Go Back   Wireless and Wifi Forums > News > Newsgroups > alt.computer.security
Register FAQ Forum Rules Members List Calendar Search Today's Posts Advertise Mark Forums Read

 
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-05-2006, 05:20 PM
john
Guest
 
Posts: n/a
Default Security Compromised

It has become apparent that someone has manged to get my ip address from
postings to newsgroups. Their emails subjects and sender, fictious of
course, to my in box, contain phrases making it quite clear they object
to my posts. I never open them.
This of course means my every communication including on line bill
paying is now probably hacked.
What can I do to stop these hackers?
Since I promptly deleted these emails I don't have anything to give my
provider right now. No doubt that I have posted this it will be quiet
for a while. I just thought it was coincidence the first several suspect
emails or I would have informed the provider.
I have the usual firewalls and security and spy ware detectors. It seems
all pretty much useless, it seems, from this, and what others have said.

Reply With Quote
  #2 (permalink)  
Old 12-05-2006, 07:14 PM
Todd H.
Guest
 
Posts: n/a
Default Re: Security Compromised

john <@global.net> writes:

> It has become apparent that someone has manged to get my ip address
> from postings to newsgroups. Their emails subjects and sender,
> fictious of course, to my in box, contain phrases making it quite
> clear they object to my posts. I never open them.


You may be coming to a rash conclusion. It's possible that you may
just be getting spam that correlates to things you've posted.

Have you ever posted to usenet with a replyable email address?

You IP address may have nothing to do with it.

> This of course means my every communication including on line bill
> paying is now probably hacked.


> What can I do to stop these hackers?


If you think you've been hacked, for peace of mind, the best thing to
do is backup your data to an external drive, disconnect from the
network, to insert original windows media, reboot, and reinstall
including repartitioning the disk and reformating. Then, plug in
behind a hardware firewall router, and run windows update to get the
latest security updates.

> Since I promptly deleted these emails I don't have anything to give my
> provider right now. No doubt that I have posted this it will be quiet
> for a while. I just thought it was coincidence the first several
> suspect emails or I would have informed the provider.


What makes you think it's gone beyond coincidence?

Having your IP address from your posting headers doesn't help anyone
send email to your account unless you happen to be in the rather
unusual situation of running your own SMTP server.

You may just be getting spam or email hack attempts that synthesize
words you have posted online, perhaps by an automated mean, or if
someone has it out for you they could be manually mailing you these
things if there is any suspicion that they could track down a real
email address for you to do so.

> I have the usual firewalls and security and spy ware detectors. It
> seems all pretty much useless, it seems, from this, and what others
> have said.


What are the names of these? It's possible that you may have used
some rogue anti-malware software that may be spying on you.

--
Todd H.
http://www.toddh.net/

Reply With Quote
  #3 (permalink)  
Old 12-05-2006, 09:07 PM
erewhon
Guest
 
Posts: n/a
Default Re: Security Compromised


> Wouldn't a proper configuration or the Windows Firewall provide the same
> effect?


No. It wouldn't.

You really have no clue do you?



Reply With Quote
  #4 (permalink)  
Old 12-05-2006, 11:32 PM
Todd H.
Guest
 
Posts: n/a
Default Re: Security Compromised

Sebastian Gottschalk <seppi@seppig.de> writes:

> Todd H. wrote:
>
> > Then, plug in behind a hardware firewall router, and run windows update to
> > get the latest security updates.

>
> Wouldn't a proper configuration or the Windows Firewall provide the same
> effect?


It would require one to trust a software firewall on an unpatched
machine for the time it takes for updates to be downloaded and
applied, and as such, not something I'd recommend when effective
hardware firewalls can be had for $50.

Best Regards,
--
Todd H.
http://www.toddh.net/

Reply With Quote
  #5 (permalink)  
Old 12-07-2006, 03:47 PM
Todd H.
Guest
 
Posts: n/a
Default Re: Security Compromised

Sebastian Gottschalk <seppi@seppig.de> writes:

> But the most important point: What's wrong with that after all? If you want
> to communicate, you have to able to receive communication, and therefore
> you'll also receive unsolicited communcation ("spam"). So what? That's what
> spam filters are good for, and Bayesians filters do an excellent job after
> some initial training. Therefore, the usually proposed spam problem doesn't
> exist.


Latest numbers I've seen put spam% at 91% of internet email. Toss a
usenet address into the mix, and my own sampling indicates nearly 4
nines worth of it.

On certain addresses, Bayeian filters aren't keeping up, and why sign
up for the extra cpu load and crap to sort through?

The days of a replyable address on usenet are long gone I'm afraid.

--
Todd H.
http://www.toddh.net/

Reply With Quote
  #6 (permalink)  
Old 12-07-2006, 07:06 PM
Todd H.
Guest
 
Posts: n/a
Default Re: Security Compromised

Sebastian Gottschalk <seppi@seppig.de> writes:

> So? I just want to click on "reply to poster via eMail", type in my message
> and send it - am I really that unnormal?


Yes.

Because the normal people have come to realize that the RFC was
written before the spam explosion, and that it's an acceptable
tradeoff for folks to munge or otherwise attempt to thwart harvesting
vs the ability for Sebastian to click reply to sender without having
to do some editing or non-machine like thinking.

And hell, in your scenario, what's the point if it has to go to a
bitbucket email address anyway?

If there were extremely effective antispam solutions that were
pervasive, this wouldn't be an issue, but the spam war is being lost.

> Or are you just an idiot?


I think you're a bit off your pedantic rocker here Sebastian.

--
Todd H.
http://www.toddh.net/

Reply With Quote
  #7 (permalink)  
Old 12-07-2006, 10:33 PM
Todd H.
Guest
 
Posts: n/a
Default Re: Security Compromised

Sebastian Gottschalk <seppi@seppig.de> writes:

> Guess you're living in another universe. Or you're just stupid. Bayesian
> filters at the back-end do an excellent job, at least for private users.
> Told to you by someone who uses his mail address almost anywhere on the WWW
> as well as on Usenet.


You'd be wrong on several counts.

I deal with a lot of messages every day that spamassassin misses, and
one of the several tests these spams are missing on are Bayes tests.
There are techniques around Bayes.

So what bayes engine are you using that's so effective?


--
Todd H.
http://www.toddh.net/

Reply With Quote
  #8 (permalink)  
Old 12-08-2006, 04:31 AM
kurt wismer
Guest
 
Posts: n/a
Default Re: Security Compromised

Todd H. wrote:
> Sebastian Gottschalk <seppi@seppig.de> writes:
>
>> But the most important point: What's wrong with that after all? If you want
>> to communicate, you have to able to receive communication, and therefore
>> you'll also receive unsolicited communcation ("spam"). So what? That's what
>> spam filters are good for, and Bayesians filters do an excellent job after
>> some initial training. Therefore, the usually proposed spam problem doesn't
>> exist.

>
> Latest numbers I've seen put spam% at 91% of internet email. Toss a
> usenet address into the mix, and my own sampling indicates nearly 4
> nines worth of it.
>
> On certain addresses, Bayeian filters aren't keeping up, and why sign
> up for the extra cpu load and crap to sort through?
>
> The days of a replyable address on usenet are long gone I'm afraid.


no problems here... i post with my real address and over the past week
i've gotten about 2 spams per day, almost all of them caught by
thunderbird's junk mail filter...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Reply With Quote
  #9 (permalink)  
Old 12-08-2006, 10:58 PM
kurt wismer
Guest
 
Posts: n/a
Default Re: Security Compromised

Jim Watt wrote:
> On Fri, 08 Dec 2006 00:31:33 -0500, kurt wismer <kurtw@sympatico.ca>
> wrote:
>
>> no problems here... i post with my real address and over the past week
>> i've gotten about 2 spams per da

>
> I get around three hundred and am willing to forward
> them to you if you feel left out :)


no thanks... i'm happy with my inbox the way it is...

> They are well filtered out, but occasionally a good one
> goes too. We all deserve a better replacement system
> for email.


well, thunderbird can whitelist mail from addresses in your address
book, which should cut down the chances of false positives in the junk
mail filter for most use cases (if you regularly get legitimate mail
from strangers then such a whitelist won't help of course)...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Reply With Quote
Reply


« Re: locksky | Report of Remailer abusers December 9th, 2006 »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Vulnerability in ... Security Alert comp.security.misc 0 01-26-2007 10:40 AM
Corrupt NTFS filesystem Citizen Bob alt.comp.hardware 144 11-11-2006 07:38 PM
FBI Monitoring Your Computer And Reading Material re. Patriot Act tightwad alt.computer.security 2 11-08-2005 09:21 AM
The Sidewinder G2 Security Appliance includes the only firewall that has never had a CERT advisory posted against it Ipeefreely alt.computer.security 5 10-08-2005 09:15 PM
Call For Chapter - Book in Enterprise IT Security : Invitation for chapter proposal Francine HERRMANN comp.security.misc 0 08-29-2005 05:00 PM


All times are GMT. The time now is 11:57 AM.



Powered by vBulletin® Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 PL2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45