Ed Mullen wrote:
>This is idiotic to the max.
>This entire issue is bogus
I have found that a simple filter removes all of the noise from
this newsgroup. I have set my filters to not display anything that
is crossposted to alt.comp.freeware. The remailing posts are all
high quality and on-topic.
--
Guy Macon
<http://www.GuyMacon.com/>
Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> Beauregard T. Shagnasty wrote:
>>> Me Here wrote:
>>>> If you have other tabs open that you want to keep viewing, then yes,
>>>> it's a good immediate, albeit 'temporary' solution to the problem.
>>>> I say temporary because using a Hosts file isn't a good solution.
>>>> Many malware sites scan and remove their listings from hosts files
>>>> (and even locking it via the read-only attribute won't protect
>>>> you).
>>> What? You are gonna have to find reliable cites for that nonsense.
>>>
>>>> They do it by making you log into a benign site first (one that
>>>> isn't blocked) and using that to remove their entry from your Hosts
>>>> file before redirecting you and trapping your browser. Even
>>>> running free FireFox addons such as NoScript won't protect you
>>>> unless you've been caught before and know not to allow the site
>>>> access to Java or JS.
>>> More bollox.
>> Ahh ****it, I wasn't going to do your homework but I just couldn't
>> help Googling to see how many links popped up - so many I just shook
>> my head and laughed. Of course, wikipedia was among the top 3...
>
> Hey, I don't have to do homework; you are the one who made the
> statements and I asked for cites. Why should I have to prove - or
> disprove - your claims.
>
>> Here's two to start you off explaining why hosts files by themselves
>> aren't secure and how easily they get hijacked:
>>
>> http://en.wikipedia.org/wiki/Hosts_file
>
> Micha already answered the point about how a website hijacking the hosts
> file isn't possible.
>
It *IS* possible, that's the point - websites can, and do, do that. Why
does *his* statement pass without so much as a cite whereas mine is
required to produce fact (which I gave). Where are *his* cites? Why do
you believe *his* statement and not mine? Because it supports *your*
point of view? READ the damn links I gave you and then do some damn
research yourself.
> My hosts file is located here: /etc/hosts
> What host file manager would you recommend I use?
There are several freeware ones I used to use before I changed to
OpenDNS. Google Hostfile manager and I'm sure you'll find them.
>
>> Next time, please Google and get your facts right before slighting
>> someone else's post.
>
> <lol> Next time, don't write statements like "Many malware sites scan
> and remove their listings from hosts files" that aren't true.
>
Of course it's true. Even the damn links I gave you proved it. Malware
isn't just downloaded programs you know..... or do you... hmmmm.
> And like Micha, I don't have any anti- anything software on my computer
> either.
>
It is true, there is a sucker born ever minute. It's only a matter of
time (if it hasn't happened yet) before you get bent over.
--
Me Here
After filing the largest corporate bankruptcy in history, Worldcom stock
closed at $0.14 on Monday which leaves consumers with the dilemma. Do
you buy one share of Worldcom stock, or 2 minutes of MCI long distance?
Dennis Miller Live 07/26/2002.
Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> Beauregard T. Shagnasty wrote:
>>> Me Here wrote:
>>>> ... Many malware sites scan and remove their listings from hosts
>>>> files (and even locking it via the read-only attribute won't
>>>> protect you).
>>> What? You are gonna have to find reliable cites for that nonsense.
>> Oh, just so I don't get the wrong idea - are you saying that malware
>> can't change the hosts file or that you've never heard of it being
>> done?
>
> And just so you don't think I have no knowledge of the subject, I'm
> saying that your statement "Many malware sites ..." [I assume that means
> web sites] is false.
It's not false. You obviously have a problem with either reading or
English. If malware sites couldn't do anything to your computer, why
the hell are browser companies so worried about security now-a-days? Of
course malware sites can effect your computer.
Micha is right though, a properly secured browser reduces the chances of
this happening quite significantly.
As for ActiveX, only a fool runs that crap. Worst nightmare MS ever
introduced into the internet (IMHO).
--
Me Here
"First they came for the Communists but I was not a Communist so I did
not speak out. Then they came for the Socialists and the Trade
Unionists but I was not one of them, so I did not speak out. Then they
came for the Jews but I was not Jewish so I did not speak out. And
when they came for me, there was no one left to speak out for me."
hummingbird wrote:
> On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
> wrote this on alt.comp.freeware:
>
>> Tom wrote:
>>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>>
>>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>>> browser; kill it.
>>> Very inelegant.
>>>
>>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>>
>>> When you restart Firefox, it asks if you want to open all the old tabs,
>>> but, of course, that will just open the quicksand site all over again.
>>>
>>> So, without editing the hosts file and shift reloading, you're forced to
>>> say NO to reloading your old tabs ... and you lose them all.
>>>
>>> That's why you don't kill the browser session.
>>>
>>> Luckily we found a single-click way to solve the problem (type "start ->
>>> run -> hosts, add the offending domain, and shift reload the browser). This
>>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!
>
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you). They do it
>> by making you log into a benign site first (one that isn't blocked) and
>> using that to remove their entry from your Hosts file before redirecting
>> you and trapping your browser.
>
> Good point MH. I've never experienced that trick, especially since
> I started safe hexing, but I am aware it can happen.
>
> These days, I seem to be safe with a hosts file to block unwanted
> sites, plus a supplementary program or two (SpyWareBlaster etc).
>
>
>> Even running free FireFox addons such as
>> NoScript won't protect you unless you've been caught before and know not
>> to allow the site access to Java or JS. You should really be running
>> an IP blocking program like PeerGuardian or if that is too much hassle,
>> do what I do and use OpenDNS. I'm sure there are other solutions, those
>> two just spring to mind. My advice, if you don't want this happening
>> again and you're the type that's likely to run across sites like these
>> often, is to do a bit of research into blocking methods and choose the
>> one that best suits your need.
>
>
As I said, a hosts file is great, so long as you protect it otherwise it
becomes pointless. Many programs out there now protect things like Home
pages and hosts files simply because security companies are aware that
they are easily hijacked with things like WSH or ActiveX (or even a
crappy FF addon).
--
Me Here
Don't let your education interfere with your intelligence. -- unknown
hummingbird wrote:
> On Mon, 14 Jul 2008 07:53:16 -0400 'Beauregard T. Shagnasty'
> wrote this on alt.comp.freeware:
>> And like Micha, I don't have any anti- anything software on my
>> computer either.
>
> You're out of your depth Shagnasty. Accept it and go fishing.
That's funny...
> There are plenty of people who surf unprotected and are at risk of
> getting clobbered by websites containing malware. A HOSTS file is no
> absolute guarantee of safety.
Of course not, and I did not say it was.
> [HEALTH WARNING]
> If you switch off all your security s/w and surf to this website,
> see what happens: www.pricelessware.org
Ok, I did. I see a ~1995-coding-style web site with many lists of free
Windows software. What was supposed to happen?
--
-bts
-Friends don't let friends drive Windows
Me Here wrote:
> Beauregard T. Shagnasty wrote:
>> And like Micha, I don't have any anti- anything software on my
>> computer either.
>
> It is true, there is a sucker born ever minute. It's only a matter
> of time (if it hasn't happened yet) before you get bent over.
You are apparently assuming I am using a Windows operating system.
--
-bts
-Friends don't let friends drive Windows
On Mon, 14 Jul 2008 10:36:59 -0400 'Beauregard T. Shagnasty'
wrote this on alt.comp.freeware:
>hummingbird wrote:
>
>> On Mon, 14 Jul 2008 07:53:16 -0400 'Beauregard T. Shagnasty'
>> wrote this on alt.comp.freeware:
>>> And like Micha, I don't have any anti- anything software on my
>>> computer either.
>>
>> You're out of your depth Shagnasty. Accept it and go fishing.
>
>That's funny...
:-)
>> There are plenty of people who surf unprotected and are at risk of
>> getting clobbered by websites containing malware. A HOSTS file is no
>> absolute guarantee of safety.
>
>Of course not, and I did not say it was.
>
>> [HEALTH WARNING]
>> If you switch off all your security s/w and surf to this website,
>> see what happens: xxx.pricelessware.org
>Ok, I did. I see a ~1995-coding-style web site with many lists of free
>Windows software. What was supposed to happen?
Well, several months ago, if you had no security running that
website was discreetly transferring you to a URL based in HK
and downloading a trojan onto your system and running it to take
you over. A recent poster reported a similar problem only a coupla
days ago on ACF. I believe a malicious a-frame was installed by
hackers. Much debate here about it on ACF at the time.
After I got hit by it, I added the URL into my HOSTS file to
prevent myself ever going there again in error.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
On Tue, 15 Jul 2008 00:16:33 +1000 'Me Here'
wrote this on alt.comp.freeware:
>
>hummingbird wrote:
>> On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
>> wrote this on alt.comp.freeware:
>>
>>> Tom wrote:
>>>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>>>
>>>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>>>> browser; kill it.
>>>> Very inelegant.
>>>>
>>>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>>>
>>>> When you restart Firefox, it asks if you want to open all the old tabs,
>>>> but, of course, that will just open the quicksand site all over again.
>>>>
>>>> So, without editing the hosts file and shift reloading, you're forced to
>>>> say NO to reloading your old tabs ... and you lose them all.
>>>>
>>>> That's why you don't kill the browser session.
>>>>
>>>> Luckily we found a single-click way to solve the problem (type "start ->
>>>> run -> hosts, add the offending domain, and shift reload the browser). This
>>>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!
>>
>>
>>> If you have other tabs open that you want to keep viewing, then yes,
>>> it's a good immediate, albeit 'temporary' solution to the problem. I
>>> say temporary because using a Hosts file isn't a good solution. Many
>>> malware sites scan and remove their listings from hosts files (and even
>>> locking it via the read-only attribute won't protect you). They do it
>>> by making you log into a benign site first (one that isn't blocked) and
>>> using that to remove their entry from your Hosts file before redirecting
>>> you and trapping your browser.
>>
>> Good point MH. I've never experienced that trick, especially since
>> I started safe hexing, but I am aware it can happen.
>>
>> These days, I seem to be safe with a hosts file to block unwanted
>> sites, plus a supplementary program or two (SpyWareBlaster etc).
>>
>>
>>> Even running free FireFox addons such as
>>> NoScript won't protect you unless you've been caught before and know not
>>> to allow the site access to Java or JS. You should really be running
>>> an IP blocking program like PeerGuardian or if that is too much hassle,
>>> do what I do and use OpenDNS. I'm sure there are other solutions, those
>>> two just spring to mind. My advice, if you don't want this happening
>>> again and you're the type that's likely to run across sites like these
>>> often, is to do a bit of research into blocking methods and choose the
>>> one that best suits your need.
>>
>>
>
>As I said, a hosts file is great, so long as you protect it otherwise it
>becomes pointless. Many programs out there now protect things like Home
>pages and hosts files simply because security companies are aware that
>they are easily hijacked with things like WSH or ActiveX (or even a
>crappy FF addon).
Yeah, I must think about protecting my own hosts file. I think
SpyWareBlaster offers this feature.
[rushes off to check]
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
On this special day, Tom wrote:
> No. Nothing works except to kill firefox and not restart with all the same
> tabs all over again.
Strange. I just looked at this presumed antivirus 2009 (with FireFox 3)
and closed the tab. No problems at all. I have Java (not JavaScript)
disabled generally and will allow exceptions only to specific sites
that I will list.
As soon as I had installed FF3, I opened the JavaScript Expanded Button
and unchecked all except for the topmost box, which is "move or resize
existing windows" (which can still be abused IMHO but cannot do much
harm - at least I do hope so)
Maybe this is the soluton.
Gabriele Neukam
Gabriele.Spamfighter.Neukam@t-online.de
--
No I am not a troll. Just a beginner and lazy!!!!!!!!!!!
(leepeach in alt.comp.virus, asked why (s)he was repeatedly asking the
same question)
hummingbird wrote:
> 'Beauregard T. Shagnasty' wrote:
>> hummingbird wrote:
>>> [HEALTH WARNING]
>>> If you switch off all your security s/w and surf to this website,
>>> see what happens: xxx.pricelessware.org
>
>> Ok, I did. I see a ~1995-coding-style web site with many lists of
>> free Windows software. What was supposed to happen?
>
> Well, several months ago, if you had no security running that website
> was discreetly transferring you to a URL based in HK and downloading
> a trojan onto your system and running it to take you over. A recent
> poster reported a similar problem only a coupla days ago on ACF. I
> believe a malicious a-frame was installed by hackers. Much debate
> here about it on ACF at the time.
So that was a Windows trojan then? Ok, I understand. To become
infected, you probably needed to be using a Windows OS, probably
Internet Explorer, probably allowing ActiveX, probably don't have
patches to stop malicious iframe redirection (which is quite common on
hacked sites). [I guess you meant iframe, rather than a-frame.]
> After I got hit by it, I added the URL into my HOSTS file to prevent
> myself ever going there again in error.
If you got hit by this trojan, then which of the above were you not
securing yourself from? Windows/IE/ActiveX/patches/iframes ?
--
-bts
-Friends don't let friends drive Windows
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote