[Dshield] So my computer is a danger and you are a genius?
jsage at finchhaven.com
Tue Mar 26 15:24:26 GMT 2002
On Tue, Mar 26, 2002 at 09:00:14AM -0500, Susan wrote:
> Dear John Sage,
> Perhaps you would explain why you would feel my computer, wide open or
> not, sitting behind a 600.00 soho unit made by one of the industries
> award winning manufacturers, is a danger while your computer is just
> fine and dandy?
Try reading the newsgroup comp.os.linux.security, or
comp.security.unix for even a short time.
Without exception, _every_ time someone posts a message that indicates
their box has been rooted, the unanimous response from people on the
list who know what they're talking about is always:
1) disconnect your box from the Internet immediately.
2) do not try to "fix" it
3) do a full re-install from known, verifiable medium ie: a CD
4) do not reconnect to the Internet until the box is well secured.
5) when reconnected, install all patches for services exposed to the
This is _always_ the advice given..
> >She's a danger to all (as slight or as great a danger as a rooted box
> might be..), now that she's been compromised.
> >Call me a masochist, if you will.
> Are you sure you don't mean misogynist? Or do you spew hate and
> ignorance everywhere you go, not just at women?
I was marching in a picket line for a strike by the International
Ladies' Garment Worker's union in Los Angeles in 1968.
If you can't remember back that far, that was _before_ there was such
a thing as "Women's Rights" or "Women's Liberation"
But it's nice to have a crutch to lean on, I suppose, if you need one...
I'm objecting to your relentless posting because there is no evidence:
1) that you have any idea how to post to a mail list such that your
posts maintain the continuity of the thread you are replying to
2) despite all the sincere, good efforts of _all_ the people who have
responded to you, quite sincerly, you continue to respond with
stream-of-conscious, free-association monologues that:
a) suggest that you're only listening to yourself, and
b) suggest that you're not learning a thing here, despite everyone's
Now you wander off into another digression, just as you so often do:
> Unfortunately I'm not here to write my life story or a history of my
> computer knowledge, neither am I here to give you all the specifics of
> my little network, my network addresses etc, which quite simply, John
> and James, are none of your business. However unlike you, I do read
> every post.
> It's amazing even, I think it was one of you who called me paranoid
> several months back when I wrote in the first time and said I was
> getting hacked. I guess that would apply to everyone on this list?
> Truth is even behind the worlds best firewall a system can still be
> crompromised via email and browser bugs like Mike and Rick mention. That
> is exactly what I've been saying all along. Yea, even behind a 700.00
> soho unit, someone logged onto my system, probably through a
> vulnverablity in the web browser, I was submitting a form online when it
Now, what does the following have to do with your initial post to me?
You're free-associating, again.
> There's a big problem with piracy all over the web and hacks don't
> always use the front door, they even hijack websites/services etc.as
> Verisign is itself is enough proof of.
Now you blame someone else for the fact your box got rooted:
> The real problem isn't here on my end, it lies with incompetent and
> dishonest webhosts and system administrators who help the problem along
> and don't warn the public because they might lose money if they do.
This is now a third topic...
> The linux.org docs and others mentioned by others are excellent, I've
> been studying them for weeks.
This is now a fourth topic...
> Vunet crashes my browser if I try to use the site with downloads,
> cookies, and active scripting blocked. Best to go elsewhere...
This is now a fifth topic....
> Mike, the beta Labrea (*.4) does not do make install, it says so right
> in the readme. Locate, find, whereis, slocate, etc. really couldn't locate.
I rest my case: you're talking to yourself...
...and listening to no one.
In those days, you could not buy a $2000 200MHz Pentium server.
More information about the list