Re: [OT] Re: VERY strange problem? HELP!
Al Getz wrote:
>
> CoJaBo wrote:
> > Yes, I know. The cracker wasn't too happy when I decoded that
> > and posted "What do you mean "I am the end!"?"!
> > Also the strangest value ?time() displayed (-3812688), when
> > you remove the '-' and convert it into hexadecimal, it is the ASCII
> > code for "
"! This is where I got "54484520454E44" to call the
> > cracker, I don't even know what the cracker actually wants to be called.
> >
>
> I get hit about once per week too so i know the problems that can
> come up.
>
> I've had all kinds of funny stuff going on...from installing
> 'toolbars' in my IE to deleting programs.
The desktop compuyter gets a "toolbar" installing itself
at least monthly, so I run a scan every week, it has never found
less than 10 things...
>
> One time i went to open a simple text file using Notepad and
> got the error message something like
> "Unable to open file, cant find Notepad.exe"
> Now why on earth would a web site want to delete your Notepad????
That happend to me, I had to copy it from another computer.
>
> A little investigation turned up a program that was installed
> overtop of Notepad (theirs) but when they deleted Notepad versions
> (which BTW were in about three directories which they had to hunt down
> to accomplish) they forgot to reinstall THEIR program in that one
> directory...which happend to be the one that was called to open
> the text file. If it wasnt for that, THEIR replacement file would
> have ran on my machine and who knows that else from there 
>
> I also found that they also replaced the Windows media player, and
> during the time of the attack the were able to stop the firewall
> log from recording transactions! There was a void in the times
> between which they were doing this attack.
I think somone messed up my logs too, it says that
64.224.18.21 did a ddK`~~soWlyyyy attack at 12:00 AM 06/88/1900
which makes no sense at all!
64.224.18.21 appears to be a webserver, and the router reports no
communication with 64.224.18.21.
>
> This wasnt the first time and i know it wont be the last.
> I dont know what they think they will accomplish, but it
> wont be a heck of a lot! Even if my comp goes down it's not
> going to do any good for them right?
Well, mine was once used to launch an attack on thesims.ea.com BBS,
slowing my internet connection down quite a bit untill I found out
what was happenning (which, unfortunatly, was after they had banned
me, and none of the tech support links work...).
>
> I've developed some software to deal with these idiots over
> the years, but unfortunately this is a catch-as-catch-can
> situation--if i post anything to the web and it gets learned
> by would-be attackers, that makes it less effective for me.
>
> I've even considered posting .exe versions of the software,
> but once it gets into the wrong hands it allows experimentation
> with what passes undetected and what doesnt--so it's effectiveness
> still declines.
>
> Only thing i can say is run a virus detector of some kind.
>
> Take care and good luck with it,
> Al
>
>
> And, good luck with your Euphoria programming!
>
> My bumper sticker: "I brake for LED's"
>
|
Not Categorized, Please Help
|
|
