"Bill" <wsb312@hotmail.com> wrote in message
news:ttn8ov09jrtvpmhj2rvrh1vhrtav6q23p3@4ax.com...
That's great but what has it to do with viruses?

?


Ken.

"Ken Bessler" <kg0wx@IHATESPAMyahoo.com> wrote in message
news:F5ednc8W9_UV_RmiXTWJiw@comcast.com...
Anything that promotes the use of an alternative browser to IE has a lot to
do with protecting yourself from malware.
I still use IE but that's simply because I'm too lazy to change. the same is
probably true for many others who aren't as aware of security settings and
malware. Something as simple as a spell checker as an added feature may be
*enough* to convince a few people to change to a safer browser. FWIW I am
actually considering the big swap myself and when I do it will probably be
to Mozilla.

Nicky

On Wed, 08 Oct 2003 19:47:05 GMT, Bill <wsb312-noswen-@hotmail.com>
wrote:

Aha! Converts. That's what I like to see.


Art
http://www.epix.net/~artnpeg

"Bart Bailey" <Bartman@invalid.biz> wrote in message
news:3f899efc.6365564@bart.spawar.mil...
| In Message-ID:<F5ednc8W9_UV_RmiXTWJiw@comcast.com> posted on Wed, 8 Oct
| 2003 13:07:50 -0600, Ken Bessler wrote:
|
| >
| >"Bill" <wsb312@hotmail.com> wrote in message
| >news:ttn8ov09jrtvpmhj2rvrh1vhrtav6q23p3@4ax.com.. .
| >> This may be old news, but for you Mozilla users out there,
| >> Thunderbird now has a spell checker
| >
| >That's great but what has it to do with viruses?
| >
| >?
| >
| >
| >Ken.
| >
| Maybe it'll hit on the word "viruses"
| and offer to correct it to "virii" ;-)
|

Then again, maybe it will be 100% correct and will keep "viruses":
http://www.hs.ttu.edu/home/virus/terms.htm

(It is beyond me why anybody would think it would be "virii", the singular
of that would be "virius"!)


JaF

On Wed, 08 Oct 2003 16:49:11 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

Does 6.06 display this page correctly?:

http://www.xp-antispy.org/

Opera 7.2 doesn't. Moz 1.4 and Firebird 0.6.1 do display it ok.
It's a Frames thing.

I'm curious as to why you think Opera has more security features.


Art
http://www.epix.net/~artnpeg

On Fri, 10 Oct 2003 18:34:35 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

It's ok since a Frames failure leads to just seeing a error message in
German and nothing else. Odd that 6.06 handles it but 7.2 doesn't. Moz
1.5a doesn't handle it either but people say 1.4 does. Weird. Maybe
the site itself has Frames code that's not quite right.

Strikes me as an oddity if you found browsers make any difference with
the PCFlank Exploits. Back when I was using unpatched Win 98 one of
the Exploits, the fourth one I think, caused a blue screen until I
installed one of the critical OS patches for the problem. Back then I
found that most free software firewalls would mask the OS problem but
Kerio did not. It's important to patch your OS for the inherent TCP/IP
stack overflow problem (I think it was). Otherwise you're just kidding
yourself IMO. In your case, it's probably Win 95 that's the problem,
and you're masking it one way or another to pass just DOS exploits you
can find. But what about others?

Seems the latest release (not the Beta) versions of Firebird and Moz
are doing quite well from hear. I'm using Moz primarily now since I
have a fast enough PC to handle it. And Firebird as a very nice and
fast alternate. Firebird doesn't even require an install. You just
unzip it to a folder of your choice and you're off and running. It can
import Netscrape/Moz bookmarks.

I used to use Opera as an alternate but haven't found any use for it
in a long time now.


Art
http://www.epix.net/~artnpeg

On Sat, 11 Oct 2003 05:02:58 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

You can look forever and never find a test site that will do a DOS
vulnerability attack like you might find done by a hacker. Anyway,
DOS or DDOS attacks aren't part of malware prevention concerns. For a
home user they're a rare annoyance and not something to be much
concerned with. Of more serious concern are the buffer overrun
vulnerabities in both OS and app software. With these exploited, a
hacker can gain root access. That's one reason I don't care to add
software "protection" in the form of realtime av or a software
firewall. Just more system complexity to cause more problems than
they're worth.


Art
http://www.epix.net/~artnpeg

On Sat, 11 Oct 2003 16:10:56 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

Right. Or Blue screen you which is not good but OTOH not necessarily
disastrous.

I don't worry about it. I have dynamic IP but I usually leave my DSL
continuously connected all day long.

Well, you never can be 100% certain that your system is bullet proof.
But I'm also inclined to be convinced, as a practical matter, that my
former Win 98 and my current Win ME were and are secure enough just
based on years of having no problems at all.

I wan't talking about know openn doors. I was talking about unknown
buffer overrun vulnerabilites in the software you and I and others
might use.

You're pretty cocky If I was a hacker you would tempt me to clobber
your ass just to take you down a few pegs.

Any software added to a system increases the possibility of adding
buffer overrun vulnerabilities that can be exploited. There's a lot of
BS concerning the value of firewalls. All a single PC user (no LAN) of
Win 9X/ME has to do is some rebinding and killing of unnecessary
services to close all 64K ports and get a Netstat -an null report. IMO
I'm (and others are) much better off this way than adding unnecessary
system complexity and vulnerabilities.


Art
http://www.epix.net/~artnpeg

On Sat, 11 Oct 2003 17:34:16 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

And you won't know what hit you and how No delight in that if you
can't learn from it.


Art
http://www.epix.net/~artnpeg

For years I've heard about Mozilla (and Opera).
Can you tell me what the differences are, and (really!) why I should think
about converting?
I'm OK on microsoft applications; keep my stuff updated, use a firewall,
bla-bla-bla.
~Kimberlee

On Mon, 13 Oct 2003 04:15:16 GMT, "Kimberlee"
<Kimberlee_Vanderhoof@NOSPAMhotmail.com> wrote:

I just recently d/l'ed Mozilla Firebird, because I no longer trust M$
to produce a reasonably safe product.

Firebird is a simpler interface, but you can integrate a host of
add-on's if you want them. I did manage to "break it" once (Error in
module...etc.), but other than that, it has been stable. It is quite
a bit faster than IE in downloading and browsing pages, and from what
I read, is more secure.

I'll continue using it.
Good luck,
....carry on.
noah

To email me, please remove the "FISH" from the net.

On Sun, 12 Oct 2003 22:57:08 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

That's not going to tell you a thing.

Sorry Bart me boy but you don't know WTF you're talking about.

LOL! It does sound Trackeresque doesn't it. Yet it's your claim and
approach that's actually outragrous and naive. If some hacker has
analyzed a piece of software "protection" you're using and discovered
a buffer overrun vulnerability and used it on you, you won't know what
hit you until you do what he did .... unravel all the code of the app.
Now, I've never heard you make a claim that you're a programmer, much
less a highly skilled one capable of disassembling and debugging
complex code of large Windbloze apps.

Not many users have that level of skill nor the tools. Certainly I
don't except for antiquated DOS stuff, and even there I couldn't
possibly spend the time to unravel the code of every DOS program and
utility I use.

So we use stuff without really knowing it's vulnerabilities excpept
for what we glean from security people. We're dependent on M$ (good
gawd) to eventually provide patches for its various OS. And we cross
our fingers that at least most significant vunerabilites in the older
OS have been discovered by now and patched.

BTW, I wound up using Win ME by a sort of accident since the install
disks came with the used HP Pavilion I purchased recently, and I
decided to give it a go. Yet I think ME is at a good point right now.
It has the advantage of all the 9X history of vulnerabilities and
patchworks. And it's very important to d/l and install all the patches
and updates.

So what you're missing is the fact that you must do all the work of
disassembling and studying all your "protection" apps and even your OS
in advance or you won't know what hit you and how it did it. Virtually
all of us are in that boat.

As I said, though, we're talking about stuff that's unlikely to be of
any real concern to a home user providing you've done what you can in
terms of selecting a OS, patching it, and taken care of your internet
settings/bindings, disabling services, etc. So don't accuse me of
being a Tracker

It's beautiful here in central Pa right now, and we are having ideal
weather ... 45 to 50 F nights and 74 F days. The oak leaves are well
into browning and the colors are dazzling.


Art
http://www.epix.net/~artnpeg

On Sun, 12 Oct 2003 23:10:11 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

Sure there is. M$ apps are inherenly insecure. Other apps have been
designed with security in mind.


Art
http://www.epix.net/~artnpeg

On Mon, 13 Oct 2003 05:23:10 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

There would be nothing in such files that would tell you anything
worthwhile since we're talking about the packet layer and not the app
layer. Do you record all packets you receive? Could you analyze it
all?

Your methodolgy tells me you don't grasp the general nature of the
buffer overrun attack mode.

You've claimed that you can determine a vulnerability in some software
after getting nailed (for one thing). That's mainly what I'm
disputing.

You wouldn't even know _which_ app was involved or if it was the OS
itself.

It's the "if not all" that we're discussing in addition to knowing
about and patching all known vulnerabilities of the sw you use which
is a task in itself. And I think you'd be better off with a later more
mature OS. But definitely not the most recent. Not by a long shot.


Art
http://www.epix.net/~artnpeg

In article <glckov4u1eigffiuo85k0lkashmmngt2pt@4ax.com>,
rec.boats.noah@earthlink.FISH.net says...

Firebird crashes for me every time I try to download a file. This
doesn't happen with Mozilla, I'm using 1.6a. Also problems with some
pages involving scripts. Again, no problems when using Mozilla.

My answer to the original question is to suck it (them) and see. There's
nothing better then testing these things for oneself, rather than
relying on the judgements of others.

Cheers,

Roy

<null@zilch.com> wrote in message
news:6nljovo41mgjd4u1fer6gqcuf66s2eotqf@4ax.com...
This is unrelated (well, not to the current Mozilla discussion exactly) but
I didn't wanna go starting a new thread so don't yell at me. lol. I got
Mozilla (and I like it, thanks be for pop-up controls - IE is now off my
system!!) - problem is I'm a big Sims fan and it will open the .wll, .iff
and .flr files I try to download instead of downloading 'em. I know I can
set how it handles file types but don't exactly know how, ie application
type, etc. Help?

Kimberlee wrote:


http://www.mozilla.org/products/firebird/why/


-WD

On Mon, 13 Oct 2003 06:34:20 -0700, Bart Bailey <Bartman@invalid.biz>
wrote:

Well, first of all, the buffer is in RAM, and is not a file. Second, a
succesful hack gaining root access means that the hacker has gained
control of the system and therefore he could leave no traces if he so
chooses.

It may be that a hack must begin at the app level .... a Java or Java
Script vulnerability for example. I admit I'm way out on a limb with
that packet level intrusion notion having only vague ideas on how
something like that might be done, especially on a port-secured
system. But again, a successful hacker, however he starts the ball
rolling, could easily leave no traces of the kind you'd be looking for
to determine the nature of the vulnerability.

The thing is that we are never certain that any Windbloze sw we use is
completely free of exploitable vulnerabilities.


Art
http://www.epix.net/~artnpeg

"Bart Bailey" <Bartman@invalid.biz> wrote in message news:3f8ba916.5934305@bart.spawar.mil...
If the intruder installed a "root kit" or something else that may
indicate he wants to stay, then I would think that you could find
evidence this way. But what if the intruder only wanted to steal
some specific information and then leave while covering his tracks?

Given enough time, a hacker can (once the machine is accessed)
"clean up" much of the evidence of the intrusion. Regarding the
original vulnerability exploited by the hacker to gain that access,
the logs should have some evidence ~ if they were kept safe. I
think that logging could be echoed to another machine (or to a
non- rewritable storage device) so that the hacker cannot alter
or delete that evidence. From the logs, you should be able to
work out where the vulnerability lies.

On Mon, 13 Oct 2003 11:34:19 -0300, "Karen"
<karenboudreau@spam.eastlink.ca <remove spam. to reply>> wrote:

Hell, we're way off topic as usual anyway

It's even better if you use Proxomitron or Privoxy to block ads as
well.

Edit - Prferences - Navigator - Downloads

Check "Open the download manager"

That should give you a Save option. Let me know if that doesn't do the
trick.


Art
http://www.epix.net/~artnpeg