New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 24)
· Marcia's (CO8)
· Bill G's (CO12)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 1170
Comments: 21
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsFavForums 

The derth of B9 suggestions
Goto page Previous  1, 2
 
Post new topic   Reply to topic       Computer Cops Forum Index -> Benign - Suggestions
View previous topic :: View next topic  

Are you indeed happy with B9?
I'm completely happy with B9. Don't change a thing.
100%
 100%  [ 1 ]
I'm not but have no thoughts as to possible improvements.
0%
 0%  [ 0 ]
I'm not but have bigger fish to fry at the moment.
0%
 0%  [ 0 ]
Total Votes : 1

Author Message
TimeGhost

Captain
Captain



Joined: Apr 11, 2003
Posts: 650
Location: USA
PostPosted: Thu Nov 06, 2003 12:16 am    Post subject: Re: The derth of B9 suggestions
Reply with quote
mcullet wrote:
I am still evaluating B9 so all I can say is - still looking.
With Benign installed, you might have port 110 unstealthed. Although it will refuse external connections, it still shows up as open on various port scanners.
Back to top
View users profile Send private message
Perry

Lieutenant
Lieutenant



Joined: Oct 19, 2003
Posts: 291
Location: USA
PostPosted: Thu Nov 06, 2003 1:33 am    Post subject: Re: The derth of B9 suggestions
Reply with quote
[quote="mcullet"]
Perry wrote:
I mention this since it seems that the kids have access to the administrators logon, or have administrator access. Their are holes in the home version that you can more closely control in the pro version, but in any case the home version does allow the administrator to control access down to the file level for all user profiles.

Quote:



Hi again Perry,

Oh dear - where to begin. When I mentioned I taught them - I mean to REALLY taught them well (too well it seems). All my operating systems that do have some security (WIN2K PRO and XP PRO) are well known to them. Not certain it is such a good idea here to say how to bypass ADMIN settings to I won't - but this is possible. Others may not be aware of some 'hidden' users in both of these OS's too and they can have their policies edited.


Basically I was pointing out that regardless of the default settings of XP home you can still go into the registry and restrict individual settings, file paths, and so on beyond the simple user settings available via Control Panel. Many proxies by their nature will install some of the hidden users you may be mentioning, as well as many servers of various types.
Quote:

On many business sites, I still see the administrator password either not set (OEM default often) or set to a common word known to all. I get a lot of call backs after having set up fairly good security to find the owner altered things so they did not need to call IT support (either me - or others) to save money. One person in particular, disabled things to visit dangerous (in IT terms specifically) porn sites after hours. The sites contained code / scripts etc that attacked his limited security and caused damage. And one disgruntled person open the door on every security measure (plus some) just before they left because they were angry with their employer. (More common than some might realise.) Again - the human factor.


I work in the power industry. If you want to see what can occur using defaults, then read a book called - Black Ice by Dan Verton.
Quote:

Perry wrote:
Two things about B9 that come to mind for me. For about 60% of the cost of the MWP/B9 combo, there are others that work well with similar features embedded into the core program.


I am still evaluating B9 so all I can say is - still looking. Can you elaborate of this because this sounds important.


There are a couple that have both the spam software and html stripping combined.
Quote:

For example, my hardware firewall strips JAVA and cookies before the packets get through to the LAN. PestPatrol / ZoneAlarm do some other features - like renaming suspicuos attachments, 'stopping' web bugs and pop-ups. But to my knowledge, none deal with some perl scripts or other embedded scripts (won't list what types here).

Actually you could do this with MWP or one of the many by using filters to recognize the scripts since their launch mechanisms are fairly easy to detect.
Quote:


I don't know enough, I know, about how some hackers do what they do - and while it is cold comfort, I am in good company it seems - MWP,


I just wish you would not call these guys hackers. I have been a hacker for a long time, only I hack the hardware and software to make it do more then what it was designed to do. This guys are scum, not hackers.
Quote:

So - can you point me at the 'others' that you refer too. I take it they are products or tehniques. I'd like to look at them too, if possible.


Spam Sleuth has both anti spamming and html stripping in the same product and sells for about the same as MWP by itself. It has a few quirks but works well. I like the filter options in some ways better and the interface of MWP better however.

Spamihilator is a free piece of software that works pretty fair as a anti spammer and user pluggins are available for html stripping. It is a hair buggy, but not too bad.
Quote:


Mike


Perry
Back to top
View users profile Send private message Visit posters website
mcullet

Corporal
Corporal



Joined: Oct 29, 2003
Posts: 65
Location: Australia
PostPosted: Thu Nov 06, 2003 3:33 am    Post subject: Re: The derth of B9 suggestions
Reply with quote
[quote="Perry"]Basically I was pointing out that regardless of the default settings of XP home you can still go into the registry and restrict individual settings, file paths, and so on beyond the simple user settings available via Control Panel. Many proxies by their nature will install some of the hidden users you may be mentioning, as well as many servers of various types.[quote]

You are absolutely right about this. I would not generally recommend XP Home to anyone connected to the internet or who shares a PC on a LAN. And I really do not know enough about the registry to say anything other than I can stuff it up with little effort Smile

Admin tools in Pro are quite powerful (relatively) and as such can be implemented - well, not as effectively as we might want.

There is a fine line on info sharing (as we are doing) and potential damage - as can happen if we give pointers on where to look. You are far more skilled than I could hope to be so perhaps this is not really an issue for you at all. I'm still finding my way.[quote]

[quote="Perry"]
I just wish you would not call these guys hackers. I have been a hacker for a long time, only I hack the hardware and software to make it do more then what it was designed to do. This guys are scum, not hackers.
Quote:


Perry, point taken. I mean absolutely no offence to you in any way. This will probably mean squat to you - but I deeply respect anyone who has the degree of knowledge that you appear to have - a lot of what is done is very clever stuff. The word 'hacker' though has changed (I think) from what it was originally to what it has perhaps become now through media etc. I've lost track of the other terms over the years - scum is perhaps a bit kind though.

Can you help me a bit so I don't piss anyone else off by accident Smile Apart from the word scum, what is the phrase(s) used that covers people who write exploitive code / malicious stuff etc? I honestly don't know.


Spam Sleuth has both anti spamming and html stripping in the same product and sells for about the same as MWP by itself. It has a few quirks but works well. I like the filter options in some ways better and the interface of MWP better however.

Spamihilator is a free piece of software that works pretty fair as a anti spammer and user pluggins are available for html stripping. It is a hair buggy, but not too bad.

[quote]

Thanks again, Perry.

Will follow up on your pointers.
Back to top
View users profile Send private message
Display posts from previous:   
Post new topic   Reply to topic       Computer Cops Forum Index -> Benign - Suggestions All times are GMT - 5 Hours
Goto page Previous  1, 2
Page 2 of 2

 
 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB 2.0.8a © 2001 phpBB Group

Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 1518 pages served in previous 5 minutes. Page Rendered: 0.452 seconds.