Main Menu

Which operating system is the best?

Started by dew7, March 05, 2004, 03:08:28 AM

Previous topic - Next topic

Yonkey

Quote from: Storm on April 09, 2004, 08:03:13 PM
How can a malicious cookie capture your e-mail? I thought the cookie is written & read by the site, so it can only contain information you've sent to the site in the firstplace :S
I don't know exactly how since I don't know that much about how cookies work.  Can cookies access other cookies?  If so, they'd just look for one where your e-mail address is stored.   Anyway I've seen Norton come up a few times and block cookies on some sites because they tried to do something malicious.  :P
"A wish changes nothing. A decision changes everything."

dew7

   With PestPatrol, tracking and spyware cookies are blocked.  As far as I know these are cookies that keep track of your web movements and report them back to the companies.  As far as the NT source code goes, I have been continually petioning Microsoft about the inherent underlying weakness with its foundation.
Carpe Diem  Trying to help all of us including myself understand the merry-go-round of life.

Storm

Quote from: Yonkey on April 09, 2004, 08:19:09 PMEvery computer that can connect to the Internet has remote access.  More specifically, anything that uses a port to access data via TCP/IP protocol is using remote access.  All a hacker needs to do is find a way to intercept that port and they can access your data.  I say "data" here since a hacker is more likely to get to that than perform file I/O.

Doesn't the client/server model says that the client is the one sending data requests, not answering them?
If I don't have any programs that handle incoming data requests (which I shouldn't have unless I'm using stuff like Kazaa that lets your computer act as a server), a hacker can pretty much send all the TCP/IP he wants, but he won't get any answer since there's nothing there to handle his requests ???

"Never argue with idiots. They'll drag you down to their level and beat you with experience."

copycat

Quote from: Yonkey on April 09, 2004, 07:35:01 PMIf someone can figure out your IP, you could get those annoying Messenger pop-ups (again, I have no idea if Win98 has those or not) but most likely, if they could find your e-mail address you'd get spam like crazy.  These days I get so many e-mail viruses from people I don't know (of course, they're usually sent to a @kq9.org account and not my own, but still).  And you know how much damage a virus or trojan can do.
Shoot the Messenger!
I don't get too many e-mail viruses since I'm extremely careful about my e-mail addresses. That's why KQ9.org has one of my spammotel-addresses, I don't trust you. :P Just a few days ago I got two at the same day, but the last one before that was several months ago. Not that I execute the attachments ofcourse. 8)

No program that has access to the Internet has been allowed server rights, not in ZA, not in Outpost.
Fannatic of the cat team.
Official Manager of the TSL Asylum ©
Defender of all things against Connor. :stabs:
Grammar Police superintendant.
The Silver Lining rises from its ashes!

Official member of the Kelsey Fanclub :thumbsup:
Official TSL: Shadows Beta Tester (ret.) :yes:
Official Cognition: An Erica Reed Mystery Episode 1 QA.

dew7

  Is your Windows fully updated?  My dad actually uses the Windows firewall and has found it works great for him.  All his ports are stealthed --- He uses Windows XP home -- Also, you may want to try Adaware by Lavasoft, Spybot --- Search and Destroy and CWShredder to eliminate spyware, malware or adware that may be on your system.  Sorry, again for saying that you had open ports when they were closed --- I will have to be more careful in the future
Carpe Diem  Trying to help all of us including myself understand the merry-go-round of life.

dew7

   It all boils down to what you as a user want --- do you want lots of free with no or little privacy and maybe even attempted idenity theft --- eg. using on-line sharing of music, some internet sites, some free e-mail, some free programs, etc.  I would suggest using an alternative e-mail address to give to corporations and others that you know will get spam, viruses, etc. and having one that you safeguard with your life and only give to a select group of friends and family.  For example, I use a hotmail address for most of my use and to give to corporations and businesses.  My other address --- I do not even feel comfortable telling you the company is only given to a select few -- never unsubscribe to services because they know its an active account --- with my hotmail address I just delete unless it is something I know that I am receiving --- shred documents, cds, disks, etc.  We all must stop the theft of our privacy and the individuals who use our name in vain to steal and hurt others --- over and out ------- the silly one  ;B
Carpe Diem  Trying to help all of us including myself understand the merry-go-round of life.

Yonkey

#166
Quote from: Storm on April 10, 2004, 08:44:42 AM
Doesn't the client/server model says that the client is the one sending data requests, not answering them?
A client both sends and receives from a server.  For example, if port 80 is used for http (if you're not using a proxy).  You request data through this port by simply entering a URL and you receive data through the port when a web pages are downloaded to your browser.  

Another port is port 110 (pop3).  If someone is "packet sniffing" on your IP port 110, they could intercept your incoming e-mail.  Some servers require an SSL connection, and the data might be encrypted, but if not, a hacker could easily do this.

Spammers used to use ISP's SMTP port (25) because it didn't require any authorization in the past.  They could send an e-mail through any ISP mail server and could get away with it.  These days most servers require authentication for outgoing mail, in order to stop this.

I mention these 3 ports, since they're the ones left open on most computers (otherwise you couldn't surf or send/recieve e-mail).  I personally don't know how easy it is to hack someone through these, but I'm just saying it's completely possible.

Oh yeah copycat, I simply disabled the Messenger service in XP (since it has nothing to do with MSN Messenger) and the problem was solved.  But I did notice that ZoneAlarm blocked those Messenger pop-ups too, before I disabled the service.  <3
"A wish changes nothing. A decision changes everything."

copycat

Quote from: Yonkey on April 10, 2004, 03:02:08 PMA client both sends and receives from a server.  For example, if port 80 is used for http (if you're not using a proxy)...

Another port is port 110 (pop3).

Spammers used to use ISP's SMTP port (25) because it didn't require any authorization in the past.

I mention these 3 ports, since they're the ones left open on most computers (otherwise you couldn't surf or send/recieve e-mail).  I personally don't know how easy it is to hack someone through these, but I'm just saying it's completely possible.
Strange, none of those ports is open when I check grc.com. Ofcourse, at the moment I am not handling e-mails on this computer, so those last two are not used at this time. No proxy, but NAT, and port 80 isn't open yet. None of those 3 ports are even closed.

Quote from: Yonkey on April 10, 2004, 03:02:08 PMOh yeah copycat, I simply disabled the Messenger service in XP (since it has nothing to do with MSN Messenger) and the problem was solved.  But I did notice that ZoneAlarm blocked those Messenger pop-ups too, before I disabled the service.  <3
Never got any Messenger pop-ups, never noticed my firewall blocking Messenger pop-ups. But, better be safe than sorry and shoot it anyway. 8)
Fannatic of the cat team.
Official Manager of the TSL Asylum ©
Defender of all things against Connor. :stabs:
Grammar Police superintendant.
The Silver Lining rises from its ashes!

Official member of the Kelsey Fanclub :thumbsup:
Official TSL: Shadows Beta Tester (ret.) :yes:
Official Cognition: An Erica Reed Mystery Episode 1 QA.

Storm

Yonkey -
Thanks for answering my questions so patiently  :D

Quote from: Yonkey on April 10, 2004, 03:02:08 PMA client both sends and receives from a server.  For example, if port 80 is used for http (if you're not using a proxy).  You request data through this port by simply entering a URL and you receive data through the port when a web pages are downloaded to your browser.  

Yes, but only the client is supposed to make requests - the server (or anyone else) isn't supposed to send requests to the client, and there should be no reason for the client to answer them.
So basically, if someone wants to take control of your computer remotely (not just spam you, or DOS you) they'd have to use a handling program that's installed on the computer, right?

"Never argue with idiots. They'll drag you down to their level and beat you with experience."

Storm

Quote from: Yonkey on April 10, 2004, 03:02:08 PMAnother port is port 110 (pop3).  If someone is "packet sniffing" on your IP port 110, they could intercept your incoming e-mail.  Some servers require an SSL connection, and the data might be encrypted, but if not, a hacker could easily do this.

Can you do anything against a packet sniffer? I mean, those things don't even need to be installed on your computer, so there's not much you can do to prevent them. And most sites don't use encryption :-\
A particularly scary thought is that every computer in my cable neighbourhood is a potential sniffer :o
"Never argue with idiots. They'll drag you down to their level and beat you with experience."

Yonkey

#170
Quote from: Storm on April 10, 2004, 08:58:58 PM
Yes, but only the client is supposed to make requests - the server (or anyone else) isn't supposed to send requests to the client, and there should be no reason for the client to answer them.
So basically, if someone wants to take control of your computer remotely (not just spam you, or DOS you) they'd have to use a handling program that's installed on the computer, right?

I think you're correct about this.  But taking control of a computer is different than reading data (and is also much harder to do, btw ;P).

Quote from: Storm on April 10, 2004, 09:03:51 PM
Can you do anything against a packet sniffer? I mean, those things don't even need to be installed on your computer, so there's not much you can do to prevent them. And most sites don't use encryption :-\
A particularly scary thought is that every computer in my cable neighbourhood is a potential sniffer :o
Hmm.. well TCP/IP is based on transferring packets of data from one place to another, it was never designed to be secure.  The only way to protect against it is to ensure data is encrypted (through SSL or something).  A packet sniffer is a tool that the hacker uses to get the packets sent across a port.  I heard that some wireless networks still don't use encryption (because there's no agreed upon standard for wireless communication yet), so you can imagine the kinds of problems we'll have in the future.   ::)
"A wish changes nothing. A decision changes everything."

Storm

Quote from: Yonkey on April 10, 2004, 09:30:46 PM
I think you're correct about this.  But taking control of a computer is different than reading data (and is also much harder to do, btw ;P).

YAY!! I was right about SOMETHING :D
"Never argue with idiots. They'll drag you down to their level and beat you with experience."

copycat

Quote from: Yonkey on April 10, 2004, 09:30:46 PMI heard that some wireless networks still don't use encryption (because there's no agreed upon standard for wireless communication yet),
Anyone ever heard of WEP?
Fannatic of the cat team.
Official Manager of the TSL Asylum ©
Defender of all things against Connor. :stabs:
Grammar Police superintendant.
The Silver Lining rises from its ashes!

Official member of the Kelsey Fanclub :thumbsup:
Official TSL: Shadows Beta Tester (ret.) :yes:
Official Cognition: An Erica Reed Mystery Episode 1 QA.

dew7

Port 113 is the only port that is not stealthed on my system.  It is closed.  My system also accepts pings.  Does anyone know how to make these options more secure?
Carpe Diem  Trying to help all of us including myself understand the merry-go-round of life.

Storm

Quote from: copycat on April 11, 2004, 02:50:05 PM
Quote from: Yonkey on April 10, 2004, 09:30:46 PMI heard that some wireless networks still don't use encryption (because there's no agreed upon standard for wireless communication yet),
Anyone ever heard of WEP?

Can't say that I have  :-\
"Never argue with idiots. They'll drag you down to their level and beat you with experience."

Yonkey

Quote
Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard.
Well, IIRC, they're at the 802.11g standard now, or even higher, and there are other wireless protocols out there too (Bluetooth, GSM/GPS, Wi-Fi, RF, etc.).  :-\
"A wish changes nothing. A decision changes everything."

etgadsby

You'll only need AppleTalk open if you have Mac's on your home/campus network you'd like to share resources with.
Peace, Love, & Understanding,

E.ric T.homas Gadsby
        etgadsby@plutonianshore.com

Say

Quote from: copycat on April 10, 2004, 03:21:00 PM
... Entrust key msh and  OMG inital refs...

OMG HE SAID OMG... :P lol, ok now I leave ;P


Say Mistage
Phoenix Online Studios

#IndieSupport <3

Storm

OMG = Object Management Group ;)
"Never argue with idiots. They'll drag you down to their level and beat you with experience."

Say

hahahahahahaaaaaaaa... Im not going to even say a word about it :D


Say Mistage
Phoenix Online Studios

#IndieSupport <3