Metalworking (rec.crafts.metalworking) Discuss various aspects of working with metal, such as machining, welding, metal joining, screwing, casting, hardening/tempering, blacksmithing/forging, spinning and hammer work, sheet metal work.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #41   Report Post  
Erik
 
Posts: n/a
Default

In article ,
Dave Hinz wrote:

On Wed, 03 Aug 2005 16:46:50 GMT, Erik wrote:

Windows is not worth the trouble. It's a petri dish for virii.


Agreed.

http://www.apple.com

Erik

PS, Apple even came out with multi button mice yesterday!


Ehh...old news. You've been able to plug whatever the heck mouse into
an Apple for at least as long as they've been using USB. And, no driver
bull**** - it just works. But yeah, apple is now selling one; next time
I need a new mouse, I'll try one out.


Do your homework... doesn't sound like folks are doing backflips over
Apple's new mouse. It's a little pricey too.

Erik
  #42   Report Post  
Dave Hinz
 
Posts: n/a
Default

On Wed, 03 Aug 2005 16:02:21 -0500, Lawrence Glickman wrote:

I know what gunner can do. He can go to the website of his hd mfgr.
and download hd utilities like the ones that came from the factory
with his hd.


And yet, reformatting the drive, in whatever manner, may _still_ be the
wrong hammer to hit this problem with.

Anyhow, long story short, OS Re-install, and all that rubbish, if he
doesn't have a recent "image."


It depends.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~
Now question, Dave, does re-installing an image put down multiple
partitions as well as the data inside those partitions?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~


It depends.

Not that we know if he has an image. If he does not, shame shame
shame on somebody.


Eh...I think I've reached my quota of reading infantile insults for a
while.

I keep images on a USB HD that I keep for backup. It is 120 giga
bytes in capacity. Multiple images so I can go back, and get it all,
without having to hunt down program discs and data files. I even back
up data files ( the ones small enough ) to thumb drives. Taking few
chances these days,


Sounds like a cumbersome backup strategy, but as long as it's as good as
you can do, it's better than doing nothing.

I think I got a B+ in marbles and pencil sharpening.


I think I'd need to see documentation before I'd believe that.

  #43   Report Post  
Dave Hinz
 
Posts: n/a
Default

On Wed, 03 Aug 2005 21:11:27 GMT, Erik wrote:
In article ,
Dave Hinz wrote:

On Wed, 03 Aug 2005 16:46:50 GMT, Erik wrote:


PS, Apple even came out with multi button mice yesterday!


Ehh...old news. You've been able to plug whatever the heck mouse into
an Apple for at least as long as they've been using USB. And, no driver
bull**** - it just works. But yeah, apple is now selling one; next time
I need a new mouse, I'll try one out.


Do your homework... doesn't sound like folks are doing backflips over
Apple's new mouse. It's a little pricey too.


What homework? It's a mouse that costs 50 bucks and has a scrolldot or
something. I'll try it, and if it's not astonishingly better than what
I'm using now, I'll replace my logitech with another logitech. It's
just a mouse, it's not a big deal.


  #44   Report Post  
Lawrence Glickman
 
Posts: n/a
Default

On 3 Aug 2005 21:35:26 GMT, Dave Hinz wrote:

I think I got a B+ in marbles and pencil sharpening.


I think I'd need to see documentation before I'd believe that.


You seem to be a cocky little twit today. Is this your Pre Menstrual
Syndrome hormones acting up again? I've been told that Midol might
help.

HTH

Lg

  #45   Report Post  
Frank J Warner
 
Posts: n/a
Default

In article , Gunner
wrote:

My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

The #@$%!!! kid lost all acess to the network..his computer has been
removed from the net, and its not a computer Im going to fix. This was
the last straw.....his box just became a doorstop.


One word: Macintosh.

Nobody writes viruses for the Mac.

Don't be too hard on the kid. None of us were perfect back then.

-Frank

--
fwarner1-at-franksknives-dot-com
Here's some of my work:
http://www.franksknives.com/


  #46   Report Post  
wmbjk
 
Posts: n/a
Default

On 3 Aug 2005 20:09:49 GMT, Dave Hinz wrote:

Hard to know or care. Regardless of what the tool used in whatever
version of VirusOS he's running, arguing over how the "reformat the
disk" command is spelled in whatever variety of windows, is silly.


We might call that "whiffing a T-Ball silly" compared to the "Major
League grand-slam silly" of letting a 20-something year old "kid"
download crap onto a 4-computer 14-drive network that has no backups
because DVD writers are too expensive.

BTW, as I'm sure you know, XP CDs have a bootable repair console with
lots of handy idiot-proof and user-friendly tools. Sonny should make
amends by firing up one of those puppies and bangin' on the keyboard
for a while. Everything will be shipshape in no time. :-)

Wayne
  #47   Report Post  
Dave Mundt
 
Posts: n/a
Default

Greetings and Salutations...

On Wed, 03 Aug 2005 07:35:24 GMT, Gunner
wrote:

My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

The #@$%!!! kid lost all acess to the network..his computer has been
removed from the net, and its not a computer Im going to fix. This was
the last straw.....his box just became a doorstop.

Gunner

Yea...Got a couple of them.
1) Switch to Linux or BSD.
2) Password protect the firewall so nobody but YOU
can turn it off.

Now, as for cleaning things up... disconnect all the computers
from each other, and, do ANY cleanup you can in "safe" mode. Don't
reconnect ANY computer to the network until it is "known" clean...even
if that involves a complete reinstall of the OS. I would also
suggest downloading the latest patches for each system before it
goes into the local net again.
I would also suggest running a firewall on EVERY computer
on your network, not just the one doing the sharing. ZoneAlarm is
quite good, although if you take suggestion #1, you will have FAR
better tools available.
Good luck, man...this can be a PAINFUL and slow process. A
bit ago, my brother in law and I worked a solid 10 hour day
disinfecting and protecting an office with 25 systems or so. It
was not pretty, and, any clean up is a slow process.
I would also suggest a serious talk with the culprit about
the dangers of downloading ANYTHING from an untrusted source on the
Net. Pretty much, one has to treat that sort of thing like a gun.
It is always dangerous and always loaded. Also, it is best to
NOT be at the front of the crowd to download the latest and greatest
hacked toy. Warez are dangerous at best, and, are VERY often infected
with nasty bugs that get the pioneers first.
Regards
Dave Mundt
  #48   Report Post  
xmradio
 
Posts: n/a
Default

http://www.drivesnapshot.de/en/


good back up program....

xman






  #49   Report Post  
Lawrence Glickman
 
Posts: n/a
Default

On Wed, 3 Aug 2005 18:26:34 -0700, "xmradio"
wrote:

http://www.drivesnapshot.de/en/


good back up program....

xman


I've been using "Image for Dos" by Terabyte or some such.
The nice thing about it: if your OS is FUBAR, you just boot to a
floppy and type "image" without the quotes.

I was using Acronis before this, and Drive Image before that, but the
beauty of "Image for Dos" is you don't NEED an OS to do a complete
restore. The OS will be on the floppy in the form of freeDos.

Lg

  #50   Report Post  
Martin H. Eastburn
 
Posts: n/a
Default

SteveB wrote:

"Rifleman" wrote in message
...

"Gunner" Try this before you panic old friend
http://securityresponse.symantec.com...w32.licum.html

good luck and dont go to hard on the kid




Bull****. Go hard on the kid. Then ease up. This is something important
that he has to learn. Or you could just keep letting him download stuff and
keep cleaning up viruses. In the meantime, losing personal information and
having your computer used as a spambot for sending porn.

Oh, I forget. You're from Kalifornia. Better check with the kid first and
see how he feels about himself on this. Then check with the child
psychologist in your area. Then check with the CPS. It could be entirely
possible that YOU are the one they will go hard on for allowing this to
happen to your innocent child!

Steve


Got it there Steve - Just read about a 11 year old girl - remember kicking shins...-
She is charged with assault with a deadly weapon (a 2 pound rock) she threw at boys
that were throwing water balloons at her.

I think adult laws pressed on kids will never allow them to grow up correctly -
but kinked here and there. And I think the DA and COP have some improved learning
needed.

Martin


--
Martin Eastburn
@ home at Lion's Lair with our computer lionslair at consolidated dot net
NRA LOH, NRA Life
NRA Second Amendment Task Force Charter Founder

----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----


  #51   Report Post  
Dave Mundt
 
Posts: n/a
Default

Greetings and Salutations...

On Wed, 03 Aug 2005 20:52:47 -0500, Lawrence Glickman
wrote:

On Wed, 3 Aug 2005 18:26:34 -0700, "xmradio"
wrote:

http://www.drivesnapshot.de/en/


good back up program....

xman


I've been using "Image for Dos" by Terabyte or some such.
The nice thing about it: if your OS is FUBAR, you just boot to a
floppy and type "image" without the quotes.

This does look like a pretty good package. I am always
a TAD nervous by "image" programs as they sometime require that the
drive you restore to be EXACTLY like the drive that died...For
example, you might not be able to restore an image of a 40 gig
drive to a newer, 60 gig drive. I did not poke too far into
this one, but, it seems to be able to handle this ok.

I was using Acronis before this, and Drive Image before that, but the
beauty of "Image for Dos" is you don't NEED an OS to do a complete
restore. The OS will be on the floppy in the form of freeDos.

Lg

Simplicity of backup and restore is a VERY good thing.
If it is not simple...folks will NOT do it...and if they don't do it,
they WILL lose data.
Regards
Dave Mundt

  #52   Report Post  
The Watcher
 
Posts: n/a
Default

On Wed, 3 Aug 2005 08:11:41 -0700, "SteveB"
wrote:


"Rifleman" wrote in message
...

"Gunner" Try this before you panic old friend
http://securityresponse.symantec.com...w32.licum.html

good luck and dont go to hard on the kid



Bull****. Go hard on the kid. Then ease up.


I see no reason to ease up. The kid turned off the firewall (again). Looks like
he had some idea he knew what he wanted to do. Sounds to me like he used up all
the slack he had coming. :/
This is something important
that he has to learn.


What they referred to in the Army as a "significant emotional experience".

Or you could just keep letting him download stuff and
keep cleaning up viruses. In the meantime, losing personal information and
having your computer used as a spambot for sending porn.


And maybe wrecking his hard drive?
(snip)
  #53   Report Post  
Lawrence Glickman
 
Posts: n/a
Default

On Thu, 04 Aug 2005 08:54:46 GMT, xray
wrote:

On Thu, 04 Aug 2005 06:51:21 GMT, (The Watcher) wrote:

On Wed, 3 Aug 2005 08:11:41 -0700, "SteveB"
wrote:


"Rifleman" wrote in message
...

"Gunner" Try this before you panic old friend
http://securityresponse.symantec.com...w32.licum.html

good luck and dont go to hard on the kid



Bull****. Go hard on the kid. Then ease up.


I see no reason to ease up. The kid turned off the firewall (again). Looks like
he had some idea he knew what he wanted to do. Sounds to me like he used up all
the slack he had coming. :/
This is something important
that he has to learn.



What's all this firewall stuff got to do with it? Maybe I'm missing
something. Did this infection come from something the kid downloaded, or
just from a vulnerability that was opened up with the firewall down?
What did the kid want to do that motivated him to bypass the firewall?

I'm curious about exactly what caused the infection. I can see that if
you have more than one machine and there is an infection, that firewall
problems could let it spread, but where did this one come from?

None of this will help Gunner now, but maybe more details could help
others not get into the same situation.


Some websites ( for example **si ) require you to Turn Off your
firewall before you can download software. No doubt, this is how
-many- people get infected. Furthermore, a -lot- of stuff you can
download from nefarious sources DO contain trojans, viruses, and so
forth, so if you don't scan them first, you're going to get infected.

Lg

  #54   Report Post  
the seventh sign
 
Posts: n/a
Default

Lawrence Glickman wrote:
On Wed, 03 Aug 2005 14:16:55 -0500, the seventh sign
wrote:

Lee Michaels wrote:
"CanopyCo" wrote in message
oups.com...
Gunner wrote:
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

Just a heads up on the format option (should that be the rout that you
take);

Be sure to go the extra step and F Disk the drive too.
I have found that many PC Pelages will manage to dodge the format
attack, but cannot dodge the F Disk assault.

"F Disk"??

What is this?

Where do I find out more about it?


it is spelled wrong it is fdisk .
TSS


doesn't exist under Windows XP, but then gunner said he is running
linux.


Yes it does they made it a part of the original boot disk as you put
your OEM disk (Windows XP what ever the flavor) in the machine.
There is also a recovery console that you can use but talk about pain in
the ass to use. usually you have to use the CD that came with the system
to activate the recovery console then go from there.
Yes I am talking about Windows XP Pro. Like i said it is a pain in the
ass too.

you are correct in the fact it does not install fdisk to the system folder.

as for gunners Linux not working right here is what i suggest

In a console (command line with a shell)
Type "su" then enter
then your root password enter

Once done type dmesg then enter.
If you want it sent to a printer or txt file instead type "dmesg name
of text file.txt then enter for txt for printer "dmesg lpt0 or lpt1
depending on the number.
this will display more less the boot time messages and you can look for
ttyS0 or a line with ttyS in it.
Once found in the shell type " ln -s /dev/ttyS0 /dev/modem" links the
modem to a place more usable by the kppp and if up and if down dialing
programs. just be sure it corresponds with the ttyS number you find in
that dmesg.

Yes i dual boot with both and they pretty much both have too many bugs
but I'll take linux any day over MS due to the fact they bought gator
and relaxed their adware / malware setting on gator software.
Once adware / malware always adware / malware. there is no excuse for it
and there is no reprieve for it!.

TSS


  #55   Report Post  
Dave Hinz
 
Posts: n/a
Default

On Wed, 03 Aug 2005 17:10:01 -0500, Lawrence Glickman wrote:
On 3 Aug 2005 21:35:26 GMT, Dave Hinz wrote:

I think I'd need to see documentation before I'd believe that.


You seem to be a cocky little twit today. Is this your Pre Menstrual
Syndrome hormones acting up again? I've been told that Midol might
help.


I notice you go for an insult rather than addressing my real point,
which is that reformatting a drive to fix a virus is the last resort,
not a routine procedure to be followed. I also notice that your entire
"contribution" to this thread is to quibble about what "fdisk" is called
these days, and to spew bull****.

I further notice that this is nothing out of character for you.



  #56   Report Post  
Tom Gardner
 
Posts: n/a
Default

Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right Gunner?


"Dave Hinz" wrote in message
...
On Wed, 03 Aug 2005 14:33:02 GMT, Tom Gardner wrote:

"Gunner" wrote in message
...
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

snip

Like I tell my computer customers: "What did you do before you had
computers?...do that!"
Fdisk, format, install fresh OS.


A brute-force sledgehammer approach is rarely warranted. If there's
important data on the box, that isn't backed up, fixing it rather than
starting over is the appropriate course of action. Time/budget willing,
of course. I've only had to resort to format/reinstall (thinks) about
5% of the time, and usually it was in conjunction with a "You know, you
could use a bigger hard drive anyway".


You DO have back-ups of anything
important! When everything is perfect again, burn a DVD image. I feel
your
pain! If you screw around trying to fix it all you will spend three
times
the amount of time.


But, if he has important data on the system disk, it may be time well
spent.



  #57   Report Post  
Dave Hinz
 
Posts: n/a
Default

On Thu, 04 Aug 2005 16:19:28 GMT, Tom Gardner wrote:
Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right Gunner?


Nobody has perfect, up-to-the-minute backups of everything. And if you
do, a virus on one would be perfectly, up to the minute backed up to
them.

  #58   Report Post  
Lawrence Glickman
 
Posts: n/a
Default

On Thu, 04 Aug 2005 16:19:28 GMT, "Tom Gardner"
wrote:

Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right Gunner?


"Dave Hinz" wrote in message
...
On Wed, 03 Aug 2005 14:33:02 GMT, Tom Gardner wrote:

"Gunner" wrote in message
...
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A
snip

Like I tell my computer customers: "What did you do before you had
computers?...do that!"
Fdisk, format, install fresh OS.


================================================== ==============

Heinz the tomato wrote:

A brute-force sledgehammer approach is rarely warranted. If there's
important data on the box, that isn't backed up, fixing it rather than
starting over is the appropriate course of action.


Well dickweed, there is only one small problem with your *idea* which
you keep ignoring...there ISN'T a fix for W32/Gaelicum.A

What a JERK you are. I feel sorry for your parents; what they must
have suffered raising you as a child. Then again, maybe you never had
parents. Things like you are known to grow on the North side of trees
almost spontaneously.

Lg

  #59   Report Post  
Dave Hinz
 
Posts: n/a
Default

On Thu, 04 Aug 2005 11:50:53 -0500, Lawrence Glickman wrote:

Heinz the tomato wrote:


Wow, Lawrence, you really _are_ a waste of bits. plonk

  #60   Report Post  
wmbjk
 
Posts: n/a
Default

On 4 Aug 2005 15:30:27 GMT, Dave Hinz wrote:

reformatting a drive to fix a virus is the last resort,
not a routine procedure to be followed.


Normally yes, but we're talking about Gunnervision here, an outfit
that like most of us, is entirely comfortable with the concept of the
Darwin Awards. So in that same spirit, a reformat followed by drive
incineration is the appropriate remedy. No more off-topic posting of
political crap links from that 14-drive network? Oh the humanity! :-)

Wayne


  #61   Report Post  
Offbreed
 
Posts: n/a
Default

the seventh sign wrote:

ttyS0 or a line with ttyS in it.
Once found in the shell type " ln -s /dev/ttyS0 /dev/modem" links the
modem to a place more usable by the kppp and if up and if down dialing
programs. just be sure it corresponds with the ttyS number you find in
that dmesg.


There's an easier way to find that, that slips my mind at the moment. It
returns just the lines that might have the info you need.

There's something different wrong with RedHat 7.2 if that's what he is
messing with. Mine allows me on line for about 5 minutes, then something
times out and none of the browsers can find the net. I'm not going to
mess with it for a few months.

Another thing, anyone using an ISA true modem needs to create a sym link
(Linux talk for a shortcut) between dev/modem and the ttySn. I'm not
going to bother looking up my notes on it unless someone needs the info.
  #62   Report Post  
Offbreed
 
Posts: n/a
Default

Offbreed wrote:

There's something different wrong with RedHat 7.2


Damn. I mean "Fedora 2".
  #63   Report Post  
Martin H. Eastburn
 
Posts: n/a
Default

From what I recall - firewalls keep ftp geeks and the worse type out.
You can get e-mail just fine with or without.
Perhaps certain web pages might be inhibited. Mine watches what program
does what - e.g. download something or upload something else.
It also holds back the wolves.

Martin

xray wrote:

On Thu, 04 Aug 2005 06:51:21 GMT, (The Watcher) wrote:


On Wed, 3 Aug 2005 08:11:41 -0700, "SteveB"
wrote:


"Rifleman" wrote in message
...

"Gunner" Try this before you panic old friend
http://securityresponse.symantec.com...w32.licum.html

good luck and dont go to hard on the kid



Bull****. Go hard on the kid. Then ease up.


I see no reason to ease up. The kid turned off the firewall (again). Looks like
he had some idea he knew what he wanted to do. Sounds to me like he used up all
the slack he had coming. :/

This is something important
that he has to learn.



What's all this firewall stuff got to do with it? Maybe I'm missing
something. Did this infection come from something the kid downloaded, or
just from a vulnerability that was opened up with the firewall down?
What did the kid want to do that motivated him to bypass the firewall?

I'm curious about exactly what caused the infection. I can see that if
you have more than one machine and there is an infection, that firewall
problems could let it spread, but where did this one come from?

None of this will help Gunner now, but maybe more details could help
others not get into the same situation.



--
Martin Eastburn
@ home at Lion's Lair with our computer lionslair at consolidated dot net
NRA LOH, NRA Life
NRA Second Amendment Task Force Charter Founder

----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
  #64   Report Post  
BC
 
Posts: n/a
Default

Pull one of the infected drives off and attach
it to a good PC as drive D or such, manually
wipe out everything in the Temp folders under:
C:\Documents and Settings\username\Local Settings\Temp
Also do the same for the entire Temporary Internet Files
folder (You should keep the Temp folder but you can
just delete the entire Temporary Internet Files folder.)

Then run a sweep with a non-Norton, non-McAfee
antivirus (F-prot, Kapersky, Nod32, F-Secure, even
the AVG and AVAST! freebies are better) and
with Spybot Search & Destroy 1.4 and Ad-Aware.

Do a full update prior to the sweep.

Put the hard drive back and see what happens. If
some Windows files were deleted and you have an
XP (I'm assuming) Installation CD, you can try an
in-place "repair install" as described he
http://www.michaelstevenstech.com/XPrepairinstall.htm

As far as protection goes, your kid's PC should
have no access to anything on your PC's. Restart
in Safe mode and logon as Administrator, and then
change its password (it's blank, believe it or not, on
XP by default.) Install a good firewall like Kerio or
Sygate, not so much to detect break-in's but to
flag suspicious programs trying to access the
Internet or networked PC's. Microsoft's AntiSpyware
Beta actually isn't bad, but you might be put off by
the new "Genuine Advantage" validation crap.

Good luck.

-BC

  #65   Report Post  
Gunner
 
Posts: n/a
Default

On Wed, 03 Aug 2005 13:11:52 -0700, Offbreed
wrote:

Gunner wrote:

I have a linux box..which at the moment will not recognize that the
modem, which it does recognize and dials, is what I want to use for
internet access. It dials out properly and when I try to browse or use
Pan, or any internet acess program..cant find the net. I was using a
proxy server via one of the MS boxes prior to scrounging an external
modem.



Sounds like the problem I'm having with RedHat 7.2. (ISA modem, hardware
jumper for com port and IRQ)


Ive got a external modem on it. Linux likes externals as they are
pretty much cut and dried. Some of the new distros have decent
hardware scanning and can find internals..but..Ive never found an
internal that was really 100% compatable.

If I "run from CD", it works fine, recognizes the modem, dials out
properly, etc etc. But its much slower than having it installed on the
PC.

Ill load up Fedora over the weekend, as its next on my list of distros
to try and see what it does. I really like Mepis though....and the
latest Knoppix, both are pretty much plug and play.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli


  #66   Report Post  
Gunner
 
Posts: n/a
Default

On Wed, 03 Aug 2005 14:09:40 -0700, Offbreed
wrote:

Gunner wrote:
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A


What kind of firewall do you have?


Zone Alarm Pro. Port 139 was blocked off by ZA, until it was turned
off. Thats the port it exploits evidently.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #67   Report Post  
Gunner
 
Posts: n/a
Default

On Thu, 04 Aug 2005 08:54:46 GMT, xray
wrote:

On Thu, 04 Aug 2005 06:51:21 GMT, (The Watcher) wrote:

On Wed, 3 Aug 2005 08:11:41 -0700, "SteveB"
wrote:


"Rifleman" wrote in message
...

"Gunner" Try this before you panic old friend
http://securityresponse.symantec.com...w32.licum.html

good luck and dont go to hard on the kid



Bull****. Go hard on the kid. Then ease up.


I see no reason to ease up. The kid turned off the firewall (again). Looks like
he had some idea he knew what he wanted to do. Sounds to me like he used up all
the slack he had coming. :/
This is something important
that he has to learn.



What's all this firewall stuff got to do with it? Maybe I'm missing
something. Did this infection come from something the kid downloaded, or
just from a vulnerability that was opened up with the firewall down?
What did the kid want to do that motivated him to bypass the firewall?

I'm curious about exactly what caused the infection. I can see that if
you have more than one machine and there is an infection, that firewall
problems could let it spread, but where did this one come from?

None of this will help Gunner now, but maybe more details could help
others not get into the same situation.


He took the firewall down to do online gaming and chatting. He claimed
it would freeze his system or slow it down.

It now sucks to be him.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #68   Report Post  
Gunner
 
Posts: n/a
Default

On Thu, 04 Aug 2005 06:06:39 -0500, the seventh sign
wrote:


In a console (command line with a shell)
Type "su" then enter
then your root password enter

Once done type dmesg then enter.
If you want it sent to a printer or txt file instead type "dmesg name
of text file.txt then enter for txt for printer "dmesg lpt0 or lpt1
depending on the number.
this will display more less the boot time messages and you can look for
ttyS0 or a line with ttyS in it.
Once found in the shell type " ln -s /dev/ttyS0 /dev/modem" links the
modem to a place more usable by the kppp and if up and if down dialing
programs. just be sure it corresponds with the ttyS number you find in
that dmesg.

Yes i dual boot with both and they pretty much both have too many bugs
but I'll take linux any day over MS due to the fact they bought gator
and relaxed their adware / malware setting on gator software.
Once adware / malware always adware / malware. there is no excuse for it
and there is no reprieve for it!.

TSS



Thanks for the heads up on linux. Im still at the toddler stage as far
as commands and whatnot are concerned, and have been relying on GUI to
get things done. Ive got a couple Linux books, but they assume the
reader knows more than I do.

Sigh..and I was so comfortable with command line dos for years...

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #69   Report Post  
Gunner
 
Posts: n/a
Default

On Thu, 04 Aug 2005 14:44:56 GMT, Strabo
wrote:

In I got a computer virus...any suggestions? on Wed, 03 Aug 2005
07:35:24 GMT, by Gunner, we read:

My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

The #@$%!!! kid lost all acess to the network..his computer has been
removed from the net, and its not a computer Im going to fix. This was
the last straw.....his box just became a doorstop.

Gunner


As W32/Gaelicum.A is new and is apparently not fully understood,
I would erase the drive and start over.

Need better prevention.

First, you could use a router with a builtin firewall that
will block all queries to the vulnerable ports, 138, 139, etc.
that allow access to a computer. That way individual computer
firewalls become secondary.

Second, for guests or other users, you can isolate their
computers from others on your network.

Third, you can rig one computer on your network to be primary
and only allow changes to other computers and the router, to
come from this one. Then you can secure this computer by
password.

Im on dialup. Each computer has a modem. If I were on broadband..it
would be easy to set up a firewall/proxy server, and use it also for a
community (household) message board etc etc...but...there is no way Im
gonna pay $49,99 for cable modem, not when I dont even have basic
cable TV service. Cant afford it.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #70   Report Post  
Gunner
 
Posts: n/a
Default

On Thu, 04 Aug 2005 16:19:28 GMT, "Tom Gardner"
wrote:

Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right Gunner?


Actually..about 3 weeks old but only data. Ive got a DAT drive on the
server that Ive used to make periodic backups of the various data
files. Simply because the tapes only hold 8 gigs compressed..and it
takes a fair amount of time to write even one tape, let alone swapping
10 of them, which is what it takes to do the the most basic backup
for the network.

Gunner



"Dave Hinz" wrote in message
...
On Wed, 03 Aug 2005 14:33:02 GMT, Tom Gardner wrote:

"Gunner" wrote in message
...
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A
snip

Like I tell my computer customers: "What did you do before you had
computers?...do that!"
Fdisk, format, install fresh OS.


A brute-force sledgehammer approach is rarely warranted. If there's
important data on the box, that isn't backed up, fixing it rather than
starting over is the appropriate course of action. Time/budget willing,
of course. I've only had to resort to format/reinstall (thinks) about
5% of the time, and usually it was in conjunction with a "You know, you
could use a bigger hard drive anyway".


You DO have back-ups of anything
important! When everything is perfect again, burn a DVD image. I feel
your
pain! If you screw around trying to fix it all you will spend three
times
the amount of time.


But, if he has important data on the system disk, it may be time well
spent.



Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli


  #72   Report Post  
Norm Dresner
 
Posts: n/a
Default

"Gunner" wrote in message
...
On Thu, 04 Aug 2005 14:44:56 GMT, Strabo
wrote:

Im on dialup. Each computer has a modem. If I were on broadband..it
would be easy to set up a firewall/proxy server, and use it also for a
community (household) message board etc etc...but...there is no way Im
gonna pay $49,99 for cable modem, not when I dont even have basic
cable TV service. Cant afford it.

Gunner

I've used a program called WinProxy for years with a dial-up setup in which
we had one computer which was -- more-or-less -- just the proxy server and
the other computers got internet access from it through the home-office
network. In addition to centralizing all problems, the program has
(more-or-less) built-in spam and virus blockers ... AND ... it only costs
one dial-up connection for everyone.

We're using a second (legal) copy of it on a second machine now for the DSL
connection, but our e-mail is still on the dial-up.

To answer your next questions, we have 5 Windows machines, 3 SGI
workstations, and three rack-mounted chassis with removable drives that run
any combination of DOS, Linux, and Windows. The default (and cheapest)
WinProxy license will handle 3 users simultaneously -- but they can be on 3
out of as many machines as you have as long as no more then 3 are actively
communicating with the server. They have other licenses for 5, 10, and many
more users too.

Norm

  #73   Report Post  
Gunner
 
Posts: n/a
Default

On Fri, 05 Aug 2005 13:50:58 GMT, "Norm Dresner"
wrote:

"Gunner" wrote in message
.. .
On Thu, 04 Aug 2005 14:44:56 GMT, Strabo
wrote:

Im on dialup. Each computer has a modem. If I were on broadband..it
would be easy to set up a firewall/proxy server, and use it also for a
community (household) message board etc etc...but...there is no way Im
gonna pay $49,99 for cable modem, not when I dont even have basic
cable TV service. Cant afford it.

Gunner

I've used a program called WinProxy for years with a dial-up setup in which
we had one computer which was -- more-or-less -- just the proxy server and
the other computers got internet access from it through the home-office
network. In addition to centralizing all problems, the program has
(more-or-less) built-in spam and virus blockers ... AND ... it only costs
one dial-up connection for everyone.

We're using a second (legal) copy of it on a second machine now for the DSL
connection, but our e-mail is still on the dial-up.

To answer your next questions, we have 5 Windows machines, 3 SGI
workstations, and three rack-mounted chassis with removable drives that run
any combination of DOS, Linux, and Windows. The default (and cheapest)
WinProxy license will handle 3 users simultaneously -- but they can be on 3
out of as many machines as you have as long as no more then 3 are actively
communicating with the server. They have other licenses for 5, 10, and many
more users too.

Norm


I was using Proxy +. very powerful, very versitile. Something of
learning curve due to its many features. But on a dialup...after the
second computer goes on line..things get really really slow.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #74   Report Post  
the seventh sign
 
Posts: n/a
Default

Gunner wrote:
On Thu, 04 Aug 2005 06:06:39 -0500, the seventh sign
wrote:

In a console (command line with a shell)
Type "su" then enter
then your root password enter

Once done type dmesg then enter.
If you want it sent to a printer or txt file instead type "dmesg name
of text file.txt then enter for txt for printer "dmesg lpt0 or lpt1
depending on the number.
this will display more less the boot time messages and you can look for
ttyS0 or a line with ttyS in it.
Once found in the shell type " ln -s /dev/ttyS0 /dev/modem" links the
modem to a place more usable by the kppp and if up and if down dialing
programs. just be sure it corresponds with the ttyS number you find in
that dmesg.

Yes i dual boot with both and they pretty much both have too many bugs
but I'll take linux any day over MS due to the fact they bought gator
and relaxed their adware / malware setting on gator software.
Once adware / malware always adware / malware. there is no excuse for it
and there is no reprieve for it!.

TSS



Thanks for the heads up on linux. Im still at the toddler stage as far
as commands and whatnot are concerned, and have been relying on GUI to
get things done. Ive got a couple Linux books, but they assume the
reader knows more than I do.

Sigh..and I was so comfortable with command line dos for years...

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli


Ask and I'll teach you up to the limits of what i know.
which is enough to get you going in the system.
Tell me which distro and I'll tell you what manually needs fixed.

The grep command i think will work too.
in command line "dmesg | grep ttyS" thanks to Jamie's post.

If you want to see how open your box is type in command line "ps -aux"
and hit enter you would be surprised. It will show you ports (access
lines to the net) that are open and what is using them.

TSS

WARNING!: ZoneAlarm 6.0.631.003 if installed as an upgrade totally
screwed up my system! it turned off all the programs i said were good
and disallowed network connections. it also saw parts of microsoft power
toys as a virus. just a heads up. It is turning into a piece of crapware
like the MS wares it is suppose to protect.
It has taken me 2 hours to figure out how to fix it.
I had to delete the multiple entries of various programs and allow them
manually so they could connect to the net.
I have lost full automatic functions of ZA pro.
Manually doing this stuff is like pulling teeth with out a 1/5 of
whiskey first.
  #75   Report Post  
Offbreed
 
Posts: n/a
Default

Gunner wrote:

If I "run from CD", it works fine, recognizes the modem, dials out
properly, etc etc. But its much slower than having it installed on the
PC.


G Then what you need is "in there, somewhere" when you are up on the CD.

You can sometimes install the CD distro on a hard drive.


  #76   Report Post  
Tom Gardner
 
Posts: n/a
Default

Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right
Gunner?


Actually..about 3 weeks old but only data. Ive got a DAT drive on the
server that Ive used to make periodic backups of the various data
files. Simply because the tapes only hold 8 gigs compressed..and it
takes a fair amount of time to write even one tape, let alone swapping
10 of them, which is what it takes to do the the most basic backup
for the network.

Gunner


What could you possibly need that much stuff for? Clean house!


  #77   Report Post  
Gunner
 
Posts: n/a
Default

On Sat, 06 Aug 2005 02:21:12 GMT, "Tom Gardner"
wrote:

Agreed...but, Gunner has perfect, up-to-the-minute back-ups...right
Gunner?


Actually..about 3 weeks old but only data. Ive got a DAT drive on the
server that Ive used to make periodic backups of the various data
files. Simply because the tapes only hold 8 gigs compressed..and it
takes a fair amount of time to write even one tape, let alone swapping
10 of them, which is what it takes to do the the most basic backup
for the network.

Gunner


What could you possibly need that much stuff for? Clean house!

Ive got a library of military training manuals, cookbooks of both
culinary and high energy items, plans, owners manuals, machine tool
manuals, thousands of photos of machine tools, friends, family, some
videos, several CDs such as Win3.11, Win95Se, XP Pro, Win2000 (server
runs under Win2k), various distros of Linux etc etc etc.

My personal computer has 2 40gig hard drives, and attached is an
elderly HP stack of disks...5 80 gig scsi drives, plus floppy, CD-R,
Zip and Syquest drives.

The server is a dual pentium 800mhz with 1 gig of ram, 2 40 gig IDEs,
5 hotswap 80 gig scsis.

The little linux box under the server (KVM 4 port switch handles
everything) is the retard of the group, with only 2 20 gig scsi
drives, and a single 20 gig IDE with 512 ram.

Everything is running through a 3com 24 port 100T switch, which also
has a Linksys dual band wireless transceiver, which connects my lap
top (when I want to network) and the small 450 mhz box out in the
shop, which has my Machinist toolbox, etc etc software on it. I can
and do often take a break from working and post via Agent and a proxy
server. A lot of my weekend posts are done from out in the shop.
Occasionally friends will come over and rifle through my ebooks,
diagrams etc using the wireless acess mode with their laptops and a
wireless card.

Well protected and they cant access the entire net, just a few
machine related directories.

The kids box was a screamer...and is now a door stop for the
foreseable future. Sucks to be him.

Gunner

Liberals - Cosmopolitan critics, men who are the friends
of every country save their own. Benjamin Disraeli
  #78   Report Post  
Tom Gardner
 
Posts: n/a
Default

So, as times change we tend to accumulate different stuff. Our lives will
be evaluated by how many terabytes we left behind. I'll bet somebody will
try to figure out how to tax our accumulated data! At least for the sake of
the people cleaning-up after the funeral, it's not paper!


  #79   Report Post  
Richard Lewis
 
Posts: n/a
Default


http://housecall.trendmicro.com/

ral




Gunner wrote:

On Wed, 03 Aug 2005 09:09:43 -0700, Stuart Grey
wrote:


Gunner wrote:
My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

The #@$%!!! kid lost all acess to the network..his computer has been
removed from the net, and its not a computer Im going to fix. This was
the last straw.....his box just became a doorstop.

Gunner


I thought you ran linux? Oh well.


I have a linux box..which at the moment will not recognize that the
modem, which it does recognize and dials, is what I want to use for
internet access. It dials out properly and when I try to browse or use
Pan, or any internet acess program..cant find the net. I was using a
proxy server via one of the MS boxes prior to scrounging an external
modem.

My wife does that a lot. She has the only windows machine on my net.

I made backup of a complete, clean, fresh install on DVD. When she
downloads a virus/trojan/spyware, I just back up a few of her files and
then fdisk her disk and then re-install. And I make sure her machine
cannot touch any other machine on the network. No SAMBA, no nothing.

Windows is not worth the trouble. It's a petri dish for virii.


If I had a DVD recorder, Id have made DVD backups. I dont.


Gunner




  #80   Report Post  
Gunner
 
Posts: n/a
Default

On a whim..I ran the TrendMicro online virus checker called Housecall
on one of the least effected boxes..and it found 167 versions of a
virus called Tenga.A..which appears to be similar enough to Gaelicum.A
to register. This on my kids box btw.

I let it try to heal or recover the 167 infected files..all .exe files
btw...and it appears to have done just that. Subsequent scans by other
programs didnt find any viruses, so now Ill try to do the same to the
server. My box is so infected that it will not boot except in safe
mode..which also doesnt allow the modem to be used..sigh. In regular
mode, it logs on, logs off, logs on, logs off..all by its lonesome, so
Ill have to deal with that..

So I may be able to save most of the files. insert deity of your
choice willing.


Gunner

Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
neural-live electrical-wiring to computer ? Thomas Electronics Repair 42 December 27th 04 04:04 PM
Grounding for Computer Equipment - Overreacting? Jim Home Ownership 19 December 12th 04 07:21 PM
Possible damage to computer and TV after installation by Comcast Subcontractors John Smith Electronics Repair 5 November 5th 04 04:31 AM
Shop computer question PrecisionMachinisT Metalworking 32 July 5th 04 05:38 AM
Compaq Computer dead -install HD wrong way Wdyorchid Electronics Repair 7 August 20th 03 01:40 AM


All times are GMT +1. The time now is 11:53 AM.

Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 DIYbanter.
The comments are property of their posters.
 

About Us

"It's about DIY & home improvement"