[Dshield] Re: Re: [Larholm/PivX] Proxy attackers/hijackers

Kenneth Coney superc at visuallink.com
Fri Oct 24 05:14:52 GMT 2003

Agreed, finally weakened, and gave my $10 to MS for an XP softpack CD. 
I'll put it on the old guy's machine when it comes.  Sure wish they (MS) 
would offer us a CD with all the XP and IE security patches.  They could do 
it by year, or bi annually, i.e., 2002 version, or Spring 03, etc.  Norton 
could offer the same time saving service for their products now that NIS 03 
is over 10 megabytes in changes/updates.  Matter of fact, back in the pre 
CD days Norton used to.  Every few months a set of 3.5s would show up in 
the mail from Norton with the latest anti virus definitions.  I still have 
some of the old "Fall 97" NAV ones around.  Don't know why they stopped 
doing that (we paid for the service, not them) service.  Possessing up to 
date security and AV CDs readable on any PC would really make stripping and 
subsequent reinstallations go quicker compared to coping with whatever dial 
up modem I encounter on service calls.

I hear what some of you are thinking.  Bring a fast modem with you, and an 
external CD read/write drive and software to drive it.  Wouldn't work. 
First the service I provide is done for free, so who buys it?  Second, this 
last one I did was unusual in that it was a fairly new (less than 2 years 
old) machine.  Many of the ones I encounter in senior citizen's homes are 
much older.  486s are not uncommon.  Often the machines lack the storage 
space for the programs to drive the CD and the modem.  Encountered a 
Windows 3.1 386 last week with a 20 meg hard drive and 5.25 floppy drive 
under the 3.5.  It is hard to get those older machines clean, much less 
virus proof them.  Once MS, Norton, McAfee, etc. decide the machine is past 
the shelf life, that's it.  Product support generally stops.  Meanwhile the 
older machine is still in use and becoming more of a security threat with 
each day that passes as the last AV program made to fit/run on it falls 
further and further into obsolescence.  The only silver lining is many of 
the newer viruses expect newer .dll files and faster disk I/Os than the old 
ones usually have.  Makes the infections really noticeable when the 
keyboards can't respond because the CPU or drive is too busy complying with 
the infection's instructions.

I would love to figure out a way to close ports on the old pre firewall 
machines without slowing them down to a crawl.  On the one hand some of the 
older systems didn't have RPC when they left the factory, but out here, in 
the wild, it isn't unusual to encounter a Win 95 machine with 98, XP and NT 
versions of dll files left by different program installations over the past 
few years.  Lexmark, as a for instance, installed RPC calls with their Z51 
printer software, all that was required was a CD reader attached to the old 

Subject: Re: [Dshield] Re: Re: [Larholm/PivX] Proxy attackers/hijackers
From: warpmedia <warpmedia at comcast.net>
Date: Thu, 23 Oct 2003 12:59:59 -0400
To: General DShield Discussion List <list at dshield.org>

Well you could have gone to the corporate site & d/l every update onto a CD 
or even a USB pen drive to bring out with you. Getting them installed is 
still a PITA w/o a checker program.

At 19:53 10/21/2003, Kenneth Coney wrote:

 > the day at 7PM.  Will be back there tomorrow to see where he is.  Sure 
would be nice to have a softpack CD rather than spend the day pressing try 
again over and over when trying to get softpack installed by 28K modem.

Joshua MacCraw
warpmedia at comcast.net

More information about the list mailing list