Re: Extremely odd thing with Giganews DMCA?
- From: roadburner <roadburner^at^comcast^dot^net>
- Date: Mon, 19 Sep 2005 18:21:40 -0400
On Mon, 19 Sep 2005 13:45:11 -0700, traveler <noreply@xxxxxxxxxxxxx> wrote:
>On Mon, 19 Sep 2005 08:13:50 -0400, roadburner
><roadburner^at^comcast^dot^net> wrote:
>
>>I was reading APAS a few minutes ago via Giganews.
>>
>>A message popped up on the screen asking me about transferring bookmarks. I
>>looked at the taskbar and saw it was Firefox. I assumed it was asking me if I
>>wanted to transfer my IE bookmarks to it. Neither IE or Firefox were running
>>at the time.
>>
>>I answered the popup with OK. Next, Firefox opened up the following page:
>>http://www.giganews.com/dmca.html
>>
>>The only things running at the time were Mercury, OE, and News Agent.
>>
>>Grisoft AVG, MS Antispyware, and PGP were running in tray.
>>
>>Has anyone else had this happen? I am not now or ever have posted or
>>downloaded any copyrighted materials. I have had this account with them for
>>about 1 1/2 years.
>>
>>How in the heck did that happen? I checked my Firefox bookmarks and sure
>>enough, it looks like it transferred my IE bookmarks into it. But the page I
>>referred to that popped up was not one of the bookmarked pages.
>>
>>I should add that this is a new PC. I have only set it up this weekend so
>>there are very few bookmarks. It is a Dell with XP Pro and the way it was
>>shipped included Dell bookmarks. The Dell bookmarks got transferred to
>>Firefox. That is how I know for sure it was Firefox asking to transfer
>>bookmarks.
>>
>>Anybody have any clues as to what fired things off? Kind of scarey. I would
>>hate to think that Giganews can control Firefox on this PC. Should I dump
>>Firefox? Is there some exploit in it? I installed Firefox because I thought it
>>was secure. How the heck could it be remotely turned on? Remember, it wasn't
>>running at the time. It was remotely started by someone else.
>>
>>Could it be I got a trojan? Don't know how. Everything on this PC (not much)
>>is legit software. Nothing strange.
>>
>>Really wondering what the heck is going on? How? Why that page? Makes me
>>nervous as all get out.
>>
>>AVG has completed a test of everything without finding any thing.
>>
>>Regards,
>>roadburner
>
>Try scanning for spyware, adaware from Lavasoft and spybot are pretty
>good, then install spyware blaster to keep the spy's off your system,
>all are freeware.
After giving it a great deal of thought, I think I may have opened myself up
for an attack. I had been running a Tor node on my main PC. To operate it, I
had to port forward ports 9001 and 9030. The main PC used to be at
198.168.0.2. I reconfigured the network to make the new PC that local IP. My
intention was to leave that box strictly as a Tor node and remailer in the
end.
I was in the process of setting it up this weekend, the whole works, UPS for
the PC, router, and cable modem, a minimal amount of software. In reality, it
is pretty barebones, Firefox, JV16 Power tools, Forte Agent, AVG antivirus,
PGP (but no keyrings, they are on a USB stick in my shirt pocket), Mercury, a
UPS monitor, and a USB KVM software switch, and the rest all of the MS
updates, MS firewall, MS antispyware, etc. and any little odds and ends that
ship with a barebones Dell. Forte agent was installed so I could get some help
from the remops in APAS setting up a remailer and walking me through setting
up Mercury. They kindly obliged me. I have all other local connections like
printer and file sharing turned off. I used Firefox to download a copy of
Mercury To get Mercury to work, I had to port forward 25. I neglected to put
on a software firewall and only permit connections to those ports through Tor
or Mercury. That I planned to do next.
The main PC has a Symatecs firewall that only permitted Tor to access those
ports. All Tor nodes, their IPs and open Tor ports are listed on the net. Over
the past month and a half, the firewall logs showed 3 attacks. The firewall is
setup to shut down all connections if the attack is severe enough. On each
occasion, the firewall closed all connections.
After taking my keys of the main PC, I started the task of setting up the box.
I hadn't finished, but got things like Mercury working.
You can see the fun I had by my posts in APAS :(
Since the PC will be running sensitive software, I decided to reformat the
disk and do a reinstall tonight. I'll reinstall the minimum software I need
tonight too.
That will, in the end, probably take less time and less worries since it will
be running sensitive software and encryption keys will reside on it.
Of course it will be disconnected from the Internet until everything is setup
and the proper protections put into place. Better safe than sorry. It won't be
used for surfing or anything else so I'll lock it down tighter than a drum. I
won't even install Firefox or Agent. I'll switch back and forth between the
main PC and the dedicated server PC via the USB KVM switch until I have it
setup and secure.
Thanks all, I will put in spyware blaster and adaware just in case my kids do
something foolish and accidentally switch to that box.
(like me, sheepish smile ;)
My warmest regards to everyone,
roadburner
.
- References:
- Extremely odd thing with Giganews DMCA?
- From: roadburner
- Extremely odd thing with Giganews DMCA?
- Prev by Date: Re: PGP VS BestCryp...
- Next by Date: Netherlands to track kids from birth,article link and cite
- Previous by thread: Re: Extremely odd thing with Giganews DMCA?
- Next by thread: Re: Extremely odd thing with Giganews DMCA?
- Index(es):
Relevant Pages
|
