Re: XP SP2 Firewall security breach

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 11/14/04 

Date: Sun, 14 Nov 2004 10:57:54 -0600

In article <t4-dnSdC8eYcpQvcRVn-vg@mersinet.co.uk>,
"John Anderson"j89anderson@hotmail.com wrote:

>Came across this today, can't believe what I'm reading, but it seems
>microsoft have put in a backdoor to the XP SP2 Firewall!

Hmmm... "Golly gee" type announcement of yet another microsoft fiasco,
with NO reference to a credible source, separately posted to (at least)
alt.security, alt.os.security, and alt.computer.security.

>check out this link to secure yourself...

Invitation to an unknown site - again, NO information, but promise of
some magic "fix".

>http://www.cebrasoft.com/FWMonitor

[compton ~]$ host www.cebrasoft.com
www.cebrasoft.com is a nickname for iis1.linix.net
iis1.linix.net has address 217.14.176.202
[compton ~]$

>NNTP-Posting-Host: 217.14.181.80
>From: "John Anderson"j89anderson@hotmail.com

[compton ~]$ host 217.14.181.80
80.181.14.217.IN-ADDR.ARPA domain name pointer 217-14-181-80.as2582.net
[compton ~]$ host 217-14-181-80.as2582.net
Host not found.
[compton ~]$ domain.check as2582.net
No match for "AS2582.NET"
[compton ~]$ domain.check -as 217.14.181.80
route: 217.14.176.0/20
descr: Linix
origin: AS25582
source: RIPE
[compton ~]$

I'd trust microsoft before I'd trust a spammer hyping his own site with a
hotmail address, from a host with a false name.

KIDS! THIS IS HOW YOU GET VIRUSES / TROJANS / SPYWARE INSTALLED ON YOUR
SYSTEMS. It's also how your email address may get added to some spam list.

Sorry, mister spammer - I've got better things to do. You may want to
talk to the incompetent klowns at mersinet.co.uk, and tell them that they
fucked up the DNS record - it's as25582.net, not as2582.net - but neither
agree with the RIPE address assignments, so that pretty well identifies
them as blackhats or fools - you figure which. Not that it really matters,
as neither should be allowed to connect to anyone's computer, much less
install this magic fix.

Relevant Pages

  • RE: mail not sent outside to smart host
    ... Microsoft products, please post in the newsgroup for that product:. ... Open DNS console in Administrative Tools, right click your Server ... Exchange can not send mail to this smart host ...
    (microsoft.public.windows.server.sbs)
  • RE: mail not sent outside to smart host
    ... Microsoft products, please post in the newsgroup for that product:. ... I like to change the configuration back, because the ISP changes the ... Open DNS console in Administrative Tools, right click your Server ... Exchange can not send mail to this smart host ...
    (microsoft.public.windows.server.sbs)
  • RE: Win SB Sever 2003 Network (Non Server Laser Printer Offline Fault)
    ... Please install latest Antivirus software on the host PC and do a full ... click to check the "Hide All Microsoft Services" ... This newsgroup only focuses on SBS technical issues. ... | client pcs send print files etc via this client pc to the laser. ...
    (microsoft.public.windows.server.sbs)
  • RE: Win SB Sever 2003 Network (Non Server Laser Printer Offline Fa
    ... Please install latest Antivirus software on the host PC and do a full ... click to check the "Hide All Microsoft Services" ... This newsgroup only focuses on SBS technical issues. ... | client pcs send print files etc via this client pc to the laser. ...
    (microsoft.public.windows.server.sbs)
  • RE: DNS
    ... Troubleshooting TCP/IP - Verifying NetBIOS Name Resolution ... Host Name Resolution ... Microsoft Global Technical Support Center ... I can ping it and even connect to ...
    (microsoft.public.windowsxp.general)