- WARNING: Roy Schestowitz is spreading virusses on his website, don't go there!!!!!!!!
- Posted by Moshe Goldfarb on March 14th, 2008
On Fri, 14 Mar 2008 17:58:24 +0100, Dr. Bill wrote:
Other people have been complaining about the same site as well as Roy
Schestowitz's other sites.
http://groups.google.com/group/alt.c...057dc9e9db2135
" I posted a message on www.schestowitz.com that was somewhat anti-
linux.
Not only was the message deleted but shortly afterwards I started
getting pings of death from that site. If that wasn't bad enough, I
had a rogue program, testicles.com trying to connect to
www.schestowitz.com.
As if that were not bad enough, I got the same exact results on
another site, www.boycottnovel.com which coincidently is run by the
same person, Roy Schestowitz.
Maybe I am wrong, but I would suggest people avoid those two sites. "
I would put every one of Roy Schestowitz's domains in a hosts block file.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Ant on March 14th, 2008
"Moshe Goldfarb" wrote:
The site shows symptoms of having been hacked. There's an invisible
iframe at the end of the page at schestowitz.com which leads to the
now non-resolving pinoc.com:
Domain Name: PINOC.COM
Registrar: ESTDOMAINS, INC.
Registrant:
N/A
Manager (manager@home-made.tv)
Wolfson 25
Rishon-Le-Zion
Ha Merkaz,75203
IL
Tel. +972.525920204
Status:SUSPENDED
Note: This Domain Name is Suspended. In this status the domain name is
InActive and will not function.
- Posted by Moshe Goldfarb on March 14th, 2008
On Fri, 14 Mar 2008 22:27:27 -0000, Ant wrote:
I'm not a programmer but people have been complaining about
www.schestowitz.com and www.boycottnovell.com for quite a while now.
Of course Roy Schestowitz does nothing about this because chances are good,
he is the person who embedded the trojan to begin with.
Google him and decide for yourself.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by David H. Lipman on March 14th, 2008
From: "Ant" <not@home.today>
|
| The site shows symptoms of having been hacked. There's an invisible
| iframe at the end of the page at schestowitz.com which leads to the
| now non-resolving pinoc.com:
|
| Domain Name: PINOC.COM
| Registrar: ESTDOMAINS, INC.
|
Thanx Ant. ESTDomains says it all.
I agree with your conclusion, this site was hacked.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by Roy Schestowitz on March 14th, 2008
____/ Ant on Friday 14 March 2008 22:27 : \____
See:
Hackers Attack Trend Micro
,----[ Quote ]
| Security vendor Trend Micro has fallen victim to a widespread Web attack that
| splashed malicious software onto hundreds of legitimate Web sites in recent
| days.
|
| [...]
|
| Researchers are still not sure how the attackers are managing to hack these
| Web pages, but the pages all seem to use Microsoft's Active Server Page (ASP)
| technology, which is used by many Web development programs to create dynamic
| HTML pages. A software bug in any of those programs is all the attackers need
| to install their malicious code.
`----
http://www.pcworld.com/article/id,14...s/article.html
400,000+ infected web pages in a week?!
http://beranger.org/index.php?page=d...eb-pages-in-a-
I've _cleaned up my_ Web site (it took a long while). And for trolls who
spreading BS, thousands of sites including big ones like ZDNet are affected.
Hackers launch massive IFRAME attack
,----[ Quote ]
| But Danchev was more pessimistic that the attacks could be halted
| quickly. "To sum up -- it's a mess," he said.
`----
http://www.linuxworld.com.au/index.p...001482&rid=-50
Before accusing individuals, look at the Web as a whole. And if you're using
Windows, be careful of pretty much /ANY/ site you visit. The press is filled
with articles about what became a plague and nobody yet knows how many sites
are really affected.
--
~~ Best of wishes
Roy S. Schestowitz
http://Schestowitz.com | RHAT GNU/Linux | PGP-Key: 0x74572E8E
23:00:03 up 50 days, 8:54, 4 users, load average: 1.96, 1.45, 1.43
http://iuron.com - help build a non-profit search engine
- Posted by The Ghost In The Machine on March 14th, 2008
In comp.os.linux.advocacy, Moshe Goldfarb
<brick.n.straw@gmail.com>
wrote
on Fri, 14 Mar 2008 18:43:32 -0400
<oy37gf11pczp$.zwxx7xpkcun6$.dlg@40tude.net>:
Where have they (or, for that matter, you) been
complaining? Clearly, if they're complaining here, it's
the wrong forum. Send an email to the uplink, or contact
the appropriate authorities -- probably www.fbi.gov.
I would have thought this obvious but clearly it has yet to
penetrate to those who have been complaining. Get a grip,
people; problems do not go away by themselves. (They can
be ignored, of course, but that simply means one puts horse
blinders on. It doesn't take care of that flashing light.)
BTW...suspension of the domain name does not in itself
inactivate the attack; DNS must also be notified.
Presumably, this has been done, as www.pinoc.com no longer
resolves.
Ah, OK. In that case, submit evidence to the FBI as
well; they'll be *very* interested in hearing of an
infectious vector source -- and will probably initiate
criminal proceedings if there's enough evidence. Of course
you'll also want to submit evidence to the FBI, Interpol,
and the Israeli authorities as well, that there is a
connection between Roy Schestowitz and whoever lives at
the Wolfson 25.
Up to you.
--
#191, ewill3@earthlink.net
Linux sucks efficiently, but Windows just blows around
a lot of hot air and vapor.
--
Posted via a free Usenet account from http://www.teranews.com
- Posted by Moshe Goldfarb on March 14th, 2008
On Fri, 14 Mar 2008 23:03:42 +0000, Roy Schestowitz wrote:
Shut up already you fool.
Your site is a trojan site, bottom line.
You, Roy Schestowitz, the stalwart of Linux advocacy have been operating a
site that has been comprimising the systems of people who visit your site.
And if that was not enough, you were warned months ago about this and
refused to do anything.
To me, that says you are behind the entire thing and your sole purpose is
to infect Windows machines.
Nice.
Real nice, Roy Schestowitz.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Dr.Hal0nf1r£$ on March 15th, 2008
Moshe Goldfarb wrote:
Isn't that a standard Linuxfuck tactic?
- Posted by Moshe Goldfarb on March 15th, 2008
On Sat, 15 Mar 2008 00:33:30 -0000, Dr.Hal0nf1r£$ wrote:
Maybe I am naive, but I kind of liked to give the Linux advocate the
benefit of the doubt.
In this case however, the flagrant behavior of Roy Schestowitz is obviously
proof of his clandestine motives.
My advice is to avoid www.schestowitz.com and www.boycottnovell.com until
those sites can be cleaned and exterminated of potential bugs.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Sebastian G. on March 15th, 2008
Moshe Goldfarb wrote:
So is Yahoo. Your point being?
1. It is not his site, but the context it includes. That's outside of his
responsibility.
2. The website doesn't magically compromise systems. Only MSIE is affected,
which usage is already a gross fault of the user.
Why should he? If the users actively offer a remote shell to every website
they visit, it's their problem.
- Posted by Dr.Hal0nf1r£$ on March 15th, 2008
Moshe Goldfarb wrote:
I suggest reporting those sites to the writer(s) of Spybot Search and
Destroy updates.
- Posted by Moshe Goldfarb on March 15th, 2008
On Sat, 15 Mar 2008 01:48:27 +0100, Sebastian G. wrote:
Key word.....
MOTIVE....
Google Schestowitz and then get back to us.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Moshe Goldfarb on March 15th, 2008
On Sat, 15 Mar 2008 00:50:08 -0000, Dr.Hal0nf1r£$ wrote:
Done.
I was informed that the sites have already been reported so this is a good
thing.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Ant on March 15th, 2008
"David H. Lipman" wrote:
Disappointed that pinoc.com wouldn't resolve. I was hoping to find
some malware to dissect.
BTW, Mr Schestowitz seems a popular figure! If he's associated in any
way with "lintard" (who I presume to be Dave Lindhart, a litigious
spammer) then I'm not surprised at the fuss.
- Posted by David H. Lipman on March 15th, 2008
From: "Ant" <not@home.today>
|
| Disappointed that pinoc.com wouldn't resolve. I was hoping to find
| some malware to dissect.
|
| BTW, Mr Schestowitz seems a popular figure! If he's associated in any
| way with "lintard" (who I presume to be Dave Lindhart, a litigious
| spammer) then I'm not surprised at the fuss.
|
I posted about this at MWR. I guess it is a moot point now. :-)
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
- Posted by Moshe Goldfarb on March 15th, 2008
On Sat, 15 Mar 2008 01:23:36 -0000, Ant wrote:
Schestowitz is a 24x7 PAID SPAMMER.
If you look at the number of submissions he has per month, consider he runs
several Microsoft hate blogs, consider the amount of verbiage in his posts,
consider the hours of the day and the time factor between posts on various
sites like digg.com etc.
The only conclusion that can be reached is that Roy Schestowitz is being
compensated for his SPAMMING.
It is very obvious.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by John Bokma on March 15th, 2008
Moshe Goldfarb <brick.n.straw@gmail.com> wrote:
No, you're a fuckwit.
foad
--
John Bokma http://johnbokma.com/
- Posted by Moshe Goldfarb on March 15th, 2008
On 15 Mar 2008 01:58:19 GMT, John Bokma wrote:
Really?
Schestowitz admitted his site was a trojan site.
Learn to read fool.........
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
- Posted by Sebastian G. on March 15th, 2008
Moshe Goldfarb wrote:
Indeed, he has a motive to not care for what problems stupid visitors have
with third party content included on his site. Then again, almost no one
cares anyway.
- Posted by Roy Schestowitz on March 15th, 2008
____/ Sebastian G. on Saturday 15 March 2008 02:40 : \____
I've worked for 2 days on resolving this (it took a long time to handle
100,000+ files). Unlike probably thousands of other Web sites that still have
this iframe problem... (it's nothing to do with the site but a leech-type
reference that get forcibly attached to it).
In the past month there have been many hacking attempts on this domain, coming
from different vectors and scanning for vulnerabilities in difference CMSs
(Advanced Guestbook, Nuke, WordPress, phpBB while others were left alone). On
some days, many thousands of pages were requested by hackers, so there was
clearly a lot of effort going into this.
By the way, there is no "Moshe Goldfarb". It's called "Gary Stewart" (aka
flatfish), a Microsoft Munchkin who has been doing this dirt for over a
decade. Best to just filter out his posts and ignored the smear campaigns and
libel spread about me over the years.
--
~~ Best of wishes
Roy S. Schestowitz | Useless fact: Brazil spans 47.8% of S. America
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
04:05:01 up 50 days, 13:59, 4 users, load average: 0.81, 1.69, 1.78
http://iuron.com - Open Source knowledge engine project
