[Dshield] He wasn't bulletproof after all
superc at visuallink.com
Mon Feb 9 15:24:26 GMT 2004
Good catch. I missed the Win95 reference, I was too busy ROLTFLMAO at his
"bulletproof" set up encountering something so retro it creaked. Like it
was waiting years for him. Yup. He boots up then goes to DOS on that
machine. Then loads and runs the browser from within the DOS. 16 megs of
RAM on a machine designed for Win 3.1. I can't help him too much on the
registry files as Areust suggested, without seeing what he did (have sent
him some links and urged reinstalling the Win then seeking upgrades) to it
when he simply deleted the IE 4 folder years ago. (This prevented him from
ever patching at the MS update site.) I appreciate the text file of the
malware. It explains why my Netscape wouldn't go there. And why, by
selecting a third browser type to use he could. I wear a lot of different
hats. Under (only) one of them he is a supervisor. I was trying to
convince him his way wasn't bulletproof and got the reply I posted a few
months ago. This incident pretty much clarifies the issue to me. He is
probably vulnerable to 90% of the Win 95 exploits. Hopefully he will begin
to realize that and get a more modern machine with updated patches.
Subject: Re: [Dshield] He wasn't bulletproof after all
From: Jim Race <vimages at well.com>
Date: Sun, 08 Feb 2004 12:14:15 -0800
To: General DShield Discussion List <list at dshield.org>
Kenneth Coney wrote:
> Some of you may recall my posting about someone who only ran DOS on his
machine and who thought that because of his lack of Windows and his
selection of browsers that he was immune to all malware and AV software or
firewalls which required Windows would be a waste of his time and money.
Today I got this from him.
> "Somehow when I was online I received a pop-up box which calls itself
> a "sticky-stay" in my Opera version 6.05 which I was running on my
> Windows 95 machine. I can't get rid of the darned thing, even when I
Well. He may have written that with Pine, but he said it happened on a
Win95 box. So? That ain't DOS, is it?
If you want to look at such a file, just save the page locally and load it
in a trusted text editor.
The 'random.php' it calls is just a way to randomize various ads.
The rest you can interpret for itself.
More information about the list