less foolish.

the user must restart the computer [edit]and allow write access[/edit]

 

[Thanatopsis]

Well, now that you both agree that you disagree that you agree about the same thing, I think this thread is winding down...