From BNRAGMAOKKXT at spammotel.com Thu Dec 1 00:02:03 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Wed Nov 30 19:05:04 2005 Subject: [SpamCop-Geeks] Re: Geeky tip of the day - boot errors too fast to see References: <438C733C.FF31A8C4@spamcop.net> <438CF357.4A3D112A@spamcop.net> Message-ID: Kenneth Brody on 30/11/2005 wrote: >Why only five frames? What about when it takes ~30 seconds for the error >to be displayed, and the display lasts <1/15th seconds? Five frames is the norm in multi shot exposure, some cameras may have more. It's normally first five or last five. On first five you press the shutter release and five shots are fired off. On last five you press the shutter release and the camera keeps on shooting until it is pressed again and the last five shots are saved. You set it for Last Five and stop it as soon as you see the error. If you can see the error flash past then it's there for long enough to capture it as long as your reactions aren't as slow as someone half asleep. -- Rob http://www.flickr.com/photos/canopus_archives/ From nobody at devnull.spamcop.net Thu Dec 1 06:15:34 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Thu Dec 1 06:15:03 2005 Subject: [SpamCop-Geeks] Re: anti-spam question References: Message-ID: "Robert Blair" wrote in message news:TECQXhvKj0FX-pn2-144ydcIi0bil@dsl-206-55-144-107.tstonramp.com... > On Tue, 29 Nov 2005 11:43:35 UTC, "Berny" > wrote: > > > > Why are 419s so hard to catch? They must really work at evading > > > filters. > > > > Because most of them are written, typed and sent manually, in onesies or > > twosies, by many individuals. They are not made by machine like most other > > spam. > > I don't know the last time a 419 was missed the bayesian filter in my > email client. Maybe hand written filters will miss some but bayesian > filters catch all of mine. You would think that even Hotmail could use a Baysian filter for 419s, but they are about all that escape Hotmail's filters. Being 'handwritten' explains why 419s are the first ones to come if an address is published on the web. Also convinces me that the spam that I get now is a direct result of a virus finding my address on someone's computer. My address was on the web in one place, but you had to take an extra step to view it. I only got 419s until after a deluge of worms. Now the address is no longer on the web and I don't get 419s, but I do get other spam. Miss Betsy From kenbrody at spamcop.net Thu Dec 1 09:40:02 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Thu Dec 1 10:10:04 2005 Subject: [SpamCop-Geeks] Re: Geeky tip of the day - boot errors too fast to see References: <438C733C.FF31A8C4@spamcop.net> <438CF357.4A3D112A@spamcop.net> <438E0AA9.3B9DB090@spamcop.net> Message-ID: <438F0B42.AD9E9AA6@spamcop.net> Steven Maesslein wrote: > > On Wed, 30 Nov 2005 15:25:13 -0500, Kenneth Brody coughed into > spamcop.geeks and left this in <438E0AA9.3B9DB090@spamcop.net>: > > > Well, the designers of this O/S didn't say "perhaps we should leave the > > boot error message on the screen for the user to read", and instead said > > "let's clear the screen and try booting again". > > Right. So you're using an O/S of which the designers would rather sweep > the crap under the proverbial carpet instead of showing the user what's > up when something does crop up. "Nothing to see here. Move along." > > In this case, the error was basically "the bootloader loaded the kernel, > > but then the kernel couldn't mount the root filesystem". > > 3 solutions: > > * Bad disk > * Bad cable > * Bad controller Actually, those are 3 possible causes, not "solutions". In these cases, the solution was to boot off the O/S install CD, run the "recovery console" and run "chkdsk /p" or "chkdsk /r". (Google for "Unmountable Boot Volume" - with quotes - for more info.) -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Thu Dec 1 09:44:32 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Thu Dec 1 10:10:06 2005 Subject: [SpamCop-Geeks] Re: Geeky tip of the day - boot errors too fast to see References: <438C733C.FF31A8C4@spamcop.net> <438CF357.4A3D112A@spamcop.net> Message-ID: <438F0C50.66C58515@spamcop.net> Canopus wrote: > > Kenneth Brody on 30/11/2005 wrote: > > >Why only five frames? What about when it takes ~30 seconds for the error > >to be displayed, and the display lasts <1/15th seconds? > > Five frames is the norm in multi shot exposure, some cameras may have > more. It's normally first five or last five. On first five you press the > shutter release and five shots are fired off. On last five you press the > shutter release and the camera keeps on shooting until it is pressed again > and the last five shots are saved. You set it for Last Five and stop it > as soon as you see the error. If you can see the error flash past then > it's there for long enough to capture it as long as your reactions aren't > as slow as someone half asleep. Okay. My camera doesn't have that feature. It does have a video mode, where you press the shutter release to start, and press it again to stop. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From user at domain.invalid Thu Dec 1 21:51:34 2005 From: user at domain.invalid (User) Date: Thu Dec 1 22:55:03 2005 Subject: [SpamCop-Geeks] Re: Firewalls In-Reply-To: References: Message-ID: On 30.11.2005 13:36, Borgholio wrote: --- Original Message --- > User wrote: >> On 29.11.2005 19:18, Borgholio wrote: >> >> --- Original Message --- >> >> >>>Been using a hardware firewall for the longest time...but decided to install >>>a software firewall to play around with. I enabled the Windows XP Firewall >>>and naturally enabled logging so I can monitor it's performance. I'm >>>astounded with the number of unknown IP addresses that show up related to >>>port 80. I'm going nuts trying to figure out what is what. :) >> >> >> Or just run any software utility specifically written for your >> particular router, such as Wall Watcher for Linksys. Most of what you're >> seeing are port-scan bots. No problem with INcoming packets, it's the >> OUTgoing ones that respond to those unknown INcoming ones that bother me !! >> > > > I've run a few port-scans myself and the only things that even show up are > ports 80 and 113...and they're both blocked. Nothing even shows up on my > software firewall log. I'm sure these IP addresses are related to websites > I visit. Try downloading a torrent file without the aid of PeerGuardian or some other P2P blocker and see how many unknown IP's you get incoming .. :-( From net.spamcop.news at spinthewheel.org Fri Dec 2 09:33:11 2005 From: net.spamcop.news at spinthewheel.org (DMN) Date: Fri Dec 2 12:35:02 2005 Subject: [SpamCop-Geeks] reporting system HTML error when overriding the routing... Message-ID: <43908557.8060506@spinthewheel.org> Greetings, my first post... I've noticed a problem lately with how the reporting system is creating HTML under a certain condition. I've confirmed both IE and Firefox are unhappy with the malformed HTML. Steps to repro: enter any spam into http://mailsc.spamcop.net/ once it's processed, add a bouncing email address in the "user notification" section. Once the spam is processed, the system first outputs a
tag noting that the email address you added is invalid, before the tag, which breaks rendering in the browser. For instance, paste in the following pseudo-spam: ######## Received: from unknown (218.91.1.1) by blade1.cesmail.net with QMQP; 2 Dec 2005 16:54:29 -0000 you_suck ####### deselect all addresses and add "anti-spam@ns.chinanet.cn.net" (don't worry, it will bounce). You'll see the improperly formatted HTML as raw text in your browser. From BNRAGMAOKKXT at spammotel.com Sun Dec 4 13:30:31 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Sun Dec 4 08:35:03 2005 Subject: [SpamCop-Geeks] Re: Geeky tip of the day - boot errors too fast to see References: <438C733C.FF31A8C4@spamcop.net> <438CF357.4A3D112A@spamcop.net> <438F0C50.66C58515@spamcop.net> Message-ID: Kenneth Brody on 01/12/2005 wrote: >Canopus wrote: >> >>Kenneth Brody on 30/11/2005 wrote: >> >>>Why only five frames? What about when it takes ~30 seconds for the error >>>to be displayed, and the display lasts <1/15th seconds? >> >>Five frames is the norm in multi shot exposure, some cameras may have >>more. It's normally first five or last five. On first five you press the >>shutter release and five shots are fired off. On last five you press the >>shutter release and the camera keeps on shooting until it is pressed again >>and the last five shots are saved. You set it for Last Five and stop it >>as soon as you see the error. If you can see the error flash past then >>it's there for long enough to capture it as long as your reactions aren't >>as slow as someone half asleep. > >Okay. My camera doesn't have that feature. It does have a video mode, >where you press the shutter release to start, and press it again to stop. Gosh, that seems to be the wrong way around. Multi-frame capture tends to be more basic than video mode. What camera is it? -- Rob http://www.flickr.com/photos/canopus_archives/ From borgholio at storymind.com Mon Dec 5 16:52:47 2005 From: borgholio at storymind.com (Borgholio) Date: Mon Dec 5 19:55:02 2005 Subject: [SpamCop-Geeks] Woo HOO!!!! Message-ID: I just got Quake 1 to work with XP! It never worked before, now it's flawless! Oh I'm so excited...this was one of my favorite games back in the 90's. But on the other hand, I'm sad that literally nobody plays it anymore. Gamespy doesn't support Quake 1 and some of the oldest (most popular) Quake servers seem eto be long dead. Ah well...guess that's getting old for ya. From borgholio at storymind.com Mon Dec 5 17:15:40 2005 From: borgholio at storymind.com (Borgholio) Date: Mon Dec 5 20:20:08 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! In-Reply-To: References: Message-ID: Borgholio wrote: > I just got Quake 1 to work with XP! It never worked before, now it's > flawless! Oh I'm so excited...this was one of my favorite games back in > the 90's. But on the other hand, I'm sad that literally nobody plays it > anymore. Gamespy doesn't support Quake 1 and some of the oldest (most > popular) Quake servers seem eto be long dead. Ah well...guess that's > getting old for ya. Oh...my...god...While Gamespy Arcade doesn't support Quake 1, the older Gamespy 3D does...and there are 5 populated Quake servers still online. I know what I'm doing tonight! From pete+usenet at heypete.com Mon Dec 5 19:34:40 2005 From: pete+usenet at heypete.com (Pete Stephenson) Date: Mon Dec 5 22:35:01 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! References: Message-ID: In article , Borgholio wrote: > I just got Quake 1 to work with XP! It never worked before, now it's > flawless! Oh I'm so excited...this was one of my favorite games back in the > 90's. It's one of my favorite games of all times! The gibbing is most excellent! I remember playing it with friends on 500Mhz PowerBook G3s in high school over the school LAN (ah, the joys of boarding school). That was seriously one of the best games I've ever played. Sure, newer games have better networking, better interfaces, better graphics, etc. But no modern games are as revolutionary as the original Quake I! :) -- Pete Stephenson HeyPete.com From borgholio at storymind.com Mon Dec 5 20:25:30 2005 From: borgholio at storymind.com (Borgholio) Date: Mon Dec 5 23:30:10 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! In-Reply-To: References: Message-ID: Pete Stephenson wrote: > In article , > Borgholio wrote: > > >>I just got Quake 1 to work with XP! It never worked before, now it's >>flawless! Oh I'm so excited...this was one of my favorite games back in the >>90's. > > > It's one of my favorite games of all times! The gibbing is most > excellent! > > I remember playing it with friends on 500Mhz PowerBook G3s in high > school over the school LAN (ah, the joys of boarding school). That was > seriously one of the best games I've ever played. > > Sure, newer games have better networking, better interfaces, better > graphics, etc. But no modern games are as revolutionary as the original > Quake I! :) > Just upgraded to a new "mod" called ProQuake. Same basic game, but streamlined and re-optimized for modern systems. Been fragging for the last few hours. :) From jwjr at poSPAMSUCKSbox.com Tue Dec 6 02:54:03 2005 From: jwjr at poSPAMSUCKSbox.com (J. Weaver Jr.) Date: Tue Dec 6 02:55:02 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! In-Reply-To: References: Message-ID: Borgholio wrote: > I just got Quake 1 to work with XP! It never worked before, now it's > flawless! Oh I'm so excited...this was one of my favorite games back in the > 90's. But on the other hand, I'm sad that literally nobody plays it > anymore. Gamespy doesn't support Quake 1 and some of the oldest (most > popular) Quake servers seem eto be long dead. Ah well...guess that's > getting old for ya. How'd you get it to work? I can get it installed (INSTALL.BAT does the job, bypassing SETUP's grumping about "NT"), but I can't get it going. -JW From borgholio at storymind.com Mon Dec 5 23:59:55 2005 From: borgholio at storymind.com (Borgholio) Date: Tue Dec 6 03:00:03 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! In-Reply-To: References: Message-ID: J. Weaver Jr. wrote: > Borgholio wrote: > >> I just got Quake 1 to work with XP! It never worked before, now it's >> flawless! Oh I'm so excited...this was one of my favorite games back >> in the 90's. But on the other hand, I'm sad that literally nobody >> plays it anymore. Gamespy doesn't support Quake 1 and some of the >> oldest (most popular) Quake servers seem eto be long dead. Ah >> well...guess that's getting old for ya. > > > How'd you get it to work? I can get it installed (INSTALL.BAT does the > job, bypassing SETUP's grumping about "NT"), but I can't get it going. -JW You can download one of three versions that have been ported to Windows. Once you get Quake for DOS installed, go online and look for: Winquake, GLQuake, or ProQuake. You can find them all at www.planetquake.com. I'm using ProQuake because it fixes problems that vanilla Quake has with NAT routers and firewalls. But for single player only, any one of the three works just fine. If you want to play online, you can also download Quakeworld, which greatly streamlines how Quake runs over a network / online. From jwjr at poSPAMSUCKSbox.com Tue Dec 6 04:42:03 2005 From: jwjr at poSPAMSUCKSbox.com (J. Weaver Jr.) Date: Tue Dec 6 04:45:32 2005 Subject: [SpamCop-Geeks] Re: Woo HOO!!!! In-Reply-To: References: Message-ID: Borgholio wrote: > J. Weaver Jr. wrote: >> Borgholio wrote: >> >>> I just got Quake 1 to work with XP! It never worked before, now it's >>> flawless! Oh I'm so excited...this was one of my favorite games back >>> in the 90's. But on the other hand, I'm sad that literally nobody >>> plays it anymore. Gamespy doesn't support Quake 1 and some of the >>> oldest (most popular) Quake servers seem eto be long dead. Ah >>> well...guess that's getting old for ya. >> >> >> How'd you get it to work? I can get it installed (INSTALL.BAT does the >> job, bypassing SETUP's grumping about "NT"), but I can't get it going. -JW > > You can download one of three versions that have been ported to Windows. > Once you get Quake for DOS installed, go online and look for: > > Winquake, GLQuake, or ProQuake. You can find them all at > www.planetquake.com. I'm using ProQuake because it fixes problems that > vanilla Quake has with NAT routers and firewalls. But for single player > only, any one of the three works just fine. If you want to play online, you > can also download Quakeworld, which greatly streamlines how Quake runs over > a network / online. WinQuake did the trick. Thanks! -JW (off to make little ones out of big ones...) From borgholio at storymind.com Tue Dec 6 14:05:09 2005 From: borgholio at storymind.com (Borgholio) Date: Tue Dec 6 17:05:02 2005 Subject: [SpamCop-Geeks] Need help with battery chargers / reconditioners Message-ID: I've checked my local stores and all they have are battery chargers. I need a battery re-conditioner...something that will drain a battery all the way down before charging it, to help get rid of any memory effects. I've found some conditioners online, but none at any of the major (national) outlets. Anybody know a good place to find all my battery charger / reconditioner needs? From user at domain.invalid Tue Dec 6 16:53:40 2005 From: user at domain.invalid (User) Date: Tue Dec 6 17:55:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: On 06.12.2005 16:05, Borgholio wrote: --- Original Message --- > I've checked my local stores and all they have are battery chargers. I need > a battery re-conditioner...something that will drain a battery all the way > down before charging it, to help get rid of any memory effects. I've found > some conditioners online, but none at any of the major (national) outlets. > Anybody know a good place to find all my battery charger / reconditioner needs? Excellent spot, I buy from there all the time: http://www.thomas-distributing.com/maha-aa-rechargeable-batteries-2300.php From borgholio at storymind.com Tue Dec 6 15:14:49 2005 From: borgholio at storymind.com (Borgholio) Date: Tue Dec 6 18:15:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: User wrote: > On 06.12.2005 16:05, Borgholio wrote: > > --- Original Message --- > > >>I've checked my local stores and all they have are battery chargers. I need >>a battery re-conditioner...something that will drain a battery all the way >>down before charging it, to help get rid of any memory effects. I've found >>some conditioners online, but none at any of the major (national) outlets. >>Anybody know a good place to find all my battery charger / reconditioner needs? > > > Excellent spot, I buy from there all the time: > > http://www.thomas-distributing.com/maha-aa-rechargeable-batteries-2300.php Wow...that's exactly what I needed! Here's the stuff that I'm looking at: http://www.thomas-distributing.com/nimh-aa-aaa-d-c-9v-battery-chargers.php Now I just need to decide between the Accumanager 20 and the Energy 8 (16) chargers. Thanks! From user at domain.invalid Tue Dec 6 18:22:22 2005 From: user at domain.invalid (User) Date: Tue Dec 6 19:25:07 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: On 06.12.2005 17:14, Borgholio wrote: --- Original Message --- > User wrote: >> On 06.12.2005 16:05, Borgholio wrote: >> >> --- Original Message --- >> >> >>>I've checked my local stores and all they have are battery chargers. I need >>>a battery re-conditioner...something that will drain a battery all the way >>>down before charging it, to help get rid of any memory effects. I've found >>>some conditioners online, but none at any of the major (national) outlets. >>>Anybody know a good place to find all my battery charger / reconditioner needs? >> >> >> Excellent spot, I buy from there all the time: >> >> http://www.thomas-distributing.com/maha-aa-rechargeable-batteries-2300.php > > > Wow...that's exactly what I needed! Here's the stuff that I'm looking at: > > http://www.thomas-distributing.com/nimh-aa-aaa-d-c-9v-battery-chargers.php > > Now I just need to decide between the Accumanager 20 and the Energy 8 (16) > chargers. Thanks! I have the older model Accumanager but will be upgrading to the new one shortly, Santa is on his way :-). Main difference, as far as here is concerned, is that the new one doesn't have to do the auto-drain first. From borgholio at storymind.com Tue Dec 6 16:26:34 2005 From: borgholio at storymind.com (Borgholio) Date: Tue Dec 6 19:30:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: User wrote: > On 06.12.2005 17:14, Borgholio wrote: > > --- Original Message --- > > >>User wrote: >> >>>On 06.12.2005 16:05, Borgholio wrote: >>> >>> --- Original Message --- >>> >>> >>> >>>>I've checked my local stores and all they have are battery chargers. I need >>>>a battery re-conditioner...something that will drain a battery all the way >>>>down before charging it, to help get rid of any memory effects. I've found >>>>some conditioners online, but none at any of the major (national) outlets. >>>>Anybody know a good place to find all my battery charger / reconditioner needs? >>> >>> >>>Excellent spot, I buy from there all the time: >>> >>>http://www.thomas-distributing.com/maha-aa-rechargeable-batteries-2300.php >> >> >>Wow...that's exactly what I needed! Here's the stuff that I'm looking at: >> >>http://www.thomas-distributing.com/nimh-aa-aaa-d-c-9v-battery-chargers.php >> >>Now I just need to decide between the Accumanager 20 and the Energy 8 (16) >>chargers. Thanks! > > > I have the older model Accumanager but will be upgrading to the new one > shortly, Santa is on his way :-). Main difference, as far as here is > concerned, is that the new one doesn't have to do the auto-drain first. Well the auto-drain is kinda what I'm looking for. I have some dirt-old Ni-CD batteries that are in desperate need of re-conditioning. I could simply discharge them manually and then re-charge them, but I want something a bit more streamlined. :) From user at domain.invalid Tue Dec 6 22:09:58 2005 From: user at domain.invalid (User) Date: Tue Dec 6 23:10:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: On 06.12.2005 18:26, Borgholio wrote: --- Original Message --- > User wrote: >> On 06.12.2005 17:14, Borgholio wrote: >> >> --- Original Message --- >> >> >>>User wrote: >>> >>>>On 06.12.2005 16:05, Borgholio wrote: >>>> >>>> --- Original Message --- >>>> >>>> >>>> >>>>>I've checked my local stores and all they have are battery chargers. I need >>>>>a battery re-conditioner...something that will drain a battery all the way >>>>>down before charging it, to help get rid of any memory effects. I've found >>>>>some conditioners online, but none at any of the major (national) outlets. >>>>>Anybody know a good place to find all my battery charger / reconditioner needs? >>>> >>>> >>>>Excellent spot, I buy from there all the time: >>>> >>>>http://www.thomas-distributing.com/maha-aa-rechargeable-batteries-2300.php >>> >>> >>>Wow...that's exactly what I needed! Here's the stuff that I'm looking at: >>> >>>http://www.thomas-distributing.com/nimh-aa-aaa-d-c-9v-battery-chargers.php >>> >>>Now I just need to decide between the Accumanager 20 and the Energy 8 (16) >>>chargers. Thanks! >> >> >> I have the older model Accumanager but will be upgrading to the new one >> shortly, Santa is on his way :-). Main difference, as far as here is >> concerned, is that the new one doesn't have to do the auto-drain first. > > > Well the auto-drain is kinda what I'm looking for. I have some dirt-old > Ni-CD batteries that are in desperate need of re-conditioning. I could > simply discharge them manually and then re-charge them, but I want something > a bit more streamlined. :) According to the specs it doesn't need to do an auto-drain if I read it correctly. Some sorta new innovation to thwart memory imprint. I was always under the impression that the older style battery media was more prone to imprinting because of being less dense. The new stuff is more solid and hence much less prone to imprint and therefore no need to do a zero drain. From borgholio at storymind.com Tue Dec 6 22:45:00 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 01:45:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: User wrote: > > > According to the specs it doesn't need to do an auto-drain if I read it > correctly. Some sorta new innovation to thwart memory imprint. I was > always under the impression that the older style battery media was more > prone to imprinting because of being less dense. The new stuff is more > solid and hence much less prone to imprint and therefore no need to do a > zero drain. > Hmm...I'll have to ask them tomorrow. From nobody at nowhere.invalid Wed Dec 7 12:22:32 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 7 06:25:03 2005 Subject: [SpamCop-Geeks] "Server not found" page in Firefox 1.5 Message-ID: $subject is annoying because you end up with pages that include squares showing error messages where ads would be had I not made my nameserver authoritative for a few well-known ad-dispensing domains and made them all NXDOMAIN. Previous versions of Firefox would just display blank space. Does anyone know of a way to revert to the former situation short of downgrading to Fx-1.0.7? The included help system isn't much help, and a search on google didn't reveal anything of any use. -- Steve Male cadavers are incapable of yielding testimony. From nobody at nowhere.invalid Wed Dec 7 12:28:00 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 7 06:30:03 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 References: Message-ID: On Wed, 7 Dec 2005 12:22:32 +0100, Steven Maesslein coughed into spamcop.geeks and left this in : > Does anyone know of a way to revert to the former situation short of > downgrading to Fx-1.0.7? Okay - I was a bit trigger-happy there. Found the answer: Set the preference "browser.xul.error_pages.enabled" to false, restart Firefox and Bob's your uncle. No more crud. -- Steve Your fault: core dumped From devnull at spamcop.net Wed Dec 7 09:13:36 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 09:15:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners References: Message-ID: "Borgholio" wrote in message news:dn51tv$865$7@news.spamcop.net... | I've checked my local stores and all they have are battery chargers. I need | a battery re-conditioner...something that will drain a battery all the way | down before charging it, to help get rid of any memory effects. I've found | some conditioners online, but none at any of the major (national) outlets. | Anybody know a good place to find all my battery charger / reconditioner needs? What type of battery? If it's a nickel metal hyd there is no memory effect ergo no need to drain the battery. From devnull at spamcop.net Wed Dec 7 09:20:38 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 09:25:04 2005 Subject: [SpamCop-Geeks] Seeking recomendation on a firewall for a small WiFi system Message-ID: I need recommendations for a economical fire wall for a small office. They have a small WLAN with 4-8 computers and want to allow their customers to use their internet connection (DSL). they need to prevent anyone from accessing any of the company computers while allowing the company computers to network. They currently have a Norton software firewall. Suggestions? FP brother_rabbit @ hotmail.com From nobody at nowhere.invalid Wed Dec 7 15:31:24 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 7 09:35:04 2005 Subject: [SpamCop-Geeks] Re: Seeking recomendation on a firewall for a small WiFi system References: Message-ID: On Wed, 7 Dec 2005 09:20:38 -0500, Frog Prince coughed into spamcop.geeks and left this in : > they need to prevent anyone from accessing any of the company > computers while allowing the company computers to network. Stick them behind a NAT/router. That *is* the primary purpose of one of those devices - to allow what's behind them to see the Internet while the Internet can't see them. -- Steve Nine megs for the secretaries fair, Seven megs for the hackers scarce, Five megs for the grads in smoky lairs, Three megs for system source. One disk to rule them all, One disk to bind them, One disk to hold all the files, And in the darkness grind 'em. From MikeE at ster.invalid Wed Dec 7 06:49:14 2005 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 7 09:50:03 2005 Subject: [SpamCop-Geeks] Re: Seeking recomendation on a firewall for a small WiFi system References: Message-ID: Frog Prince wrote: > I need recommendations for a economical fire wall for a small office. > They have a small WLAN with 4-8 computers and want to allow their > customers to use their internet connection (DSL). they need to > prevent anyone from accessing any of the company computers while > allowing the company computers to network. > > They currently have a Norton software firewall. > > Suggestions? I would argue about it -- discuss it -- in comp.security.firewalls. If you read enough there, you can find previous discussions. The argument is going to be, first that the Norton PFW is a totally inadequate way to be protecting/defending something which might need a 'real' firewall, definitely a NAT. Second, some are going to argue that if there are no servers in the company network which are facing the internet, that you can 'simply' configure the little LAN behind a 'simple' NAT device, just like the one I have for my home network. In my case, mine is a Linksys BEFSR41. Third, others are going to argue that you need more than a simple NAT device like that -- which isn't a true hardware firewall by the definitions of those who define firewalls by certification by official testing companies. Certifieds are WatchGuard, CISCO, Netscreen, Sonic, etc and they always cost more because it costs money to get and stay certified. Then, some others are going to argue about how you can use a device that is about as economical as the linksys, but configured with 'homebrewed' aftermarket firmware to make it as good as the certified firewalls. My personal opinion is that you could do it with a cheap NAT device, plus something like WallWatcher on its logs and an 'extrusion detector, but that it would be valuable to hear the arguments of those who believe that you should have more. They would say at the very least there should be stateful packet inspections. -- Mike Easter kibitzer, not SC admin From jg at coks.net Wed Dec 7 08:57:19 2005 From: jg at coks.net (jg) Date: Wed Dec 7 12:00:09 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 In-Reply-To: References: Message-ID: On 12/7/2005 3:28 AM Steven Maesslein scribbled: > On Wed, 7 Dec 2005 12:22:32 +0100, Steven Maesslein coughed into > spamcop.geeks and left this in : > > >>Does anyone know of a way to revert to the former situation short of >>downgrading to Fx-1.0.7? > > > Okay - I was a bit trigger-happy there. Found the answer: > > Set the preference "browser.xul.error_pages.enabled" to false, restart > Firefox and Bob's your uncle. No more crud. > Good call Steve - the ole delete xul.mfl trick with an upgrade. Where did you pick up that info- always lokinig for good FF tips.. From nobody at nowhere.invalid Wed Dec 7 18:23:55 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 7 12:25:03 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 References: Message-ID: On Wed, 07 Dec 2005 08:57:19 -0800, jg coughed into spamcop.geeks and left this in : > Good call Steve - the ole delete xul.mfl trick with an upgrade. > Where did you pick up that info- always lokinig for good FF tips.. By trial and error. Point the browser to "about:config" (without the quotes, of course) and you get access to all the browser's settings. You also get a bar in which you can type text to refine the search. I tried with several pertinent terms like "404", "not_found", "found" etc. and out of desperation tried "error" expecting to see 50 pages of stuff. Lo and behold, the one toggle I saw listed was the one that needed switching :o) -- Steve Recorded message on an answerphone: "This is not an answering machine, this is a telepathic thought-recording device. After the tone, think about your name, your number, and your reason for calling.... and I'll think about returning your call." From devnull at spamcop.net Wed Dec 7 11:25:28 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 12:40:02 2005 Subject: [SpamCop-Geeks] Re: Seeking recomendation on a firewall for a small WiFi system References: Message-ID: "Mike Easter" wrote in message news:dn6soo$h7n$1@news.spamcop.net... | Frog Prince wrote: | > I need recommendations for a economical fire wall for a small office. | > They have a small WLAN with 4-8 computers and want to allow their | > customers to use their internet connection (DSL). they need to | > prevent anyone from accessing any of the company computers while | > allowing the company computers to network. | > | > They currently have a Norton software firewall. | > | > Suggestions? | | I would argue about it -- discuss it -- in comp.security.firewalls. If | you read enough there, you can find previous discussions. | | The argument is going to be, first that the Norton PFW is a totally | inadequate way to be protecting/defending something which might need a | 'real' firewall, definitely a NAT. | | Second, some are going to argue that if there are no servers in the | company network which are facing the internet, that you can 'simply' | configure the little LAN behind a 'simple' NAT device, just like the one | I have for my home network. In my case, mine is a Linksys BEFSR41. | | Third, others are going to argue that you need more than a simple NAT | device like that -- which isn't a true hardware firewall by the | definitions of those who define firewalls by certification by official | testing companies. Certifieds are WatchGuard, CISCO, Netscreen, Sonic, | etc and they always cost more because it costs money to get and stay | certified. | | Then, some others are going to argue about how you can use a device that | is about as economical as the linksys, but configured with 'homebrewed' | aftermarket firmware to make it as good as the certified firewalls. | | My personal opinion is that you could do it with a cheap NAT device, | plus something like WallWatcher on its logs and an 'extrusion detector, | but that it would be valuable to hear the arguments of those who believe | that you should have more. They would say at the very least there | should be stateful packet inspections. | I'll find out more about what they have currently and would appreciate any recommendations on hardware. From jg at coks.net Wed Dec 7 09:39:56 2005 From: jg at coks.net (jg) Date: Wed Dec 7 12:40:05 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 In-Reply-To: References: Message-ID: On 12/7/2005 9:23 AM Steven Maesslein scribbled: > On Wed, 07 Dec 2005 08:57:19 -0800, jg coughed into spamcop.geeks and > left this in : > > >>Good call Steve - the ole delete xul.mfl trick with an upgrade. >>Where did you pick up that info- always lokinig for good FF tips.. > > > By trial and error. > > Point the browser to "about:config" (without the quotes, of course) and > you get access to all the browser's settings. You also get a bar in > which you can type text to refine the search. I tried with several > pertinent terms like "404", "not_found", "found" etc. and out of > desperation tried "error" expecting to see 50 pages of stuff. > > Lo and behold, the one toggle I saw listed was the one that needed > switching :o) > Kinda odd ball way of getting there. I disabled xul about 2 months ago since I didn't like the size it gets to and figured its only a chche of sorts anyway. I thought you had gotten the info elsewhere - not too many folks suggest altering that setting. Picked up the tip at the FF ng but had to pull some teeth to get the suggestion... From borgholio at storymind.com Wed Dec 7 09:45:44 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 12:50:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: Frog Prince wrote: > "Borgholio" wrote in message > news:dn51tv$865$7@news.spamcop.net... > | I've checked my local stores and all they have are battery chargers. I > need > | a battery re-conditioner...something that will drain a battery all the way > | down before charging it, to help get rid of any memory effects. I've > found > | some conditioners online, but none at any of the major (national) outlets. > | Anybody know a good place to find all my battery charger / reconditioner > needs? > > What type of battery? If it's a nickel metal hyd there is no memory effect > ergo no need to drain the battery. > > NiCd batteries. But honestly I HAVE found that NiMH batteries do indeed have a memory effect after prolonged use. From devnull at spamcop.net Wed Dec 7 18:40:44 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 19:00:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners References: Message-ID: "Borgholio" | > What type of battery? If it's a nickel metal hyd there is no memory effect | > ergo no need to drain the battery. | > | > | | NiCd batteries. But honestly I HAVE found that NiMH batteries do indeed | have a memory effect after prolonged use. Is it a memory effect or only a degradation in performance? From borgholio at storymind.com Wed Dec 7 16:17:40 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 19:20:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: Frog Prince wrote: > "Borgholio" > > | > What type of battery? If it's a nickel metal hyd there is no memory > effect > | > ergo no need to drain the battery. > | > > | > > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do indeed > | have a memory effect after prolonged use. > > Is it a memory effect or only a degradation in performance? > > Probably both...but the only way to tell is to re-condition it a few times and see. From devnull at spamcop.net Wed Dec 7 19:24:06 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 19:30:02 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners References: Message-ID: "Borgholio" | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do indeed | > | have a memory effect after prolonged use. | > | > Is it a memory effect or only a degradation in performance? | > | > | | Probably both...but the only way to tell is to re-condition it a few times | and see. We ran extensive test on NiMH batteries when they first came out (1000 cycles in all sorts of modes) and never found any sign of memory effects. From borgholio at storymind.com Wed Dec 7 16:27:58 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 19:30:04 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: Frog Prince wrote: > "Borgholio" > > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do > indeed > | > | have a memory effect after prolonged use. > | > > | > Is it a memory effect or only a degradation in performance? > | > > | > > | > | Probably both...but the only way to tell is to re-condition it a few times > | and see. > > We ran extensive test on NiMH batteries when they first came out (1000 > cycles in all sorts of modes) and never found any sign of memory effects. > > Hmm...strange. Maybe they're just cheap batteries, as I haven't come close to 1000 cycles. From devnull at spamcop.net Wed Dec 7 20:11:06 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 20:15:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners References: Message-ID: "Borgholio" wrote in message news:dn7um5$93f$2@news.spamcop.net... | Frog Prince wrote: | > "Borgholio" | > | > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do | > indeed | > | > | have a memory effect after prolonged use. | > | > | > | > Is it a memory effect or only a degradation in performance? | > | > | > | > | > | | > | Probably both...but the only way to tell is to re-condition it a few times | > | and see. | > | > We ran extensive test on NiMH batteries when they first came out (1000 | > cycles in all sorts of modes) and never found any sign of memory effects. | > | > | | Hmm...strange. Maybe they're just cheap batteries, as I haven't come close | to 1000 cycles. Don't know that many or any made it to 1000 cycles but that was one of the test parameters. From borgholio at storymind.com Wed Dec 7 17:15:38 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 20:20:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: Frog Prince wrote: > "Borgholio" wrote in message > news:dn7um5$93f$2@news.spamcop.net... > | Frog Prince wrote: > | > "Borgholio" > | > > | > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do > | > indeed > | > | > | have a memory effect after prolonged use. > | > | > > | > | > Is it a memory effect or only a degradation in performance? > | > | > > | > | > > | > | > | > | Probably both...but the only way to tell is to re-condition it a few > times > | > | and see. > | > > | > We ran extensive test on NiMH batteries when they first came out (1000 > | > cycles in all sorts of modes) and never found any sign of memory > effects. > | > > | > > | > | Hmm...strange. Maybe they're just cheap batteries, as I haven't come > close > | to 1000 cycles. > > Don't know that many or any made it to 1000 cycles but that was one of the > test parameters. > > Hmm...well I'm not too concerned about the NiMH batteries anyways...it's my old NiCd cells that I want to re-condition. From baloo at ursine.ca Wed Dec 7 17:21:20 2005 From: baloo at ursine.ca (baloo@ursine.ca) Date: Wed Dec 7 21:10:17 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 References: Message-ID: Steven Maesslein wrote: > $subject is annoying because you end up with pages that include squares > showing error messages where ads would be had I not made my nameserver > authoritative for a few well-known ad-dispensing domains and made them > all NXDOMAIN. Previous versions of Firefox would just display blank > space. Well, probably because using your hosts file or your own name server to point ad source domains is the wrong way to block ads. > Does anyone know of a way to revert to the former situation short of > downgrading to Fx-1.0.7? http://adzapper.sf.net/ (if you don't have your own proxy, get your ISP to set it up on theirs) From baloo at ursine.ca Wed Dec 7 17:26:41 2005 From: baloo at ursine.ca (baloo@ursine.ca) Date: Wed Dec 7 21:10:19 2005 Subject: [SpamCop-Geeks] Re: Seeking recomendation on a firewall for a small WiFi system References: Message-ID: Frog Prince wrote: > I need recommendations for a economical fire wall for a small office. They > have a small WLAN with 4-8 computers and want to allow their customers to > use their internet connection (DSL). they need to prevent anyone from > accessing any of the company computers while allowing the company computers > to network. > > They currently have a Norton software firewall. Old computer running Linux, two network cards, and iptables. The software's free, lets you add in other stuff later (like your own caching proxy to reduce bandwidth usage, and to run adzapper to reduce visual clutter and bandwidth usage further). It also saves you a trip to the disposal facility and the dumping fees for properly disposing of the hardware, trying to sell an obsolete machine, or a hefty fine from the Department of Environmental Quality for throwing heavy metals out with the trash. From devnull at spamcop.net Wed Dec 7 20:52:09 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 7 21:25:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners References: Message-ID: "Borgholio" | > | > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do | > | > indeed | > | > | > | have a memory effect after prolonged use. | > | > | > | > | > | > Is it a memory effect or only a degradation in performance? | > | > | > | > | > | > | > | > | | > | > | Probably both...but the only way to tell is to re-condition it a few | > times | > | > | and see. | > | > | > | > We ran extensive test on NiMH batteries when they first came out (1000 | > | > cycles in all sorts of modes) and never found any sign of memory | > effects. | > | > | > | > | > | | > | Hmm...strange. Maybe they're just cheap batteries, as I haven't come | > close | > | to 1000 cycles. | > | > Don't know that many or any made it to 1000 cycles but that was one of the | > test parameters. | > | > | | Hmm...well I'm not too concerned about the NiMH batteries anyways...it's my | old NiCd cells that I want to re-condition. I usually rubber band a few resistors 1-5K+/- (depends on the rating of the battery) across the terminals and let them sit until they are dead. then recharge I might repeat once or twice but if no improvement I send them to the recycle place. From borgholio at storymind.com Wed Dec 7 18:52:53 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 21:55:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: Frog Prince wrote: > "Borgholio" > > | > | > | > | NiCd batteries. But honestly I HAVE found that NiMH batteries > do > | > | > indeed > | > | > | > | have a memory effect after prolonged use. > | > | > | > > | > | > | > Is it a memory effect or only a degradation in performance? > | > | > | > > | > | > | > > | > | > | > | > | > | Probably both...but the only way to tell is to re-condition it a > few > | > times > | > | > | and see. > | > | > > | > | > We ran extensive test on NiMH batteries when they first came out > (1000 > | > | > cycles in all sorts of modes) and never found any sign of memory > | > effects. > | > | > > | > | > > | > | > | > | Hmm...strange. Maybe they're just cheap batteries, as I haven't come > | > close > | > | to 1000 cycles. > | > > | > Don't know that many or any made it to 1000 cycles but that was one of > the > | > test parameters. > | > > | > > | > | Hmm...well I'm not too concerned about the NiMH batteries anyways...it's > my > | old NiCd cells that I want to re-condition. > > I usually rubber band a few resistors 1-5K+/- (depends on the rating of the > battery) across the terminals and let them sit until they are dead. then > recharge I might repeat once or twice but if no improvement I send them to > the recycle place. > > I have a digital clock / timer that's a perfect slow-train device. :) From borgholio at storymind.com Wed Dec 7 18:53:32 2005 From: borgholio at storymind.com (Borgholio) Date: Wed Dec 7 21:55:06 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: > Frog Prince wrote: >> >> I usually rubber band a few resistors 1-5K+/- (depends on the rating >> of the >> battery) across the terminals and let them sit until they are dead. then >> recharge I might repeat once or twice but if no improvement I send >> them to >> the recycle place. >> >> > > I have a digital clock / timer that's a perfect slow-train device. :) That should be slow-drain. :) From nobody at nowhere.invalid Thu Dec 8 11:54:14 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Thu Dec 8 05:55:02 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 References: Message-ID: On Wed, 7 Dec 2005 17:21:20 -0800, baloo@ursine.ca coughed into spamcop.geeks and left this in : > Well, probably because using your hosts file or your own name server > to point ad source domains is the wrong way to block ads. What is "wrong" about it - other than the fact you prefer a different method, that is? >> Does anyone know of a way to revert to the former situation short of >> downgrading to Fx-1.0.7? > > http://adzapper.sf.net/ (if you don't have your own proxy, get your > ISP to set it up on theirs) Had you read further down the thread, you'd have seen that the problem was solved *without the use of additional software*. -- Steve Are Linux users lemmings collectively jumping off of the cliff of reliable, well-engineered commercial software? -- Matt Welsh From anthony.edwards at uk.easynet.net Thu Dec 8 11:22:43 2005 From: anthony.edwards at uk.easynet.net (Anthony Edwards) Date: Thu Dec 8 06:25:03 2005 Subject: [SpamCop-Geeks] Re: Seeking recomendation on a firewall for a small WiFi system References: Message-ID: On Wed, 7 Dec 2005 11:25:28 -0500, Frog Prince wrote: > I'll find out more about what they have currently and would appreciate any > recommendations on hardware. My personal favourite, in use on my own home network, is the Cisco PIX 501: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/ps2031/index.html -- Anthony Edwards * anthony.edwards@uk.easynet.net Abuse Team Manager * Tel: 0800 053 0588 Easynet Ltd * DDI: 0161 227 0707 http://www.uk.easynet.net * Fax: 0845 333 4503 From spam_hjp at yahoo.com Thu Dec 8 11:40:42 2005 From: spam_hjp at yahoo.com (Jim) Date: Thu Dec 8 11:45:02 2005 Subject: [SpamCop-Geeks] They only finding this out now Message-ID: Millions Of Domain Names Registered With Fakes Names Those seeking to register the Website names likely provide inaccurate information to hide their identities or to prevent members of the public from contacting them, a Congressional auditor suspects.- Dec 07, 2005 http://www.informationweek.com/showArticle.jhtml;jsessionid=2TQWBQRRLXRAUQSNDBOCKH0CJUMEKJVN?articleID=174904958 From nobody at devnull.spamcop.net Thu Dec 8 13:23:15 2005 From: nobody at devnull.spamcop.net (Pop) Date: Thu Dec 8 13:25:03 2005 Subject: [SpamCop-Geeks] Re: They only finding this out now References: Message-ID: "Jim" wrote in message news:dn9nmb$cfm$1@news.spamcop.net... : Millions Of Domain Names Registered With Fakes Names : Those seeking to register the Website names likely provide inaccurate information to hide their : identities or to prevent members of the public from contacting them, a Congressional auditor : suspects.- Dec 07, 2005 : : http://www.informationweek.com/showArticle.jhtml;jsessionid=2TQWBQRRLXRAUQSNDBOCKH0CJUMEKJVN?articleID=174904958 Oh gee gosh, would someone actually DO that? Golly, that isn't very fair, is it? ;-] I was going to say it takes all kinds, but not with politicos; they are very obviously short on several kinds. Pop From user at domain.invalid Thu Dec 8 14:19:03 2005 From: user at domain.invalid (User) Date: Thu Dec 8 15:20:03 2005 Subject: [SpamCop-Geeks] Re: Need help with battery chargers / reconditioners In-Reply-To: References: Message-ID: On 07.12.2005 18:27, Borgholio wrote: --- Original Message --- > Frog Prince wrote: >> "Borgholio" >> >> | > | NiCd batteries. But honestly I HAVE found that NiMH batteries do >> indeed >> | > | have a memory effect after prolonged use. >> | > >> | > Is it a memory effect or only a degradation in performance? >> | > >> | > >> | >> | Probably both...but the only way to tell is to re-condition it a few times >> | and see. >> >> We ran extensive test on NiMH batteries when they first came out (1000 >> cycles in all sorts of modes) and never found any sign of memory effects. >> >> > > Hmm...strange. Maybe they're just cheap batteries, as I haven't come close > to 1000 cycles. Grab some of the PowerEX batteries that Thompson sells. From baloo at ursine.ca Fri Dec 9 22:25:55 2005 From: baloo at ursine.ca (baloo@ursine.ca) Date: Sat Dec 10 02:10:09 2005 Subject: [SpamCop-Geeks] Re: "Server not found" page in Firefox 1.5 References: Message-ID: Steven Maesslein wrote: > On Wed, 7 Dec 2005 17:21:20 -0800, baloo@ursine.ca coughed into > spamcop.geeks and left this in : > >> Well, probably because using your hosts file or your own name server >> to point ad source domains is the wrong way to block ads. > > What is "wrong" about it - other than the fact you prefer a different > method, that is? It breaks DNS in ways the system isn't going to expect or reasonably have any way to know about, causing exactly the problem you're seeing. >>> Does anyone know of a way to revert to the former situation short of >>> downgrading to Fx-1.0.7? >> >> http://adzapper.sf.net/ (if you don't have your own proxy, get your >> ISP to set it up on theirs) > > Had you read further down the thread, you'd have seen that the problem > was solved *without the use of additional software*. Then you don't want to solve your problem. From kenbrody at spamcop.net Sat Dec 10 14:40:44 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Sat Dec 10 14:45:10 2005 Subject: [SpamCop-Geeks] MP3 to CD audio Message-ID: <439B2F3C.B12BA8C@spamcop.net> I have a bunch of MP3 files I ripped from my CDs. Now, I would like to burn an audio CD of a selection of my favorite MP3s, to play in a car CD player that doesn't support MP3. What would be the best way of going about this? I have Windows Media Player, and RealPlayer, both of which I can use to transfer my favorites to my portable MP3 player. Can they burn "normal" audio CDs? Thanks. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From borgholio at storymind.com Sat Dec 10 14:06:11 2005 From: borgholio at storymind.com (Borgholio) Date: Sat Dec 10 17:10:02 2005 Subject: [SpamCop-Geeks] Re: MP3 to CD audio In-Reply-To: <439B2F3C.B12BA8C@spamcop.net> References: <439B2F3C.B12BA8C@spamcop.net> Message-ID: Kenneth Brody wrote: > I have a bunch of MP3 files I ripped from my CDs. Now, I would like to > burn an audio CD of a selection of my favorite MP3s, to play in a car CD > player that doesn't support MP3. > > What would be the best way of going about this? I have Windows Media > Player, and RealPlayer, both of which I can use to transfer my favorites > to my portable MP3 player. Can they burn "normal" audio CDs? > > Thanks. > Yep, just put the songs on a playlist and you can burn it to CD. From user at domain.invalid Sun Dec 11 12:50:23 2005 From: user at domain.invalid (user@domain.invalid) Date: Sun Dec 11 12:55:03 2005 Subject: [SpamCop-Geeks] Re: MP3 to CD audio In-Reply-To: <439B2F3C.B12BA8C@spamcop.net> References: <439B2F3C.B12BA8C@spamcop.net> Message-ID: Kenneth Brody wrote: > I have a bunch of MP3 files I ripped from my CDs. Now, I would like to > burn an audio CD of a selection of my favorite MP3s, to play in a car CD > player that doesn't support MP3. > > What would be the best way of going about this? I have Windows Media > Player, and RealPlayer, both of which I can use to transfer my favorites > to my portable MP3 player. Can they burn "normal" audio CDs? > > Thanks. > get cdex http://sourceforge.net/projects/cdexos/ obxeye From skiwi at spamcop.net Mon Dec 12 00:28:34 2005 From: skiwi at spamcop.net (Skiwi) Date: Mon Dec 12 03:30:08 2005 Subject: [SpamCop-Geeks] Borg, see this? (3rd party Spamcop team stats for SETI) Message-ID: Hey Borg, did you see this? (3rd party Spamcop team stats for SETI) http://www.boinc.dk/index.php?page=team_statistics&project=sah&teamid=31518 Kinda interesting... GREG... From borgholio at storymind.com Mon Dec 12 09:23:37 2005 From: borgholio at storymind.com (Borgholio) Date: Mon Dec 12 12:25:04 2005 Subject: [SpamCop-Geeks] Re: Borg, see this? (3rd party Spamcop team stats for SETI) In-Reply-To: References: Message-ID: Skiwi wrote: > Hey Borg, did you see this? (3rd party Spamcop team stats for SETI) > > http://www.boinc.dk/index.php?page=team_statistics&project=sah&teamid=31518 > > Kinda interesting... > > GREG... Which part were you referring to? :) From baloo at ursine.ca Mon Dec 12 22:36:27 2005 From: baloo at ursine.ca (baloo@ursine.ca) Date: Tue Dec 13 02:10:02 2005 Subject: [SpamCop-Geeks] Re: MP3 to CD audio References: <439B2F3C.B12BA8C@spamcop.net> Message-ID: Kenneth Brody wrote: > What would be the best way of going about this? I have Windows Media > Player, and RealPlayer, both of which I can use to transfer my favorites > to my portable MP3 player. Can they burn "normal" audio CDs? Easiest way I know is to reboot to your Linux partition and use arson or k3b, drag and drop your files into the audio CD section and click burn. From kenbrody at spamcop.net Tue Dec 13 09:40:57 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Tue Dec 13 09:55:02 2005 Subject: [SpamCop-Geeks] Re: MP3 to CD audio References: <439B2F3C.B12BA8C@spamcop.net> Message-ID: <439EDD79.F217524A@spamcop.net> Borgholio wrote: > > Kenneth Brody wrote: > > I have a bunch of MP3 files I ripped from my CDs. Now, I would like to > > burn an audio CD of a selection of my favorite MP3s, to play in a car CD > > player that doesn't support MP3. > > > > What would be the best way of going about this? I have Windows Media > > Player, and RealPlayer, both of which I can use to transfer my favorites > > to my portable MP3 player. Can they burn "normal" audio CDs? > > > > Thanks. > > > > Yep, just put the songs on a playlist and you can burn it to CD. You mean they actually thought about doing it "the right way"[tm] and made it this simple? That's what I get for not trying the obvious. Thanks. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Tue Dec 13 09:42:23 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Tue Dec 13 09:55:06 2005 Subject: [SpamCop-Geeks] Re: MP3 to CD audio References: <439B2F3C.B12BA8C@spamcop.net> Message-ID: <439EDDCF.C0BE91FC@spamcop.net> baloo@ursine.ca wrote: > > Kenneth Brody wrote: > > What would be the best way of going about this? I have Windows Media > > Player, and RealPlayer, both of which I can use to transfer my favorites > > to my portable MP3 player. Can they burn "normal" audio CDs? > > Easiest way I know is to reboot to your Linux partition and use arson > or k3b, drag and drop your files into the audio CD section and click > burn. Well, all of the Linux/Unix/AIX/Solaris boxen that I telnet/ssh into are not at my desk, whereas my Windows box is, so that option is unfortunately not available to me at this time. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From nobody at spamcop.net Wed Dec 14 08:44:09 2005 From: nobody at spamcop.net (indigo) Date: Wed Dec 14 08:45:02 2005 Subject: [SpamCop-Geeks] Computer problem (yes, more....) Message-ID: Lately my PC has taken to not shutting down correctly.....I do start/shutdown and get to the blue screen wallpaper right before the computer should turn off but it gets stuck there. I have to hit the power strip master button to turn off everything......but get this.....with all power outlets off, the keyboard still has power!!? And if I hit the master power switch again the computer immediately reboots without me having to hit the power switch on the box. Something is getting stuck......and how in god's name can the keyboard still have power if the power strip is turned off? Is the strip bad, or is the switch in the computer failing to open? I'm about ready to just give up on this thing what with my continued internet access problems, and now this.....if I reinstall win2K to try to rectify the situation, will that fsck up my whole PC, or will most of the apps still be ok? I really don't want to have to reinstall over 30-40 apps again, I'll buy a new PC if it comes to that. From nobody at devnull.spamcop.net Wed Dec 14 08:46:09 2005 From: nobody at devnull.spamcop.net (Pop) Date: Wed Dec 14 08:50:02 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: ... : again, I'll buy a new PC if it comes to that. Sounds like an opportunity waiting to happen! ;-) From devnull at spamcop.net Wed Dec 14 09:54:19 2005 From: devnull at spamcop.net (Frog Prince) Date: Wed Dec 14 09:55:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: "indigo" | | I'm about ready to just give up on this thing what with my continued | internet access problems, and now this.....if I reinstall win2K to try to | rectify the situation, will that fsck up my whole PC, or will most of the | apps still be ok? I really don't want to have to reinstall over 30-40 apps | again, I'll buy a new PC if it comes to that. If you want to donate the old one ... I have a 501C3 I'm working with that will use the machine and give you a valid receipt. FP brother_rabbit @ hotmail.com From kenbrody at spamcop.net Wed Dec 14 11:16:24 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Wed Dec 14 11:20:12 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: <43A04558.E08B4BB4@spamcop.net> indigo wrote: > > Lately my PC has taken to not shutting down correctly.....I do > start/shutdown and get to the blue screen wallpaper right before the > computer should turn off but it gets stuck there. I have to hit the power > strip master button to turn off everything......but get this.....with all > power outlets off, the keyboard still has power!!? And if I hit the master > power switch again the computer immediately reboots without me having to hit > the power switch on the box. Something is getting stuck......and how in > god's name can the keyboard still have power if the power strip is turned > off? Is the strip bad, or is the switch in the computer failing to open? What if you unplug the power strip from the wall? Then there's obviously no power going through it. (Though I'd be surprised if that's the problem.) As far as the computer turning on when you turn on the power strip, that's normal with today's computers. You can set the BIOS to turn on if it loses power and then gets power again, or you can tell it to stay off. As for the keyboard... I don't supposed it's a wireless keyboard with its own power? :-) Do you have things connected through a KVM? (A keyboard/video/mouse switch box that allows you to connect one set of peripherals to several computers.) Many of these have their own power, and supply power to the keyboard and mouse themselves, and not from the computer. (This helps keep them "alive" during the switch.) > I'm about ready to just give up on this thing what with my continued > internet access problems, and now this.....if I reinstall win2K to try to > rectify the situation, will that fsck up my whole PC, or will most of the > apps still be ok? I really don't want to have to reinstall over 30-40 apps > again, I'll buy a new PC if it comes to that. Win2K has a "repair" install, which is supposed to repair Win2K itself, and leave the rest of the system intact. How well it works depends on how messed up is your system. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From nobody at spamcop.net Wed Dec 14 11:47:37 2005 From: nobody at spamcop.net (indigo) Date: Wed Dec 14 11:50:14 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: <43A04558.E08B4BB4@spamcop.net> Message-ID: Kenneth Brody wrote: > As for the keyboard... > > I don't supposed it's a wireless keyboard with its own power? :-) > > Do you have things connected through a KVM? (A keyboard/video/mouse > switch box that allows you to connect one set of peripherals to > several computers.) Many of these have their own power, and supply > power to the keyboard and mouse themselves, and not from the > computer. (This helps keep them "alive" during the switch.) Nope. Plain old PS-2 keyboard. > Win2K has a "repair" install, which is supposed to repair Win2K > itself, and leave the rest of the system intact. How well it works > depends on how messed up is your system. > Ok, that sounds good....I'll try that over the weekend. Thanks. Oh, how do I run it? Put the CD ROM in, then what is the command line? From kenbrody at spamcop.net Wed Dec 14 14:34:02 2005 From: kenbrody at spamcop.net (Kenneth Brody) Date: Wed Dec 14 14:40:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: <43A04558.E08B4BB4@spamcop.net> Message-ID: <43A073AA.2FC0BC8B@spamcop.net> indigo wrote: > > Kenneth Brody wrote: [...] > > Win2K has a "repair" install, which is supposed to repair Win2K > > itself, and leave the rest of the system intact. How well it works > > depends on how messed up is your system. > > > > Ok, that sounds good....I'll try that over the weekend. Thanks. Oh, how > do I run it? Put the CD ROM in, then what is the command line? As I recall, boot from the CD (or make the boot floppies and boot from them), and the install will tell you that it found an existing Win2K install, and to press "R" to repair. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From nobody at spamcop.net Wed Dec 14 14:41:09 2005 From: nobody at spamcop.net (indigo) Date: Wed Dec 14 14:45:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: <43A04558.E08B4BB4@spamcop.net> <43A073AA.2FC0BC8B@spamcop.net> Message-ID: Thanks. Hope it works, that damn box is about to get a hammer put to it if it doesn't start behaving.... Kenneth Brody wrote: > indigo wrote: > > > > Kenneth Brody wrote: > [...] > > > Win2K has a "repair" install, which is supposed to repair Win2K > > > itself, and leave the rest of the system intact. How well it > > > works depends on how messed up is your system. > > > > > > > Ok, that sounds good....I'll try that over the weekend. Thanks. Oh, > > how > > do I run it? Put the CD ROM in, then what is the command line? > > As I recall, boot from the CD (or make the boot floppies and boot from > them), and the install will tell you that it found an existing Win2K > install, and to press "R" to repair. > > | Kenneth J. Brody | www.hvcomputer.com | > | | kenbrody/at\spamcop.net | www.fptech.com | #include > | | > +-------------------------+--------------------+---------------------------- -+ > Don't e-mail me at: From gregstigers+msnews at spamcop.net Fri Dec 16 09:03:17 2005 From: gregstigers+msnews at spamcop.net (G) Date: Fri Dec 16 09:05:03 2005 Subject: [SpamCop-Geeks] How to handle viral email Message-ID: I'm curious what others would do in my situation. I've figured out how I can try to find the sender of a viral email, which I should disclaim may be useless to identify dial-up users, although if they send a legitimate email from their transient IP address, I have them. With the IP address in the header, which I also ping and tracert, I create a rule in Outlook to alert on any email with that IP address in the header, which I do not normally enable, but do "Run now". That said, having identified an infected user, or his or her employer, then what? Who do we notify, and how? The two options are being discussed. One is to have our recipient notify the sender that his or her PC is infected, and let the user seek whatever help can be had from IT. The other is for me as the system admin to attempt to identify the IT contact by whois or other means, or contact the infected user, at my discretion, offering the emails as evidence, and some level of assistance. There are probably other options, and I would welcome hearing them. There is also the question of where to draw the line. Do we assume that our AV is sufficient, and only respond if an affected user complains about receiving the denatured viral email? Do we only notify business partners, and for instance wash our hands of the problem if the infected sender is a friend, relative, or incidental business contact with whom we have no particular relationship (with a shrug to all those vendors who have contacted us on their own initiative)? Greg Stigers I hope this is the appropriate forum for this one From nobody at devnull.spamcop.net Fri Dec 16 10:50:30 2005 From: nobody at devnull.spamcop.net (Pop) Date: Fri Dec 16 10:55:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "G" wrote in message news:dnuhf7$ru2$1@news.spamcop.net... : I'm curious what others would do in my situation. I've figured out how I can : try to find the sender of a viral email, which I should disclaim may be : useless to identify dial-up users, although if they send a legitimate email : from their transient IP address, I have them. With the IP address in the : header, which I also ping and tracert, I create a rule in Outlook to alert : on any email with that IP address in the header, which I do not normally : enable, but do "Run now". : : That said, having identified an infected user, or his or her employer, then : what? Who do we notify, and how? : : The two options are being discussed. One is to have our recipient notify the : sender that his or her PC is infected, and let the user seek whatever help : can be had from IT. The other is for me as the system admin to attempt to : identify the IT contact by whois or other means, or contact the infected : user, at my discretion, offering the emails as evidence, and some level of : assistance. There are probably other options, and I would welcome hearing : them. : : There is also the question of where to draw the line. Do we assume that our : AV is sufficient, and only respond if an affected user complains about : receiving the denatured viral email? Do we only notify business partners, : and for instance wash our hands of the problem if the infected sender is a : friend, relative, or incidental business contact with whom we have no : particular relationship (with a shrug to all those vendors who have : contacted us on their own initiative)? : : Greg Stigers : I hope this is the appropriate forum for this one : : I'm not sure why the question; it seems like, if it were me, I would (and do): IFF I am certain I have the actual sender & it's not forged, Notify the sender AND the sender's server administrator (ISP, whatever), request a response for when the situation gets fixed, and then block that address until the response is received. Period; no exception. Nothing wrong with advising how to use alternate email routes, etc., in the notifications, especially if it's a preferred customer. If it's a customer, a phone call might be in order so as to prevent surprises. They will likely be grateful to know they are infected. Lots of ways to be nice about it and to look like the great business they know you are. Unless you're not. The only other alternative I see is to ignore it and do nothing. And if this is a business, start limiting personal usage of the system as much as reasonable. Email is not/should never be, the ONLY functional means of contact. Pop From MikeE at ster.invalid Fri Dec 16 08:00:04 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 16 11:00:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: G wrote: > I'm curious what others would do in my situation. My first reflex is to suggest that you 'handle' it in the 'traditional' manner that most 'diligent' end user recipients handle it who are not in any kind of admin position. That is, a common diligent enduser process is to characterize the received virus, and to examine the headers for the IP source as well as any additional 'clues' -- for example I have seen viral propagations in the past which 'gave away' the email address or account of an AOL propagator by showing an AOL Xline of X-Apparently-From which had a correct address. But, most non-admins who dissect a viral propagation are /not/ going to have an actual username or email address, but instead will only have an IP address. Then, the diligent enduser would notify the provider for the IP in the 'standard' spamcop or spam notify method, namely by whois correlating the IP address with the regional internet registrar netblock provider admin contact or the abuse.net for that contact's domainname or perhaps the IP rDNS domainname abuse.net reg'd admin contact. That notification would consist of the complete headers of the viral propagation and the 'enclosure' of the propagation right down to the attached executable, which would be excised. The body of the notify would very very briefly say why the provider was being notified and the characterization of the viral propagation. The problem is that the vast majority of notified providers are not going to do anything about it. That problem is so pervasive that most diligent endusers have 'retired' from being diligent, and so now they just report via spamcop's automated system or not at all. By your being in an admin position where you are able to 'do more', you can communicate with the other admin and maybe find out what the other admin's policy is. But I don't think you are going to /change/ the other admin's policy -- so that admin is going to continue to do nothing and you will tire of this extra diligence. > The two options are being discussed. One is to have our recipient > notify the sender that his or her PC is infected, The ability to transform an IP into the user's address is not going to work most of the time, so that option is not really an option. In spite of what you've said, the dynamics don't translate because they are dynamic, and the likelihood of an IP being sufficiently static that it provides you with an opportunity to correlate an IP with an address is going to be more the exception rather than the 'rule'. > The other is for me as the > system admin to attempt to identify the IT contact by whois or other > means, That is the normal diligent user strategy, but you have an admin edge -- but your admin edge might not be worth much. > There is also the question of where to draw the line. Do we assume > that our AV is sufficient, and only respond if an affected user > complains about receiving the denatured viral email? It is important that you be diligent about your AV competency -- but viruses are going to slip in. Some providers use AV on their uses' outgoing - or block port 25 from their users. Why are you accepting smtp transactions from user IP viral propagations? What are your policies re stripping vs 'sidetracking' viral propagations? My mail provider gives me the option to virus block, and when enabled I don't get the stripped result, I just get a notify that a virus mail was stopped and I can go see it in the quarantine zone. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Fri Dec 16 08:26:03 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 16 11:30:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Pop" > "G" wrote > : I'm curious what others would do in my situation. I've figured > out how I can > : try to find the sender of a viral email, which I should > disclaim may be Notice how your native OE and its configuration chop up the other person's post into shortlines. Very ugly and difficult to read. Of course, we've read it already, but if it is being cited, we must be supposed to read it again. Fortunately I don't have to look at it like you posted it, because my QuoteFix fixes mine, yours, and everyone else's, usually. -- Mike Easter kibitzer, not SC admin From g2p4i1902 at sneakemail.com Fri Dec 16 17:38:12 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Fri Dec 16 13:05:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: <9lab73-mgv.ln1@mothlight.dyndns.org> Mike Easter wrote: > > The problem is that the vast majority of notified providers are not > going to do anything about it. That problem is so pervasive that most > diligent endusers have 'retired' from being diligent, and so now they > just report via spamcop's automated system or not at all. I've notified Qwest for about six months about some user who kept sending viruses to me. I finally gave up and let procmail delete them for me. From nobody at devnull.spamcop.net Fri Dec 16 15:47:14 2005 From: nobody at devnull.spamcop.net (Pop) Date: Fri Dec 16 15:50:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Mike Easter" wrote in message news:dnuppv$1e2$1@news.spamcop.net... : "Pop" : > "G" wrote : : > : I'm curious what others would do in my situation. I've figured : > out how I can : > : try to find the sender of a viral email, which I should : > disclaim may be : : Notice how your native OE and its configuration chop up the other : person's post into shortlines. : : Very ugly and difficult to read. Of course, we've read it already, but : if it is being cited, we must be supposed to read it again. : : Fortunately I don't have to look at it like you posted it, because my : QuoteFix fixes mine, yours, and everyone else's, usually. : : -- : Mike Easter : kibitzer, not SC admin : Huh! Thought I'd fixed that long ago. When I get time ... Pop From nobody at nowhere.not Fri Dec 16 21:18:29 2005 From: nobody at nowhere.not (Robert Blair) Date: Fri Dec 16 16:20:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: On Fri, 16 Dec 2005 14:03:17 UTC, "G" wrote: > I'm curious what others would do in my situation. 1. do not use OE 2. only use text mode not HTML in your email client I never worry about viruses following the above advice. -- Robert Blair From nobody at devnulll.spamcop.net Fri Dec 16 16:24:25 2005 From: nobody at devnulll.spamcop.net (Spamvireslayer) Date: Fri Dec 16 16:25:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: "indigo" wrote in message news:dnp7j9$t87$1@news.spamcop.net... > Lately my PC has taken to not shutting down correctly.....I do > start/shutdown and get to the blue screen wallpaper right before the > computer should turn off but it gets stuck there. I have to hit the power > strip master button to turn off everything......but get this.....with all > power outlets off, the keyboard still has power!!? And if I hit the master > power switch again the computer immediately reboots without me having to hit > the power switch on the box. Something is getting stuck......and how in > god's name can the keyboard still have power if the power strip is turned > off? Is the strip bad, or is the switch in the computer failing to open? > > I'm about ready to just give up on this thing what with my continued > internet access problems, and now this.....if I reinstall win2K to try to > rectify the situation, will that fsck up my whole PC, or will most of the > apps still be ok? I really don't want to have to reinstall over 30-40 apps > again, I'll buy a new PC if it comes to that. I have had several hangs where nothing but nothing would shut the PC off, I had to physically unplug the power cord from the back, restart it, then it's fine. Try that, and also the repair or go-back feature to restore what you used to have. Also, is all your power management stuff set to manual? From ftabor at gmail.com Fri Dec 16 17:39:03 2005 From: ftabor at gmail.com (Frank Tabor) Date: Fri Dec 16 17:40:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: I see where, indigo managed to write: >Lately my PC has taken to not shutting down correctly.....I do >start/shutdown and get to the blue screen wallpaper right before the >computer should turn off but it gets stuck there. I have to hit the power >strip master button to turn off everything......but get this.....with all >power outlets off, the keyboard still has power!!? And if I hit the master >power switch again the computer immediately reboots without me having to hit >the power switch on the box. Something is getting stuck......and how in >god's name can the keyboard still have power if the power strip is turned >off? Is the strip bad, or is the switch in the computer failing to open? > >I'm about ready to just give up on this thing what with my continued >internet access problems, and now this.....if I reinstall win2K to try to >rectify the situation, will that fsck up my whole PC, or will most of the >apps still be ok? I really don't want to have to reinstall over 30-40 apps >again, I'll buy a new PC if it comes to that. > I seem to remember a problem with shut downs and network connections. search the MS Knowledge base on shutdown and networking. -- Frank Tabor From asterix at no_where.net Sat Dec 17 00:07:59 2005 From: asterix at no_where.net (Asterix) Date: Fri Dec 16 18:10:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: <1h7ote6.my6s4z4qlup7N%asterix@no_where.net> Pop wrote: > IFF I am certain I have the actual sender & it's not forged, You can be certain the sender *is* spoofed. Virtually every mail virus the last 5 years does that. That's why "G" is discussing IP addresses, not "senders". -- I recommend Macs to my friends, and Windows machines to those whom I don't mind billing by the hour From asterix at no_where.net Sat Dec 17 00:07:59 2005 From: asterix at no_where.net (Asterix) Date: Fri Dec 16 18:10:06 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: <1h7otkb.1ox9wca1g64a88N%asterix@no_where.net> Robert Blair wrote: > On Fri, 16 Dec 2005 14:03:17 UTC, "G" > wrote: > > > I'm curious what others would do in my situation. > > 1. do not use OE > 2. only use text mode not HTML in your email client 3. do not use Windows (Sorry - couldn't resist - it's too obvious) :-) -- I recommend Macs to my friends, and Windows machines to those whom I don't mind billing by the hour From BNRAGMAOKKXT at spammotel.com Sat Dec 17 01:20:02 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Fri Dec 16 20:25:02 2005 Subject: [SpamCop-Geeks] That Dam Log-on Screen Message-ID: A question before I go to bed, hopefully someone may have answered it when I wake up and I'll understand it :) I've never used a log on screen when booting up XP or any other system, but, one has now appeared. I downloaded some podcast software and it required Net Framework to be installed to work correctly. I ran Windows Update, downloaded and installed Net Framework then installed the podcast software. Upon reboot I had the XP log on screen with just my account showing and no password to put in. Checking Control Panel > Users I see three accounts, mine as administrator, "ASP.NET Machine A...:" and "Guest" which is off. As far as I recall the ASP.Net Machine a... and Guest were not there previously, I presume they are to do with Net Framework and the podcast software that has Bittorrent incorporated into it. Question is, how do I get back to automatically logging into my account without going through the log on process every time? -- Rob http://www.flickr.com/photos/canopus_archives/ From nobody at nowhere.not Sat Dec 17 04:08:56 2005 From: nobody at nowhere.not (Robert Blair) Date: Fri Dec 16 23:10:07 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: <1h7otkb.1ox9wca1g64a88N%asterix@no_where.net> Message-ID: On Fri, 16 Dec 2005 23:07:59 UTC, asterix@no_where.net (Asterix) wrote: > 3. do not use Windows (Sorry - couldn't resist - it's too obvious) :-) I don't. Too many people do for some strange reason so I did not mention it. -- Robert Blair From user at domain.invalid Sat Dec 17 09:15:11 2005 From: user at domain.invalid (User) Date: Sat Dec 17 10:20:02 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen In-Reply-To: References: Message-ID: On 16.12.2005 19:20, Canopus wrote: --- Original Message --- > A question before I go to bed, hopefully someone may have answered it when > I wake up and I'll understand it :) > > I've never used a log on screen when booting up XP or any other system, > but, one has now appeared. I downloaded some podcast software and it > required Net Framework to be installed to work correctly. I ran Windows > Update, downloaded and installed Net Framework then installed the podcast > software. Upon reboot I had the XP log on screen with just my account > showing and no password to put in. Checking Control Panel > Users I see > three accounts, mine as administrator, "ASP.NET Machine A...:" and "Guest" > which is off. As far as I recall the ASP.Net Machine a... and Guest were > not there previously, I presume they are to do with Net Framework and the > podcast software that has Bittorrent incorporated into it. > > Question is, how do I get back to automatically logging into my account > without going through the log on process every time? > When you installed the softwares, did you specify for "Administrator" or "All Users" ? From user at domain.invalid Sat Dec 17 10:36:01 2005 From: user at domain.invalid (User) Date: Sat Dec 17 11:40:04 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 16.12.2005 08:03, G wrote: --- Original Message --- > I'm curious what others would do in my situation. I've figured out how I can > try to find the sender of a viral email, which I should disclaim may be > useless to identify dial-up users, although if they send a legitimate email > from their transient IP address, I have them. With the IP address in the > header, which I also ping and tracert, I create a rule in Outlook to alert > on any email with that IP address in the header, which I do not normally > enable, but do "Run now". > > That said, having identified an infected user, or his or her employer, then > what? Who do we notify, and how? > > The two options are being discussed. One is to have our recipient notify the > sender that his or her PC is infected, and let the user seek whatever help > can be had from IT. The other is for me as the system admin to attempt to > identify the IT contact by whois or other means, or contact the infected > user, at my discretion, offering the emails as evidence, and some level of > assistance. There are probably other options, and I would welcome hearing > them. > > There is also the question of where to draw the line. Do we assume that our > AV is sufficient, and only respond if an affected user complains about > receiving the denatured viral email? Do we only notify business partners, > and for instance wash our hands of the problem if the infected sender is a > friend, relative, or incidental business contact with whom we have no > particular relationship (with a shrug to all those vendors who have > contacted us on their own initiative)? > > Greg Stigers > I hope this is the appropriate forum for this one > > Some of the more common viruses and worms entrench themselves into the users address book feature, especially Outlook Express and propagate the virus or worm to EVERY address in your book and henceforth from every body elses address book ad infinitum. These users may be, and usually are, unaware that THEY are included in this propagation anomaly. So, to blame those users, simply alert the ISP as to what's happening,etc, so that the User can make the necessary adjustments and virus/worm elimination. From six.million at dollar.man Sat Dec 17 17:17:32 2005 From: six.million at dollar.man (dwåcôn) Date: Sat Dec 17 17:20:02 2005 Subject: [SpamCop-Geeks] Maxtor Drive Message-ID: After my Windows Server 2003 box started exhibiting strange lock-ups... and I determined there were no viruses or spyware... I discovered the Maxtor 5000LE 80GB external USB drive seemed to be the culprit. According to the Maxtor KnowledgeBase, the file system became corrupted -- although it stayed connected to the PC continually and was never physically disconnected. Regardless, I am SOL. I have a new drive and formatted it NTFS to help prevent problems. However -- I still have tons of data on that other drive that I would like to recover. I found some recovery tools but unfortunately if the drive is on and plugged into the PC it is sluggish and the simple task of opening explorer takes over a minute, then navigating to the directory where the recover software is loaded also takes forever -- seems the system is continually trying to handshake the defective drive. I plugged it into a laptop (running XP Pro) and it doesn't have those issues -- but I still get the "I/O Error" when trying to access the driive. Wonder if there are any suggestions. I consulted a few local computer shops but the employees there barely know how to work the cash register, much less provide repair for equipment (especially if it wasn't purchased at their store). I might consider sending it somewhere, but given some of my data is sensitive, that would be only an act of desperation. Anyway... any ideas on how to fix this would be greatly appreciated. Thanks! --- dwacon www.dwacon.com From post.please.this.email.is.not.valid at example.com Sat Dec 17 16:56:42 2005 From: post.please.this.email.is.not.valid at example.com (DougW) Date: Sat Dec 17 18:00:02 2005 Subject: [SpamCop-Geeks] Re: Maxtor Drive References: Message-ID: dwåcôn did pass the time by typing: > After my Windows Server 2003 box started exhibiting strange lock-ups... and > I determined there were no viruses or spyware... I discovered the Maxtor > 5000LE 80GB external USB drive seemed to be the culprit. It's just an ATA or SATA hard drive in a case you probably can install it in your computer. All the ones at work (not the same vendor though) are just regular hard drives in an external case. -- DougW From devnull at spamcop.net Sat Dec 17 22:31:33 2005 From: devnull at spamcop.net (Frog Prince) Date: Sat Dec 17 22:35:15 2005 Subject: [SpamCop-Geeks] Re: Maxtor Drive References: Message-ID: "dwåcôn" wrote in message news:do22pn$qa7$1@news.spamcop.net... | After my Windows Server 2003 box started exhibiting strange lock-ups... and | I determined there were no viruses or spyware... I discovered the Maxtor | 5000LE 80GB external USB drive seemed to be the culprit. | | According to the Maxtor KnowledgeBase, the file system became corrupted -- | although it stayed connected to the PC continually and was never physically | disconnected. Regardless, I am SOL. | | I have a new drive and formatted it NTFS to help prevent problems. | However -- I still have tons of data on that other drive that I would like | to recover. | | I found some recovery tools but unfortunately if the drive is on and plugged | into the PC it is sluggish and the simple task of opening explorer takes | over a minute, then navigating to the directory where the recover software | is loaded also takes forever -- seems the system is continually trying to | handshake the defective drive. | | I plugged it into a laptop (running XP Pro) and it doesn't have those | issues -- but I still get the "I/O Error" when trying to access the driive. | | Wonder if there are any suggestions. I consulted a few local computer shops | but the employees there barely know how to work the cash register, much less | provide repair for equipment (especially if it wasn't purchased at their | store). I might consider sending it somewhere, but given some of my data is | sensitive, that would be only an act of desperation. | | Anyway... any ideas on how to fix this would be greatly appreciated. | Thanks! I had a similar problem with a Maxtor drive I was able to go to the dos C:\ prompt (from boot) and used Xcopy to move everything to another folder on a different drive. I was using W98SE so that may not be an option for your case. There is always the option to copy to an on line storage for transfer to the new drive. From nobody at devnull.spamcop.net Sun Dec 18 10:37:37 2005 From: nobody at devnull.spamcop.net (Pop) Date: Sun Dec 18 10:40:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: <1h7otkb.1ox9wca1g64a88N%asterix@no_where.net> Message-ID: "Robert Blair" wrote in message news:TECQXhvKj0FX-pn2-tXx4g7j5hmQd@dsl-206-55-144-107.tstonramp.com... : On Fri, 16 Dec 2005 23:07:59 UTC, asterix@no_where.net (Asterix) : wrote: : : > 3. do not use Windows (Sorry - couldn't resist - it's too obvious) :-) : : I don't. Too many people do for some strange reason so I did not : mention it. : I do. Too many people for some strange reason would rather use incompletely functional apps than bother to learn how to use the one they have and enjoy the occasional use of the greater feature set. Not an uneducated comment: Tried 'em all, ff, moz, op, et al, even ns, and ie/oe got the best, most usable function set with the exception of handling Replies. To Reply I have to add 2 keystrokes before I start typing. : : -- : Robert Blair From joegill at removethis Sun Dec 18 22:14:48 2005 From: joegill at removethis (Joe Gill) Date: Sun Dec 18 22:15:03 2005 Subject: [SpamCop-Geeks] Re: Maxtor Drive References: Message-ID: "dwåcôn" wrote in message news:do22pn$qa7$1@news.spamcop.net... > After my Windows Server 2003 box started exhibiting strange lock-ups... and > I determined there were no viruses or spyware... I discovered the Maxtor > 5000LE 80GB external USB drive seemed to be the culprit. > > According to the Maxtor KnowledgeBase, the file system became corrupted -- > although it stayed connected to the PC continually and was never physically > disconnected. Regardless, I am SOL. > > I have a new drive and formatted it NTFS to help prevent problems. > However -- I still have tons of data on that other drive that I would like > to recover. > > I found some recovery tools but unfortunately if the drive is on and plugged > into the PC it is sluggish and the simple task of opening explorer takes > over a minute, then navigating to the directory where the recover software > is loaded also takes forever -- seems the system is continually trying to > handshake the defective drive. > > I plugged it into a laptop (running XP Pro) and it doesn't have those > issues -- but I still get the "I/O Error" when trying to access the driive. > > Wonder if there are any suggestions. I consulted a few local computer shops > but the employees there barely know how to work the cash register, much less > provide repair for equipment (especially if it wasn't purchased at their > store). I might consider sending it somewhere, but given some of my data is > sensitive, that would be only an act of desperation. > > Anyway... any ideas on how to fix this would be greatly appreciated. > Thanks! > > > > --- > dwacon > www.dwacon.com > > 1) If you are saying "...file system became corrupted..", there are sometimes ways to recover? ,,,, What did a FULL CHKDSK with the /F option show? This option will force a reboot.... 2) If it is simply a file system corruption, there are supposedly tools available to fix that! 3) There are companies that do data recovery. Some do recovery where you send the drive in and other can do it over the internet! However, be forewarned IT IS NOT CHEAP!. It comes down to how bad do you want the data back? I have a company that I used for remote recovery a couple years back. If interested in my experience, look at my headers and decode my email address. If others want the info, and don't mind a company name, reply to this thread. I have the name of another one too! 4) Large reputable data recovery companies handle sensitive business data every day as part of their day to day operations... From gregstigers at spamcop.net Mon Dec 19 07:21:34 2005 From: gregstigers at spamcop.net (Greg Stigers) Date: Mon Dec 19 07:25:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: Thanks for your responses. I know that I'm a newbie here, and out of my depths in some sense. I still have a lot to learn about email administration. Please pardon the length of my response, but I wanted to respond to various comments all at once. Pop wrote: >and then block that address until the response is received. >Period; no exception. My concern isn't blocking viral email. If we're not secure against the virus, it's my job to secure us. And once we're secure, blocking the IP address is only going to seem punative and annoy people. It won't help against a now neutered threat, and would also block legitimate email. Blocking the email address will allow viral email thru with its forged addresses, and only block legitimate email. I can't justify either of those. >The only other alternative I see is to ignore it and do nothing. In three of the five cases where I did what I described, there was a business reason to address the problem. Doing nothing would have been wrong. Asterix wrote: >You can be certain the sender *is* spoofed. >That's why "G" is discussing IP addresses, not "senders". Exactly. I could have been more clear apparently. What is interesting about my approach is it lets me take the IP address from an email with a forged address, and by finding legitimate email from the same IP address, determine whose system is infected. Once I know that, and only after I know that, I have to decide what to do. There is some question about me spending the time to find the address. There is another question about what I do if the sender is not an employee under the parent company's umbrella, or something like that. Mike Easter wrote: >That is, a common diligent enduser process is to That's some end user. ;-) >The ability to transform an IP into the user's address is not going to >work most of the time, so that option is not really an option. I may not be qualified to have an opinion. Granted, I've come up empty a few times, and been unable to id the sender. In one aggregious case, I provided a second rule to four recipients that would notify them when they got a legitimate email from the address in question, and got a hit within a day, and another two more days after that. For those that have been generating a non-trivial number of viral email, this approach has allowed me to identify three infected senders, since I started using it a little more than a week ago. >Why are you accepting smtp transactions from user IP viral propagations? I don't understand this question, or the implication of what I might do differently. >What are your policies re stripping vs 'sidetracking' viral >propagations? I've changed our email AV toward more of a default to first attempt repair, and then strip, so users now see that they were sent a viral email. Without this, I cannot see headers to begin sleuthing. Robert Blair wrote: >I never worry about viruses following the above advice. We use Outlook, not OE, for corporate email. I use OE for personal email, thus. But it is not just about protecting us from some given threat today. I liken it to getting a drunk driver off the road. I can't do anything about what they did before. I cannot know if they will hurt anyone today. But by acting, I probably reduce the likelihood of them causing harm. If someone has Sober.X or Mytob or Netsky, then they are probably somewhat more vulnerable to whatever Sober.X is going to do in January when it downloads sober.exe, or whatever the next variant is. I can in part defend my actions because we saw Sober.X early, and in spite of being up to date, AV did not detect it. I had to manually download an update, apply it to our email AV, and provide it outside normal channels (we will be revisiting this design as well for better centralization of updates). While we are not at risk from the viral email I'm chasing today, we might be from whatever comes next. If I can encourage better practices and due caution in our business circle, maybe we are somewhat safer than we would be otherwise. It's rather like reporting spam, isn't it? User wrote: >simply alert the ISP as to what's happening,etc, so >that the User can make the necessary adjustments and virus/worm elimination. And others recommended reporting to the ISP, whereas some mentioned ISPs being less than responsive. It's an interesting idea, that keeps my identity out of the picture. Is that a good thing, or a bad thing? We are discussing whether I contact the admin, or have our receiving user contact the infected user. No one has said which they believe to be more likely to produce results. From nobody at spamcop.net Mon Dec 19 09:02:13 2005 From: nobody at spamcop.net (indigo) Date: Mon Dec 19 09:05:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: Spamvireslayer wrote: > I have had several hangs where nothing but nothing would shut the PC > off, I had to physically unplug the power cord from the back, restart > it, then it's fine. Try that, and also the repair or go-back > feature to restore what you used to have. Also, is all your power > management stuff set to manual? I ran the repair on my PC Saturday, it almost frigging destroyed my computer! Yes, it solved the shutdown and accessing the internet problems, but it also corrupted OE, and completely corrupted my Office 2000 install. The excel.exe file is there, but it won't run. And every time I clicked on an icon to check if the program was working ok I'd get the Windows installer dialog box that kept saying it needed to install "quicken.msi". How the hell did that happen? I kept hitting cancel a bazillion times but finally gave in and loaded the app it was asking for -- the thing weird thing is that I didn't even have Quicken installed on my system! I use TurboTax. From devnull at spamcop.net Mon Dec 19 09:07:08 2005 From: devnull at spamcop.net (Frog Prince) Date: Mon Dec 19 09:10:03 2005 Subject: [SpamCop-Geeks] Re: Computer problem (yes, more....) References: Message-ID: "indigo" wrote in message news:do6eh5$1d4$1@news.spamcop.net... | | | Spamvireslayer wrote: | > I have had several hangs where nothing but nothing would shut the PC | > off, I had to physically unplug the power cord from the back, restart | > it, then it's fine. Try that, and also the repair or go-back | > feature to restore what you used to have. Also, is all your power | > management stuff set to manual? | | I ran the repair on my PC Saturday, it almost frigging destroyed my | computer! Yes, it solved the shutdown and accessing the internet problems, | but it also corrupted OE, and completely corrupted my Office 2000 install. | The excel.exe file is there, but it won't run. And every time I clicked on | an icon to check if the program was working ok I'd get the Windows installer | dialog box that kept saying it needed to install "quicken.msi". How the hell | did that happen? I kept hitting cancel a bazillion times but finally gave in | and loaded the app it was asking for -- the thing weird thing is that I | didn't even have Quicken installed on my system! I use TurboTax. Some elements of Quicken are in TTAX. From Kilgallen at SpamCop.net Mon Dec 19 08:10:48 2005 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Mon Dec 19 09:15:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: In article , "Greg Stigers" writes: > Pop wrote: >>and then block that address until the response is received. >>Period; no exception. > My concern isn't blocking viral email. If we're not secure against the > virus, it's my job to secure us. Virus scanners work by looking for _known_ virus signatures. If you run a virus scanner you are still susceptible to _new_ viruses until they are recognized by the scanner vendors and added to their set of signatures. Thus communicating with those who are susceptible to viruses (as proven by the fact that they caught one) is not a good move, since there is reason to believe they might catch one that is not yet handled by your scanners. > And once we're secure, blocking the IP > address is only going to seem punative and annoy people. Around here the police often ticket people who drive to endanger. The police are supposed to keep the roads safe, not make friends. > It won't help > against a now neutered threat, and would also block legitimate email. The only way it is a neutered threat is if you are running exclusively machines that do not get viruses. In other words, not Windows, Linux or Macintosh. Otherwise you are always vulnerable to a new virus not yet handled by your virs scanners. > Blocking the email address will allow viral email thru with its forged > addresses, and only block legitimate email. I strongly doubt that Pop advocated trusting the From: address to protect against viruses. Nobody else around here does. From MikeE at ster.invalid Mon Dec 19 10:00:27 2005 From: MikeE at ster.invalid (Mike Easter) Date: Mon Dec 19 13:05:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: Greg Stigers wrote: > Mike Easter wrote: >> That is, a common diligent enduser process is to > > That's some end user. ;-) Ideally your contextualized replies would have an empty line before your words begin, like so... >> That is, a common diligent enduser process is to > > That's some end user. ;-) ... to enhance readability. >> Why are you accepting smtp transactions from user IP viral >> propagations? > I don't understand this question, or the implication of what I might > do differently. Oops. I have to run off. To be continued. -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Mon Dec 19 19:54:46 2005 From: nobody at devnull.spamcop.net (Pop) Date: Mon Dec 19 21:10:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: ... : : I strongly doubt that Pop advocated trusting the From: address : to protect against viruses. Nobody else around here does. Definitely not. The "From" is seldom, if ever anymore, the real source of the spam. From is a useless field in spamdom. Pop From caroljean52 at yahoo.com Mon Dec 19 22:11:32 2005 From: caroljean52 at yahoo.com (caroljean52) Date: Tue Dec 20 01:15:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: "Canopus" wrote in message news:dnvp42$jfc$1@news.spamcop.net... > Question is, how do I get back to automatically logging into my account > without going through the log on process every time? That turns up on my computer from time to time, apparently for no reason. It does NOT happen every time I start the machine. I just figure it's one of those Windows quirks that I just live with because it would take a lot longer to figure out and fix! Carol Seattle USA From nobody at spamcop.net Tue Dec 20 08:51:29 2005 From: nobody at spamcop.net (indigo) Date: Tue Dec 20 08:55:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: caroljean52 wrote: > "Canopus" wrote in message > news:dnvp42$jfc$1@news.spamcop.net... > > Question is, how do I get back to automatically logging into my > > account without going through the log on process every time? > > That turns up on my computer from time to time, apparently for no > reason. It does NOT happen every time I start the machine. I just > figure it's one of those Windows quirks that I just live with because > it would take a lot longer to figure out and fix! > There's a way to permanently fix that, I'm not sure if you need MSCONFIG to do it or if it's something emedded in Windows already.....it's been so long since I've fixed it I don't remember how I did it, but if you googled it I'm sure it would pop up. From user at domain.invalid Tue Dec 20 08:13:19 2005 From: user at domain.invalid (User) Date: Tue Dec 20 09:15:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 19.12.2005 18:54, Pop wrote: --- Original Message --- > ... > : > : I strongly doubt that Pop advocated trusting the From: address > : to protect against viruses. Nobody else around here does. > > Definitely not. The "From" is seldom, if ever anymore, the real > source of the spam. From is a useless field in spamdom. > > Pop > > Not only that but many times the "From:" is your own address ... :-) From joegill at removethis Tue Dec 20 12:15:32 2005 From: joegill at removethis (Joe Gill) Date: Tue Dec 20 12:20:14 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: "indigo" wrote in message news:do9291$dre$1@news.spamcop.net... > > > caroljean52 wrote: > > "Canopus" wrote in message > > news:dnvp42$jfc$1@news.spamcop.net... > > > Question is, how do I get back to automatically logging into my > > > account without going through the log on process every time? > > > > That turns up on my computer from time to time, apparently for no > > reason. It does NOT happen every time I start the machine. I just > > figure it's one of those Windows quirks that I just live with because > > it would take a lot longer to figure out and fix! > > > > There's a way to permanently fix that, I'm not sure if you need MSCONFIG to > do it or if it's something emedded in Windows already.....it's been so long > since I've fixed it I don't remember how I did it, but if you googled it I'm > sure it would pop up. > > I guess I have a whole different 'take' on the logon screen, and maybe I am living with a 'false sense of security'... I have, passwords turned on, use 'strong' password, and a timeout interval. In addition, 'guest' is disabled. My 'theory', is that if someone can 'hack' to my PC, then they have to crack to password.... Also if the PC is stolen .. .same security.. From nobody at devnull.spamcop.net Wed Dec 21 06:29:36 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Wed Dec 21 06:30:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Mike Easter" wrote in message news:dnuo98$je$1@news.spamcop.net... > That is the normal diligent user strategy, but you have an admin edge -- > but your admin edge might not be worth much. I recently complained to my ISP about an onslaught of Sober from Verizon. He was not very encouraging saying he complained to insightbb for a month before they stopped. I know very well that ISPs can use AV to filter them out, but my ISP won't do it saying it is too hard. And they won't use blocklists. However, the Sober does stop coming after about a week. The downside is that we are now on the 4th IP address! I am going to change my ISP to one that does use blocklists (when I get the time), but then who is going to notify verizon? Miss Betsy From nobody at nowhere.invalid Wed Dec 21 12:44:43 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 21 06:45:02 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: jOn Tue, 20 Dec 2005 15:31:38 -0600, Kenneth Loafman coughed into spamcop.geeks and left this in : > If I've physically got your computer, I've got your data *unless* said > data is encrypted with strong encryption and Windows has left no clues in > the registry, etc. All you've done is slow me down the length of time it > takes for me to go to the web and get a Windows password cracker. Last > time I looked, there were a bunch. Or you remove the HD from the stolen machine and connect it to yours. Anything unencrypted is available immediately. > You might slow me down some more with a BIOS password, but that's not more > than 10 minutes to clear at the most. See above :) SMART drives, OTOH, can integrate a password into the HD itself. That's harder to crack. -- Steve Profanity is the one language all programmers know best. From nobody at devnull.spamcop.net Wed Dec 21 06:47:04 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Wed Dec 21 06:50:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Greg Stigers" wrote in message news:do68kf$ubt$1@news.spamcop.net... > Pop wrote: > >and then block that address until the response is received. > >Period; no exception. > My concern isn't blocking viral email. If we're not secure against the > virus, it's my job to secure us. And once we're secure, blocking the IP > address is only going to seem punative and annoy people. It won't help > against a now neutered threat, and would also block legitimate email. > Blocking the email address will allow viral email thru with its forged > addresses, and only block legitimate email. I can't justify either of those. Since you are working for a business, you probably can't use blocklists that reject at the server telling the sender that there is a problem. (If more businesses were willing to take the risk of offending clients by refusing suspect email, spam would become less of a problem, IMHO) However, for end users, blocklists work just fine. *senders* who are irresponsible (including end users who choose incompetent and irresponsible ISPs) should bear the brunt of finding another way of using reliable email. I don't see the point in sending end users an email saying that they received a virus. If you are going to intercept them, just put them in the bit bucket. Since I am not a server admin, I don't follow what you are doing. If it helps you to find senders that are part of your company, then it is probably worthwhile. Though IIWY I would be lobbying for stricter AV and end user education. No excuse for businesses to be infected. Otherwise, probably your company wouldn't want you to be a Good Samaritan by taking extra time to identify and notify virus senders. It isn't difficult to notify the ISP and that you should probably do as a responsible corporate entity on the internet. And yes, there are some end users who do notify the ISP. It is not that difficult to do. Miss Betsy an almost new internet user From user at domain.invalid Wed Dec 21 07:24:53 2005 From: user at domain.invalid (User) Date: Wed Dec 21 08:25:13 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: > I know very well that ISPs can use AV to filter them out, but my > ISP won't do it saying it is too hard. And they won't use > blocklists. Hmm, what's so difficult about installing ClamAV? And besides, it's "self-maintaining". Excuses excuses. Like you said, changing ISP's is the best course, if feasible of course (not the only game in town). From nobody at nowhere.not Wed Dec 21 19:34:24 2005 From: nobody at nowhere.not (Robert Blair) Date: Wed Dec 21 14:35:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: On Wed, 21 Dec 2005 11:29:36 UTC, "Miss Betsy" wrote: > I am going to change my ISP to one that does use blocklists (when I > get the time), but then who is going to notify verizon? I do not want my ISP to block any of my email, they get it wrong too often and I do not get email I really want. My reason for changing ISPs is if they do not have an optout of their spam/virus blocking. -- Robert Blair From user at domain.invalid Wed Dec 21 18:08:20 2005 From: user at domain.invalid (User) Date: Wed Dec 21 19:10:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 21.12.2005 13:34, Robert Blair wrote: --- Original Message --- > On Wed, 21 Dec 2005 11:29:36 UTC, "Miss Betsy" > wrote: > >> I am going to change my ISP to one that does use blocklists (when I >> get the time), but then who is going to notify verizon? > > I do not want my ISP to block any of my email, they get it wrong too > often and I do not get email I really want. > > My reason for changing ISPs is if they do not have an optout of their > spam/virus blocking. > > If an ISP gets it "wrong" and you don't receive the "wrong" mail then your ISP isn't worth a hoot !!!! I run SpamAssassin with the option to let the user decide if he/she wants to receive the mail with the ***spam*** prepended subject line. That way they can filter it any which way they want. From BNRAGMAOKKXT at spammotel.com Thu Dec 22 00:12:11 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Wed Dec 21 19:15:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: User on 17/12/2005 wrote: >When you installed the softwares, did you specify for "Administrator" or >"All Users" ? Been off line for a bit so just catching up. I really can't remember if I installed the podcast software for just me or all users, normally I just install for just me as I'm the only person in the house capable of using my PC, hence I never set up a password for the PC. My main security is for attacks from outside i.e. a firewall and AV. I'm suspecting the Guest account and ASP.NET Machine account may have been set up by the podcast software as it incorporates Bittorrent so a person from outside would have to access a certain folder on my PC to upload any files required while I'm downloading them. Guest account is disabled though. I'm not sure what ASP.NET Machine A... is though. I could probably delete the Guest Account safely, but, not sure what would happen if I deleted ASP.NET account. -- Rob http://www.flickr.com/photos/canopus_archives/ From BNRAGMAOKKXT at spammotel.com Thu Dec 22 00:14:16 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Wed Dec 21 19:15:06 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: caroljean52 on 20/12/2005 wrote: >That turns up on my computer from time to time, apparently for no reason. >It >does NOT happen every time I start the machine. I just figure it's one of >those Windows quirks that I just live with because it would take a lot >longer to figure out and fix! It's never happened on my PC since the first time I had XP installed. Come to think of it it never used to happen when I used any other OS either. It's got me really scratching my head. -- Rob http://www.flickr.com/photos/canopus_archives/ From BNRAGMAOKKXT at spammotel.com Thu Dec 22 00:17:25 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Wed Dec 21 19:20:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: indigo on 20/12/2005 wrote: >There's a way to permanently fix that, I'm not sure if you need MSCONFIG to >do it or if it's something emedded in Windows already.....it's been so long >since I've fixed it I don't remember how I did it, but if you googled it >I'm >sure it would pop up. It's not a part of msconfig and there's no options for it under Users. Will try a Google tomorrow, never thought of that and there I've been using Google Earth and Googlemail (hangs head in shame). -- Rob http://www.flickr.com/photos/canopus_archives/ From g2p4i1902 at sneakemail.com Thu Dec 22 00:47:36 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Wed Dec 21 19:50:13 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen In-Reply-To: References: Message-ID: Canopus wrote: > indigo on 20/12/2005 wrote: > >> There's a way to permanently fix that, I'm not sure if you need >> MSCONFIG to >> do it or if it's something emedded in Windows already.....it's been so >> long >> since I've fixed it I don't remember how I did it, but if you googled >> it I'm >> sure it would pop up. > > It's not a part of msconfig and there's no options for it under Users. > Will try a Google tomorrow, never thought of that and there I've been > using Google Earth and Googlemail (hangs head in shame). Does TweakUI fix it? From nobody at nowhere.not Thu Dec 22 04:39:18 2005 From: nobody at nowhere.not (Robert Blair) Date: Wed Dec 21 23:40:08 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: On Thu, 22 Dec 2005 00:08:20 UTC, User wrote: > If an ISP gets it "wrong" and you don't receive the "wrong" mail then > your ISP isn't worth a hoot !!!! You got that right! -- Robert Blair From MikeE at ster.invalid Wed Dec 21 20:45:54 2005 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 21 23:50:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: Robert Blair wrote: > My reason for changing ISPs is if they do not have an optout of their > spam/virus blocking. I agree that is a very important feature. If a provider's configuration options are sufficient, it makes up for a lot of other weaknesses. EL has been soundly trounced for its From challenges for 'suspect' mail [nonspam non-whitelisted] - but those challenges can be configured to off and there are configurable non-challenge options to handling the suspect mail. EL's spamblocker and virus blocker can be configured to off. -- Mike Easter kibitzer, not SC admin From BNRAGMAOKKXT at spammotel.com Thu Dec 22 12:14:08 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Thu Dec 22 07:15:06 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: Mr K. Mean on 22/12/2005 wrote: >Canopus wrote: >>indigo on 20/12/2005 wrote: >> >>>There's a way to permanently fix that, I'm not sure if you need MSCONFIG >>>to >>>do it or if it's something emedded in Windows already.....it's been so >>>long >>>since I've fixed it I don't remember how I did it, but if you googled it >>>I'm >>>sure it would pop up. >> >>It's not a part of msconfig and there's no options for it under Users. >>Will try a Google tomorrow, never thought of that and there I've been >>using Google Earth and Googlemail (hangs head in shame). > >Does TweakUI fix it? Possibly, but, I've just found out how it comes about and how to fix it the official way. As I suspected you loose auto log on when Net Framework is installed. There is a registry hack to fix it, but, there is an easier way: Start > Run then type in "control userpasswords2" without the quote marks. Select account you want to auto log on, un-check "User must enter a user name and password to use this computer", click Apply, another screen pops up to enter Password and confirm it (leave all blank for no password), click Apply, exit and re-boot. Now no Log On screen appears 8?) -- Rob http://www.flickr.com/photos/canopus_archives/ From gregstigers+msnews at spamcop.net Thu Dec 22 10:32:31 2005 From: gregstigers+msnews at spamcop.net (G) Date: Thu Dec 22 10:40:04 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: > Oops. I have to run off. To be continued. Still waiting. Greg Stigers From MikeE at ster.invalid Thu Dec 22 08:38:05 2005 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 22 11:40:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: Greg Stigers wrote: > Mike Easter wrote: >> Why are you accepting smtp transactions from user IP viral >> propagations? > I don't understand this question, or the implication of what I might > do differently. Typically a viral propagation to your server is engaging your server 'direct to mx' -- that is directly from a user IP - which user IP is a dynamic IP and is not a mail server - and typically that viral propagation has some kind of bogus From or helo or mail from which does not correspond to the SPF records. The normal mail to your server would be coming from some legitimate server which is not a dynamic IP and also has 'corresponding' IP and IP rDNS and maybe an SPF which corresponds to the From, helo, or mailfrom. Those viral propagating IPs also tend to quickly find themselves on blocklists for hitting spamtraps such as spamcop's or others, in addition to their dynamic listed status. So, my question was related to why not be rejecting the transactions from the dynamic IPs which are listed in dynamic DNSBLs and maybe also have some kind of scoring system which included whether or not the SPF records are compliant or if the source IP is blocklisted in an important blocklist. This would also help with some spam problems as well as viral propagations. Rejecting mail during the transaction is not an unhealthy thing to be doing - even with the occasional false positive - which is not at all the same things as dropping it on the floor and losing it.. -- Mike Easter kibitzer, not SC admin From nobody at spamcop.net Thu Dec 22 13:03:22 2005 From: nobody at spamcop.net (indigo) Date: Thu Dec 22 13:05:02 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: Canopus wrote: > indigo on 20/12/2005 wrote: > > >There's a way to permanently fix that, I'm not sure if you need > >MSCONFIG to do it or if it's something emedded in Windows > >already.....it's been so long since I've fixed it I don't remember > >how I did it, but if you googled it I'm > >sure it would pop up. > > It's not a part of msconfig and there's no options for it under Users. > Will try a Google tomorrow, never thought of that and there I've been > using Google Earth and Googlemail (hangs head in shame). Aha! It's in TweakUI, in the logon/autologon section. TweakUI is a free download with lots of neat goodies in it. From nobody at devnull.spamcop.net Thu Dec 22 22:25:19 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Thu Dec 22 22:25:20 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "User" wrote in message news:dobl0v$ufi$1@news.spamcop.net... > > I know very well that ISPs can use AV to filter them out, but my > > ISP won't do it saying it is too hard. And they won't use > > blocklists. > > Hmm, what's so difficult about installing ClamAV? And besides, it's > "self-maintaining". Excuses excuses. Like you said, changing ISP's is > the best course, if feasible of course (not the only game in town). Or lack of time to do all the transfer details! That's what held me up so far. Miss Betsy From nobody at devnull.spamcop.net Thu Dec 22 22:31:45 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Thu Dec 22 22:35:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Robert Blair" wrote in message news:TECQXhvKj0FX-pn2-jQXglMfg28tP@dsl-206-55-144-107.tstonramp.com... > On Thu, 22 Dec 2005 00:08:20 UTC, User wrote: > > > If an ISP gets it "wrong" and you don't receive the "wrong" mail then > > your ISP isn't worth a hoot !!!! > > You got that right! Although I think the customer should know what blocklists are being used, I would much prefer that my suspect emails be returned to sender with an explanation of why they were refused (i.e. scbl, spamhaus, SORBS, etc.) than to have them come to me to sort. IMHO, the cure for spam is to make the *senders* do the work. I know that the majority of email users have no clue about blocklists, but if they did, then only blocklists would be used. Miss Betsy From Unknown.User at Invalid.Domain Fri Dec 23 02:26:48 2005 From: Unknown.User at Invalid.Domain (Jan M. Nelken) Date: Fri Dec 23 02:30:03 2005 Subject: [SpamCop-Geeks] Free news (nntp) server? Message-ID: My ISP provider decided to drop Usenet groups suggesting that Yahoo.groups and/or Google groups is an alternative or Giganews (fee based). Is there a free news server I can use to read/post text only messages in newsgroups? I am using both Linux and Windows. Jan M. Nelken From ftabor at gmail.com Fri Dec 23 02:31:17 2005 From: ftabor at gmail.com (Frank Tabor) Date: Fri Dec 23 02:35:02 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: I see where, Jan M. Nelken managed to write: >My ISP provider decided to drop Usenet groups suggesting that Yahoo.groups >and/or Google groups is an alternative or Giganews (fee based). > >Is there a free news server I can use to read/post text only messages in newsgroups? > >I am using both Linux and Windows. > >Jan M. Nelken news.excelonline.com -- Frank Tabor From Unknown.User at Invalid.Domain Fri Dec 23 02:59:13 2005 From: Unknown.User at Invalid.Domain (Jan M. Nelken) Date: Fri Dec 23 03:00:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? In-Reply-To: References: Message-ID: Frank Tabor wrote: > news.excelonline.com It appears that authentication is required - news server refused access when I attempted to subscribe ... Jan Nelken From post.please.this.email.is.not.valid at example.com Fri Dec 23 06:24:19 2005 From: post.please.this.email.is.not.valid at example.com (DougW) Date: Fri Dec 23 07:25:12 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Jan M. Nelken did pass the time by typing: > Frank Tabor wrote: > >> news.excelonline.com > > It appears that authentication is required - news server refused access when I > attempted to subscribe ... Take a look at terranews.com Signup used to be free but now they charge a small amount $3.95 on your credit card for verification. The catch is your limited to 50M/day on the free account. (I have no experience with this provider) for searching what's out there check http://www.newzbot.com/ -- DougW From MikeE at ster.invalid Fri Dec 23 07:26:57 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 10:30:02 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Jan M. Nelken wrote: > Is there a free news server I can use to read/post text only messages > in newsgroups? The availability of free newsservers comes and goes - my favorite which I think is closed to registrations just now is news.readfreenews.net or RFN. free.teranews isn't exactly free, because it has a onetime registration fee of about $4. I also use aioe.org and x-privat.og A website that keeps up with that stuff is Sebastien Willemijn's http://vivil.free.fr/nntpeng.htm especially annex2 at the bottom. English isn't his first lanuage. Most newsservers are going to require registration, else they would be abused. Keeping down abuse is one of the reasons that some require payment of a small fee, because it is somewhat harder to be pure anonymous if you have to transfer money. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Fri Dec 23 07:36:36 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 10:40:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Jan M. Nelken wrote: > Is there a free news server I can use to read/post text only messages > in newsgroups? Also, if you are willing to pay a little bit, you are able to get 'better' news. For text only people, there are a couple of ways to go. Individual.net is an excellent text only news which used to be free but now costs 10 euros/y. That's not really a /great/ deal - but it is a very very good newsserver with filtering of spam and hipcrime. Until it became free with a funky payment system, that was my favorite text newsserver. A better deal economically would be to look around at some of the commercial NSPs news service providers who sell 'forever' gigs. That is, you don't pay for news by the month, you buy some gigs and they last however long they last. For people who only text, a few gigs lasts for years, and a few gigs only costs a few bucks. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Fri Dec 23 07:38:03 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 10:40:06 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Mike Easter wrote: > Until it became free with a funky payment system, that was my > favorite text newsserver. s/free/pay/ Until it became pay with a funky payment system... -- Mike Easter kibitzer, not SC admin From PossumTrot at dont.spam.me Fri Dec 23 08:04:41 2005 From: PossumTrot at dont.spam.me (Possum Trot) Date: Fri Dec 23 11:10:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: I do have experience with TERRANEWS.COM. I recently had to drop that server because it was regularly unreachable from both MSN, ATTGLOBAL.NET, as well as my office ISP. I assume that was because it was in the middle of the conflict 6 months or a year ago between the two backbone providers, one of whom broke its connection with the other. My current news server is FREENEWS.NETFRONT.NET. It has been completely reliable for the past three months. YMMV "DougW" wrote in message news:dogq9h$r84$1@news.spamcop.net... > Jan M. Nelken did pass the time by typing: >> Frank Tabor wrote: >> >>> news.excelonline.com >> >> It appears that authentication is required - news server refused access >> when I >> attempted to subscribe ... > > Take a look at terranews.com > Signup used to be free but now they charge a small amount $3.95 on > your credit card for verification. The catch is your limited to 50M/day > on the free account. (I have no experience with this provider) > > > for searching what's out there check http://www.newzbot.com/ > > -- > DougW > From nobody at nowhere.invalid Fri Dec 23 17:06:12 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Fri Dec 23 11:10:05 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: On Fri, 23 Dec 2005 07:26:57 -0800, Mike Easter coughed into spamcop.geeks and left this in : > I also use aioe.org and x-privat.og x-privat.org is rather heavily infested with trolls and k00ks. NANAE would be unreadable without killfiling stuff that comes through x-privat, plus.net and googlegroups - even then it's not always easy separating the wheat from the chaff. -- Steve Sign spotted in an office: AFTER TEA BREAK STAFF SHOULD EMPTY THE TEAPOT AND STAND UPSIDE DOWN ON THE DRAINING BOARD From jg at coks.net Fri Dec 23 08:36:15 2005 From: jg at coks.net (jg) Date: Fri Dec 23 11:35:02 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? In-Reply-To: References: Message-ID: On 12/22/2005 11:31 PM Frank Tabor scribbled: > I see where, Jan M. Nelken managed to write: > > >>My ISP provider decided to drop Usenet groups suggesting that Yahoo.groups >>and/or Google groups is an alternative or Giganews (fee based). >> >>Is there a free news server I can use to read/post text only messages in newsgroups? >> >>I am using both Linux and Windows. >> >>Jan M. Nelken > > > news.excelonline.com Frank Tabor - same one that used to contribute on the Netscape server ngs? Haven't seen the name in awhile... From nobody at spamcop.net Fri Dec 23 10:32:29 2005 From: nobody at spamcop.net (kram) Date: Fri Dec 23 13:35:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: In news:et9nq19ru37v66glpbpl53c57snlclihea@4ax.com, Frank Tabor opined: || I see where, Jan M. Nelken managed to write: ||| My ISP provider decided to drop Usenet groups suggesting that ||| Yahoo.groups ||| and/or Google groups is an alternative or Giganews (fee based). ||| ||| Is there a free news server I can use to read/post text only ||| messages in newsgroups? || || news.excelonline.com freenews.netfront.net -- kk == Calm down, it's only ones and zeroes. From ftabor at gmail.com Fri Dec 23 14:34:03 2005 From: ftabor at gmail.com (Frank Tabor) Date: Fri Dec 23 14:35:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: I see where, Jan M. Nelken managed to write: >Frank Tabor wrote: > >> news.excelonline.com > >It appears that authentication is required - news server refused access when I >attempted to subscribe ... > >Jan Nelken Recent addition, then. I used it last about a month ago. -- Frank Tabor From ftabor at gmail.com Fri Dec 23 14:34:44 2005 From: ftabor at gmail.com (Frank Tabor) Date: Fri Dec 23 14:35:08 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: I see where, jg managed to write: >On 12/22/2005 11:31 PM Frank Tabor scribbled: > >> I see where, Jan M. Nelken managed to write: >> >> >>>My ISP provider decided to drop Usenet groups suggesting that Yahoo.groups >>>and/or Google groups is an alternative or Giganews (fee based). >>> >>>Is there a free news server I can use to read/post text only messages in newsgroups? >>> >>>I am using both Linux and Windows. >>> >>>Jan M. Nelken >> >> >> news.excelonline.com >Frank Tabor - same one that used to contribute on the Netscape server ngs? >Haven't seen the name in awhile... That would be me. Yep. -- Frank Tabor From MikeE at ster.invalid Fri Dec 23 11:59:24 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 15:00:02 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Steven Maesslein wrote: > Mike Easter >> I also use aioe.org and x-privat.og > > x-privat.org is rather heavily infested with trolls and k00ks. You should be able to deal with that very easily. x-privat.org uses an X-Authenticated-User line in the headers which will be the same for a given x-privat.org account every time. As such, it is even better than the nntp posting host line line, which typically isn't present on very many free newsservers. Also, that Xline is *MUCH* better than the From which is easily forged. Altho' the xauthenticated isn't desirable for those who want anonymity it can be useful for filtering - depending on how many accounts the troll has for morphing. If you are interested in filtering and have an agent which can work on the headerlines, that is an excellent one for that particular newsserver. > NANAE > would be unreadable without killfiling stuff that comes through > x-privat, plus.net and googlegroups - even then it's not always easy > separating the wheat from the chaff. The business about killing off an entire 'population' - such as GG and some particular newsserver - isn't a particularly sophisticated filter. Seems like you would need a scoring system there. -- Mike Easter kibitzer, not SC admin From dfm2a3l0t2 at spymac.com Fri Dec 23 15:01:07 2005 From: dfm2a3l0t2 at spymac.com (D.F. Manno) Date: Fri Dec 23 15:05:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: In article , "DougW" wrote: > Take a look at terranews.com > Signup used to be free but now they charge a small amount $3.95 on > your credit card for verification. The catch is your limited to 50M/day > on the free account. (I have no experience with this provider) teranews has been FUBAR for the past few months, ever since they switched to some homebrew server software. Apparently some people can get it to work by sacrificing a virgin and uttering the right incantations, but I'm not one of them. -- D.F. Manno | dfm2a3l0t2@spymac.com Lying, spying, and troops dying. Impeach Bush. From MikeE at ster.invalid Fri Dec 23 12:12:51 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 15:15:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: D.F. Manno wrote: > "DougW" >> Take a look at terranews.com > teranews has been FUBAR for the past few months, ever since they > switched to some homebrew server software. The server s/w change fouled up my OE unless I configured for new messages instead of xxx messages, but I didn't want to do that for all of my newsservers, and OE doesn't allow one to make that configuration per newsserver. The xxx messages config is 'global' for all newsserver accounts -- so I dropped free.tera while it was in that condition because I didn't want to have to reconfigure just to use it. > Apparently some people can > get it to work by sacrificing a virgin and uttering the right > incantations, but I'm not one of them. It is better now. I can get xxx messages with OE again. But it is sometimes 'lagging' for some groups. I just checked 24hoursupport.helpdesk which isn't currently lagging. -- Mike Easter kibitzer, not SC admin From not at home.today Fri Dec 23 20:23:03 2005 From: not at home.today (Ant) Date: Fri Dec 23 15:25:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: "Steven Maesslein" wrote: > x-privat.org is rather heavily infested with trolls and k00ks. NANAE > would be unreadable without killfiling stuff that comes through > x-privat, plus.net and googlegroups - even then it's not always easy > separating the wheat from the chaff. Just because Brad uses x-privat and Moris uses Plusnet is no reason to tar everyone who uses those services with the same brush. I think it was once suggested that nanae-ites kill posts from my ISP because Moris happened to have a dialup account there. He could easily have a pay-as-you-go account from all the major UK ISPs and you'd end up seeing no posts from the UK. As for Google, some mail admins post from there primarily because they are not regular Usenet users. Also there is the problem as shown by the OP; i.e. it seems the unfortunate trend is that more ISPs are no longer providing a news (nntp) service, so people's first port of call is Google Groups. I use both aioe and x-privat to get to groups that my server doesn't carry, and to be able to see posts that for some reason are dropped from the feed. Aioe is free and anonymous, but is slow and often down. X-privat is now subscription, but occasionally gives out free invites. You can subscribe to x-privat.info without having to log on, in order to watch for the invitation code announcements. From MikeE at ster.invalid Fri Dec 23 12:47:07 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 15:50:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Mike Easter wrote: > Jan M. Nelken wrote: >> Is there a free news server I can use to read/post text only messages >> in newsgroups? > > Also, if you are willing to pay a little bit, you are able to get > 'better' news. > A better deal economically would be to look around at some of the > commercial NSPs news service providers who sell 'forever' gigs. That > is, you don't pay for news by the month, you buy some gigs and they > last however long they last. For people who only text, a few gigs > lasts for years, and a few gigs only costs a few bucks. An example of forever gigs is octanews, who sells 8 gigs for $8. For text only [and headers don't count and neither does posting] - 8 gigs would probably last for years. There are lower prices per gig for bigger blocks if one needed both text and binaries. Also, octanews is the provider for RFN - I should buy some octanews gigs to support Mike Horwath's servers which are a wonderful resource -- considering that he also provides free binaries with biggulp. There are cheaper blocks than that, but one also has to consider some of the other factors, such as reliability and retention. -- Mike Easter kibitzer, not SC admin From none at domain.invalid Fri Dec 23 15:29:41 2005 From: none at domain.invalid (Anonymous) Date: Fri Dec 23 18:30:05 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: "Mike Easter" wrote in message news:dohno7$aoo$1@news.spamcop.net... > An example of forever gigs is octanews, who sells 8 gigs for $8. For > text only [and headers don't count and neither does posting] - 8 gigs > would probably last for years. There are lower prices per gig for > bigger blocks if one needed both text and binaries. An example from real-life: I currently pull 10 newsgroups. I've been running for one day since I last rebooted (I messed up while programming, and blue-screened my machine, forcing a reboot). Hamster Playground shows that I've pulled approximately 28MB of data. So, for moderately active newsgroups, you can expect about 3MB per newsgroup per day, rounding up. From user at domain.invalid Fri Dec 23 17:54:42 2005 From: user at domain.invalid (User) Date: Fri Dec 23 18:55:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 22.12.2005 21:25, Miss Betsy wrote: --- Original Message --- > "User" wrote in message > news:dobl0v$ufi$1@news.spamcop.net... >> > I know very well that ISPs can use AV to filter them out, but > my >> > ISP won't do it saying it is too hard. And they won't use >> > blocklists. >> >> Hmm, what's so difficult about installing ClamAV? And besides, > it's >> "self-maintaining". Excuses excuses. Like you said, changing > ISP's is >> the best course, if feasible of course (not the only game in > town). > > Or lack of time to do all the transfer details! That's what held > me up so far. > > Miss Betsy > > Migrating user files is a piece of cake - time constraints noted. Migrating an entire server with over 100 domains and 18,000+ users is also a piece of cake (the size of Rhode Island) ... :-) From MikeE at ster.invalid Fri Dec 23 15:56:53 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 19:00:02 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Anonymous wrote: > "Mike Easter" >> An example of forever gigs is octanews, who sells 8 gigs for $8. For >> text only [and headers don't count and neither does posting] - 8 gigs >> would probably last for years. There are lower prices per gig for >> bigger blocks if one needed both text and binaries. > > An example from real-life: > I currently pull 10 newsgroups. I've been running for one day since I > last rebooted (I messed up while programming, and blue-screened my > machine, forcing a reboot). > > Hamster Playground shows that I've pulled approximately 28MB of data. > > So, for moderately active newsgroups, you can expect about 3MB per > newsgroup per day, rounding up. And, altho' I don't have any Hamster experience, people who use hamster may be downloading all the message bodies like a newsserver -- as opposed to the rest of us who are downloading only the message headers for our newsgroup perusing, and then only downloading the message bodies of the messages which we read. So your numbers if they are based on hamster acting like a newsserver may not accurately represent normal newsgroup text reading at all for purposes of guessing at how long it takes a 'normal' person to use a meg or a gig of text news for 'billing' purposes. That is, if you are counting your nickels and dimes for gig consumption for text reading, using hamster wouldn't be the economical way to do that -- altho' using hamster puts a whole different perspective on how you handle your news. For example, some people use hamster to do some serious news filtering since they can filter on the message body in addition to the headers.. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Fri Dec 23 16:14:03 2005 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 23 19:15:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: Mike Easter wrote: > Anonymous wrote: >> An example from real-life: >> I currently pull 10 newsgroups. I've been running for one day since I >> last rebooted (I messed up while programming, and blue-screened my >> machine, forcing a reboot). >> >> Hamster Playground shows that I've pulled approximately 28MB of data. >> >> So, for moderately active newsgroups, you can expect about 3MB per >> newsgroup per day, rounding up. > hamster may be downloading all the message bodies like a newsserver > -- as opposed to the rest of us who are downloading only the message > headers for our newsgroup perusing, and then only downloading the > message bodies of the messages which we read. Here's another realworld experience. The vast majority of my online time is text newsgrouping. I'm not sure of the distribution of that newsing between spamcop's newsserver and earthlink's newsserver and the occasional usage of other non-EL newsservers - but I would say that maybe two thirds or more of my newsing is done on EL's server. EL keeps track of my downloading for a rolling 30 period, because it uses a throttle to curtail excessive binary dl/ing by binary hogs -- that is, the binary hogs get throttled back to 64 kbytes/sec when they reach 5G/30d According to EL, my downloaded byte status is 5.6 megabytes/ the last 30 days or 0.11% of my 5G quota, so annualized that would be 67 megs/y. -- Mike Easter kibitzer, not SC admin From jg at coks.net Fri Dec 23 17:31:50 2005 From: jg at coks.net (jg) Date: Fri Dec 23 20:30:08 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? In-Reply-To: References: Message-ID: On 12/23/2005 11:34 AM Frank Tabor scribbled: > I see where, jg managed to write: > > >>On 12/22/2005 11:31 PM Frank Tabor scribbled: >> >> >>>I see where, Jan M. Nelken managed to write: >>> >>> >>> >>>>My ISP provider decided to drop Usenet groups suggesting that Yahoo.groups >>>>and/or Google groups is an alternative or Giganews (fee based). >>>> >>>>Is there a free news server I can use to read/post text only messages in newsgroups? >>>> >>>>I am using both Linux and Windows. >>>> >>>>Jan M. Nelken >>> >>> >>>news.excelonline.com >> >>Frank Tabor - same one that used to contribute on the Netscape server ngs? >>Haven't seen the name in awhile... > > > That would be me. Yep. Well, Merry Xmas - nice to see you around - been awhile since I've used NS, switched to FF & TB couple years back. I do remember you helped a lot in the old days... Sorry to the rest for the psl OT.... From nobody at nowhere.invalid Sat Dec 24 11:19:13 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Sat Dec 24 05:20:03 2005 Subject: [SpamCop-Geeks] Re: Free news (nntp) server? References: Message-ID: On Fri, 23 Dec 2005 11:59:24 -0800, Mike Easter coughed into spamcop.geeks and left this in : > The business about killing off an entire 'population' - such as GG and > some particular newsserver - isn't a particularly sophisticated filter. > > Seems like you would need a scoring system there. I have a scoring system. Postings through those services receive a score of -9999. Not because of ONE person using the service, but because the MAJORITY of its users infesting NANAE appear to be drooling morons. Note that the blanket block on those providers only applies to NANAE. They're not killfiled in other newsgroups. -- Steve Before you criticize someone, you should walk a mile in their shoes. That way, when you criticize them, you're a mile away and you have their shoes. From devnull at spamcop.net Sat Dec 24 09:05:35 2005 From: devnull at spamcop.net (Frog Prince) Date: Sat Dec 24 09:10:10 2005 Subject: [SpamCop-Geeks] Need recommendation for a Wifi access point. Message-ID: Neighbor lady (she does brownies right!!) just called and she wants me to pick up a wifi AP for her to give to her family (I'm to install this on the QT) as a Christmas present. As I'm going to be responsible for supporting this install (did I mention she's a great lady as well as great cook?) what should I recommend I get that would best fit her needs. Regards FP From MikeE at ster.invalid Sat Dec 24 08:34:58 2005 From: MikeE at ster.invalid (Mike Easter) Date: Sat Dec 24 11:35:04 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: Frog Prince wrote: > Neighbor lady (she does brownies right!!) just called and she wants > me to pick up a wifi AP for her to give to her family (I'm to install > this on the QT) as a Christmas present. I saw your post in 24hoursupport.helpdesk. Another couple of ng/s you might find helpful are alt.internet.wireless and comp.security.firewalls. You have to take the c.s.f group 'carefully' -- because there are some serious security experts in there. You might want to read some posts there before you jump in. -- Mike Easter kibitzer, not SC admin From borgholio at storymind.com Sat Dec 24 15:57:42 2005 From: borgholio at storymind.com (Borgholio) Date: Sat Dec 24 19:00:04 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. In-Reply-To: References: Message-ID: Frog Prince wrote: > Neighbor lady (she does brownies right!!) just called and she wants me to > pick up a wifi AP for her to give to her family (I'm to install this on the > QT) as a Christmas present. > > As I'm going to be responsible for supporting this install (did I mention > she's a great lady as well as great cook?) what should I recommend I get > that would best fit her needs. > > Regards > > FP > > I've used D-link for awhile and they've served me well. Linksys is also good. From nobody at spamcop.net Tue Dec 27 08:26:04 2005 From: nobody at spamcop.net (Ellen) Date: Tue Dec 27 08:30:41 2005 Subject: [SpamCop-Geeks] System is down Message-ID: Hi -- we have encountered a system problem and the system is down. I have paged operations. I do not have an ETA as to when the system will be back up again. We appreciate your patience. -- Ellen SpamCop From nobody at spamcop.net Tue Dec 27 09:14:49 2005 From: nobody at spamcop.net (Ellen) Date: Tue Dec 27 09:20:31 2005 Subject: [SpamCop-Geeks] System is back up was: Re: System is down References: Message-ID: Things should be back to normal now. Let me know if you see any problems. And as always, thanks for your patience. Ellen SpamCop From nobody at spamcop.net Tue Dec 27 10:21:47 2005 From: nobody at spamcop.net (indigo) Date: Tue Dec 27 10:25:03 2005 Subject: [SpamCop-Geeks] External HD problem Message-ID: Well, I managed to fix my Office 2000 problem over the weekend.....somehow while doing the OS "repair" to fix my internet access problem (which worked) my Office install got hosed and I couldn't reload it. After several hours of work yesterday I finally figured out the the Windows Installer had also been borked. I managed to download the Installer PDK, then was able to download the latest version of WI from mickeysoft (and of course the help pages were of no use in trying to figure out what the problem was). So except for my Canon digicam software being unable to recognize my camera (Windows finds it, but not the proggie), everything appears to be fully functional again, except for one thing......my external HD (firewire connection) keeps crashing. This was happening while I tried to back up files prior to the repair and is still happening. When I try copying directories from my C drive to the Ion Drive it copies several files, then the "on" LED light on the external drive goes out and I get multiple error messages about "copying failed and data was lost". The drive is still mounted, but DOA. Is the drive bad, or could something else be wrong? It almost looks like the buffer overflow problem you get when trying to burn a CD too fast....... From gregstigers+msnews at spamcop.net Tue Dec 27 11:27:10 2005 From: gregstigers+msnews at spamcop.net (G) Date: Tue Dec 27 11:30:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: > Typically a viral propagation to your server is engaging your server > 'direct to mx' -- that is directly from a user IP - which user IP is a > dynamic IP and is not a mail server - and typically that viral > propagation has some kind of bogus From or helo or mail from which does > not correspond to the SPF records. I don't know how typical my experience is, since we have less than one hundred users. I began tracking alerts five weeks ago. Most of the viral email I'm seeing have patterns; they are sent in batches to some fixed set of users, no surprise there. So, I can tell who most of the worst offenders are, and most of the 5,500 alerts have come from six senders, each of whom I have notified, and all but one of them have addressed their viruses. This morning, after a four-day weekend, I was greeted by 39 alerts, from maybe three or four offenders, so I have little complaints about the results I'm getting. There is one algx.net address that has eluded me so far, and I am not encouraged by http://www.algx.net. > The normal mail to your server would be coming from some legitimate > server which is not a dynamic IP and also has 'corresponding' IP and IP > rDNS and maybe an SPF which corresponds to the From, helo, or mailfrom. Since those who send us email typically send it from a business, the IP addresses appear not to be dynamic. Using the Outlook rule to find legitimate email from those address has pointed me in the right direction, except for the algx email. > Those viral propagating IPs also tend to quickly find themselves on > blocklists for hitting spamtraps such as spamcop's or others, in > addition to their dynamic listed status. And this makes sense to me for handling spam. And I look forward to doing more to better filter and to begin reporting spam in 2006. But infected senders are not quite the same as spammers, at least not in their remedy. I'm trying to not merely block or drop the viral email, or to enable other blocklist users to block them, but to get the user some help, so they quit propagating virused because they are no longer infected. And, I hope, they are somewhat less likely to become infected again, if only because a company administrator now knows he had an infected user, and takes positive steps to prevent it from happening again. Call me Pollyanna. > Rejecting mail during the transaction is not an unhealthy thing to be > doing - even with the occasional false positive - which is not at all > the same things as dropping it on the floor and losing it.. The distinction rejecting email and losing it is lost on me, but I'm still learning. I see my actions rather like reporting spam instead of "just hitting delete". I'm trying to stop the problem at another level, at the infected user. Greg Stigers From MikeE at ster.invalid Tue Dec 27 08:59:05 2005 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 27 12:00:15 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: G wrote: > Your quoting currently has 2 things wrong with it; it fails to attribute the source, in this case me, and it fails to put an empty line between what is being quoted and what is your reply. http://members.fortunecity.com/nnqweb/nquote.html Quoting Style in Newsgroup Postings > I'm trying to not merely block or drop the viral email, > or to enable other blocklist users to block them, but to get the user > some help, so they quit propagating virused because they are no > longer infected. I understand the concept, and I think the likelihood of your being successful is slim to almost none. Most of us can't derive an email address from an IP address of a source and we are 'dependent upon' the admin of the source provider to manage their IP's account appropriately. As a general rule, that doesn't happen. >> Rejecting mail during the transaction is not an unhealthy thing to be >> doing - even with the occasional false positive - which is not at all >> the same things as dropping it on the floor and losing it.. > The distinction rejecting email and losing it is lost on me, but I'm > still learning. Rejecting mail during the transaction with a blocklisted server causes that server to notify the usersender that the mail was rejected, so that the sender knows that the mail didn't go thru'. Accepting mail for delivery and then deleting or dev/null/ing it or causing it to go 'somewhere' where no one sees it until it is deleted is how mail gets 'dropped on the floor' or lost. There's a lot of difference. My provider's spamfilter accepts spams for delivery, then characterizes those items as spam, then puts those spams into the account's mailbox's spamfolder, and then deletes those spams sight unseen by the recipient, unless the recipient configures and behaves differently than the vast majority of recipients. I the recipient can optionally choose to have my provider not autodelete the spams and I the recipient can optionally choose to inspect the spam in that spamfolder for goodmail which would otherwise be lost. But digging thru' a spamfolder for goodmail is not my cup of tea, so I don't use my provider's spamfilter, but I use my own client side spamfilter which is much more sophisticated. > I see my actions rather like reporting spam instead > of "just hitting delete". I'm trying to stop the problem at another > level, at the infected user. You briefly, sparingly, described your system earlier of deriving the IP address and then correlating that IP address with the real email address of some sender, but it is hard for me to believe in that operation. I can't deny it is happening because I can't personally observe how you are allegedly doing that -- but I still remain unconvinced that you are. For all I know, you are using the From address for your determination. -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Tue Dec 27 15:58:39 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Tue Dec 27 16:00:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "G" wrote in message news:dorq11$ic5$1@news.spamcop.net... > > Rejecting mail during the transaction is not an unhealthy thing to be > > doing - even with the occasional false positive - which is not at all > > the same things as dropping it on the floor and losing it.. > The distinction rejecting email and losing it is lost on me, but I'm still > learning. I see my actions rather like reporting spam instead of "just > hitting delete". I'm trying to stop the problem at another level, at the > infected user. I am not a server admin so my explanation may be simplistic and not completely technically accurate. When a server 'rejects' email, it sends a 5** message so that the sending server gets it and makes it into a Non Deliverable Mail message so the end user knows that his email did not go through. Dropping mail means that it is deleted and nobody gets it. IIUC, you can't reject email from trojanned computers because they aren't 'real' email ports so it has to be dropped. Or like your viral lookups, can be traced and notified, if accepted. Somebody has to notify or there is no stopping them at all. Miss Betsy an almost new internet user From user at domain.invalid Tue Dec 27 15:38:32 2005 From: user at domain.invalid (User) Date: Tue Dec 27 16:40:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 27.12.2005 14:58, Miss Betsy wrote: --- Original Message --- > "G" wrote in message > news:dorq11$ic5$1@news.spamcop.net... > >> > Rejecting mail during the transaction is not an unhealthy thing > to be >> > doing - even with the occasional false positive - which is not > at all >> > the same things as dropping it on the floor and losing it.. >> The distinction rejecting email and losing it is lost on me, but > I'm still >> learning. I see my actions rather like reporting spam instead of > "just >> hitting delete". I'm trying to stop the problem at another level, > at the >> infected user. > > I am not a server admin so my explanation may be simplistic and not > completely technically accurate. When a server 'rejects' email, it > sends a 5** message so that the sending server gets it and makes it > into a Non Deliverable Mail message so the end user knows that his > email did not go through. Dropping mail means that it is deleted > and nobody gets it. > > IIUC, you can't reject email from trojanned computers because they > aren't 'real' email ports so it has to be dropped. Or like your > viral lookups, can be traced and notified, if accepted. > > Somebody has to notify or there is no stopping them at all. > > Miss Betsy > an almost new internet user > > > > > Every connection leaves an IP trail which, for the most part, can be traced right back to the source. Rejected mail is still logged although not rec'd by the recipient. In the old days, before firewalls became popular and ports 137-139 were wide open, we used to grab the IP from a "nasty-gram" and bust in to the perpetrator's computer and leave a nice little message right on their desktop. From gregstigers+msnews at spamcop.net Tue Dec 27 18:45:23 2005 From: gregstigers+msnews at spamcop.net (G) Date: Tue Dec 27 18:50:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Mike Easter" wrote: > I understand the concept, and I think the likelihood of your being > successful is slim to almost none. Most of us can't derive an email > address from an IP address of a source and we are 'dependent upon' the > admin of the source provider to manage their IP's account appropriately. > As a general rule, that doesn't happen. Maybe it's beginner's luck. It took two weeks after cleaning up from Sober for the idea to occur to me; it was not at all obvious to me. But our viral load is down, as I have described. > Rejecting mail during the transaction with a blocklisted server causes > that server to notify the usersender that the mail was rejected, so that > the sender knows that the mail didn't go thru'. Ah. I was only thinking in the context of viral email. Accepting my premise that the sender has sent email to our recipient, then eventually they might again, and that would then be blocked. I might do this for the algx.net address that I have yet to identify. I'm not going to do that for someone I've been able to identify and whose admin I have contacted. For now, I have that luxury, of living with the currently denatured viral email until the admin does something to stop it. I've only had one admin deny it was her user, and haven't had time to follow up with our user to see if she has more than one virus sender. Because as Miss Betsy put it, > Somebody has to notify or there is no stopping them at all. "Mike Easter" also wrote: > You briefly, sparingly, described your system earlier of deriving the IP > address and then correlating that IP address with the real email address > of some sender, but it is hard for me to believe in that operation. I > can't deny it is happening because I can't personally observe how you > are allegedly doing that -- but I still remain unconvinced that you are. > > For all I know, you are using the From address for your determination. You're right that I was brief, although I think I have been clear about my results. So, having the following in the header of a viral email: Microsoft Mail Internet Headers Version 2.0 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Received: from dirycdi.com ([67.154.122.226]) by mail.iworkhere.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 19 Dec 2005 20:48:36 -0500 From: To: Date: Tue, 20 Dec 2005 01:33:13 UTC Subject: Your_Password I know that dirycdi.com and webmaster@lfm-frp.com is forged, no more real than XFreeMail@iworkhere.com. But our email server logged the connection from 67.154.122.226. And, our recipients got this because someone who has them in his address book is infected. That infected someone probably has emailed our recipients. So, in Outlook, I create a rule for email containing 67.154.122.226 in its header. I have Outlook display a specific message in the New Item Alert window, for any such email. I finish with disabling the rule for now. I then manually run the rule against the user's email. More often than not, the New Item Alert window displays whatever viral email they have received from that address, and whatever legitimate email they have received. That legitimate email is my starting point for identifying the user and what company they are with. Ping -a and tracert may show additional information about who or where he is. Is that enough detail? If so, try it and see. And if this works as described, what is an admin's responsibility, having identified the virus sender? Greg Stigers From MikeE at ster.invalid Tue Dec 27 16:01:04 2005 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 27 19:05:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: G wrote: > Received: from dirycdi.com ([67.154.122.226]) by mail.iworkhere.com Source = 67.154.122.226 rDNS ip67-154-122-226.z122-154-67.customer.algx.net > But our email server logged the > connection from 67.154.122.226. Correct. > And, our recipients got this because > someone who has them in his address book is infected. That infected > someone probably has emailed our recipients. Not necessarily or even likely any more. In the old days, infected systems used addies scraped from the .wab, but nowadays modern viruses scrape from 'everywhere' - not only the addressbook, but everything on the infected's system which has an @ in it. For years I've been getting viruses from IPs which I'm convinced do not have my address in their addressbook. > So, in Outlook, I create a rule for email containing 67.154.122.226 > in its header. That is a reasonable plan, however, that definitely looks like a dynamic IP address, and we are left to wonder whether it is dynamically dynamic such as a dialup, or just dynamic such as a DSL, or statically dynamic such as a cable modem IP. My first guess is that it is a dialup, which makes it very dynamic. > I have Outlook display a specific message in the New > Item Alert window, for any such email. I finish with disabling the > rule for now. I then manually run the rule against the user's email. > More often than not, the New Item Alert window displays whatever > viral email they have received from that address, and whatever > legitimate email they have received. That legitimate email is my > starting point for identifying the user and what company they are > with. You are describing a/your theory. I am predicting that the most common result you will experience will be receiving more viral propagations from that IP and that you will not see legitimate mails. I am also predicting that in the unlikely event you see legitimate mails, that may likely be associated with another user using the same dialup IP rather than the viral propagator's address. > Ping -a and tracert may show additional information about who > or where he is. Is that enough detail? If so, try it and see. What do you think the ping and tracert are going to show you above and beyond what you already know, the IP? That is, what will it show you which is useful for your purpose of determining the email address of the infected propagator? > And if this works as described, what is an admin's responsibility, > having identified the virus sender? I'm saying the only one who is in the meaningful position of IDing the IP address account is the provider for the IP who has the logs of what account was using that IP in the time in question. If the admin should be so motivated to determine that. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Tue Dec 27 16:42:45 2005 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 27 19:45:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: Mike Easter wrote: > G wrote: >> Received: from dirycdi.com ([67.154.122.226]) by mail.iworkhere.com > > Source = 67.154.122.226 rDNS > ip67-154-122-226.z122-154-67.customer.algx.net >> Ping -a and tracert may show additional information about who >> or where he is. Is that enough detail? If you really wanted to check out the IP, you might look at just a few ports and see if there are some vulnerabilities there or something like a netbios, which is sometimes associated with an infected propagator, but you shouldn't be blatantly portscanning. I looked at one port 80 on it, and when it was open, I tried to see if there were a webserver there -- but instead I ran into a WatchGuard firewall. So I stopped immediately. I don't know what is going on with that IP, but this kind of little situation is one in which you don't want to be putting on your baby cracker suit and going out and trying to explore very much. -- Mike Easter kibitzer, not SC admin From jg at coks.net Tue Dec 27 20:55:52 2005 From: jg at coks.net (jg) Date: Tue Dec 27 23:55:04 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 12/27/2005 4:42 PM Mike Easter scribbled: > I don't know what is going on with that IP, but this kind of little > situation is one in which you don't want to be putting on your baby > cracker suit and going out and trying to explore very much. > > Sorry, baby cracker suit?? Is that cracker as in software lingo or cracker as in food? too much nog, the brain borke on that... From MikeE at ster.invalid Wed Dec 28 03:16:35 2005 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 28 06:20:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: jg wrote: > Mike Easter scribbled: >> I don't know what is going on with that IP, but this kind of little >> situation is one in which you don't want to be putting on your baby >> cracker suit and going out and trying to explore very much. > Sorry, baby cracker suit?? > > Is that cracker as in software lingo or cracker as in food? Cracker as in probing the IP looking for vulnerabilities, which was described in my preceding par. The netbios is such a vulnerability which gives you a peek into the other system, and it is so exploitable that the unnamed^1 pchelp guy made a little .bat file to get a netbios name table, perhaps the mac address, and maybe the resources shared by the machine. So, if you were using such a trace.bat file, you would be wearing your cracker suit, but you would just be a 'baby' cracker or wearing a baby cracker 'suit' -- worse than a script kiddie. Baby crackers and script kiddies are considered fair game to be eaten alive by advanced crackers. ^1 he is anonymous but with picture and general geographical area at his website^2, but elsewhere^3 I've heard his name is Keith Little ^2 http://www.pc-help.org/trace.htm PCHelp's Network Tracer ^3 http://www.saltmeadow.com/privacy/tr.html Find out who's at the other end of your line, with Network Tracer > too much nog, the brain borke on that... -- Mike Easter kibitzer, not SC admin From gregstigers+msnews at spamcop.net Wed Dec 28 11:04:33 2005 From: gregstigers+msnews at spamcop.net (G) Date: Wed Dec 28 11:05:04 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Mike Easter" wrote: > Not necessarily or even likely any more. In the old days, infected > systems used addies scraped from the .wab, but nowadays modern viruses > scrape from 'everywhere' - not only the addressbook, but everything on > the infected's system which has an @ in it. For years I've been getting > viruses from IPs which I'm convinced do not have my address in their > addressbook. And your preferred vendor's web site can tell what files an identified virus reads. In one case, the email I found was from a catalog request, two or three years ago. But ping and whois confirmed the company. I emailed them. We quit getting that set of viruses. Either it worked, or I'm so lucky that I should start buying lottery tickets. ;-) Last night's viral load was eleven, with two from a source identified and notified yesterday. > That is a reasonable plan, however, that definitely looks like a dynamic > IP address, and we are left to wonder whether it is dynamically dynamic > such as a dialup, or just dynamic such as a DSL, or statically dynamic > such as a cable modem IP. My first guess is that it is a dialup, which > makes it very dynamic. In your next post, you describe finding a firewall at that address. And I'm still getting the same set of email ostensibly from that address (I understand that some firewalls drop received lines). I'm less than qualified to have an opinion on this, but in my limited experience, so-called dynamic IP addresses are far less dynamic than we might think. I've already admitted that if it's a dialup user, I'm done. But we're a business, and most of our customers are businesses. I see more business DSL in those that I've chased down. > You are describing a/your theory. I am predicting that the most common > result you will experience will be receiving more viral propagations > from that IP and that you will not see legitimate mails. I am also > predicting that in the unlikely event you see legitimate mails, that may > likely be associated with another user using the same dialup IP rather > than the viral propagator's address. Let me stress that I'm not passively waiting to see if we get email from that IP address. I'm actively looking for email we already got from that IP address. I only wish our serverside tools would expose this information to me more readily, but I can't justify restoring logs from backups for this. Business using firewalls or NAT devices that report their own IP address actually make it easier for me to identify the company, and I can leave it to their admin to figure out whose infected. I readily admit that in two or three cases like the algx address, I've come up empty. But I've found an infected sender seven times now. Five of those have been business relationships, whose admins have handled their problem. Two have been personal relationships, and are unresolved today, but only coming to a single employee. > What do you think the ping and tracert are going to show you above and > beyond what you already know, the IP? That is, what will it show you > which is useful for your purpose of determining the email address of the > infected propagator? Ping gives me a domain name. In one case, ping returned the company name as part of the device name managed for them by a service provider. In a couple of cases, having the domain name confirmed that I had a less-than-dynamic IP address confirmed by finding that IP address in email from that domain. Tracert can narrow down geography. Before I came up with abusing Outlook rules, tracert identified the area well enough that one of the recipients new who we did business with in that part of the country. I wish I could include a better example. But, for instance, the antepenultimate hop for 67.154.122.226 is fe0-0.CLR2.Secaucus-NJ.us.xo.net [71.5.189.146]. Not as close as I would like to be, but since algx is an XO company with an address in Herndon, VA, I'll bet they are awfully close to one of those two areas. If I find an email from that IP address, I expect them to be on the East coast. I expect whois to show me that this is their IP address. And, when I contact their admin, I expect them to be an algx or XO customer. So far, only one company's Controller has denied the IP address being theirs, and that was the address that resolved to the device with their company name in it. >> And if this works as described, what is an admin's responsibility, >> having identified the virus sender? > > I'm saying the only one who is in the meaningful position of IDing the > IP address account is the provider for the IP who has the logs of what > account was using that IP in the time in question. If the admin should > be so motivated to determine that. So far, the IT admins I have contacted have been responsive, excepting the company's Controller above as something less than an admin. But I'm asking what I should do, at the point that I have viral email, legitimate email from the same address, which address is listed in whois for the originating domain and which resolves to a device on their network. > If you really wanted to check out the IP, you might look at just a few > ports and see if there are some vulnerabilities there or something like > a netbios, which is sometimes associated with an infected propagator, > but you shouldn't be blatantly portscanning. > > I looked at one port 80 on it, and when it was open, I tried to see if > there were a webserver there -- but instead I ran into a WatchGuard > firewall. So I stopped immediately. > > I don't know what is going on with that IP, but this kind of little > situation is one in which you don't want to be putting on your baby > cracker suit and going out and trying to explore very much. Not something I am in a hurry to try for fun, as it is both out of my league and beyond my mandate. It's kind of tempting to call WatchGuard support, and see if they want to contact their customer. I don't have much hope for the ISP helping. Suggestions are welcome, but beyond the intent of my post. I must say that I am surprised to find myself defending my ideas here. I've received a single, personal response encouraging me to do due diligence, reminiscent of the Boy Scout pledge. Perhaps I'm dense, or naive, or clever. But I don't see what I'm doing as that terribly different from trying to stop spam, in the sense of tracking down the offender. Of course, viruses are somewhat simpler in how they try to hide themselves; they don't ask to sign pink sheets with dishonorable ISPs. OTOH, the difference is my original question. I could wish Dantesque torments upon spammers. The infected, I want to help, if only out of motivated self-interest. Greg Stigers From MikeE at ster.invalid Wed Dec 28 09:42:21 2005 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 28 12:45:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: G wrote: > Let me stress that I'm not passively waiting to see if we get email > from that IP address. I'm actively looking for email we already got > from that IP address. Where 'we' means? That 'we already got' means that you have a 'copy' of the mail received in the past? I'm not completely clear on how this mail is administered? > I only wish our serverside tools would expose > this information to me more readily, but I can't justify restoring > logs from backups for this. Now I'm getting more confused about how you go about correlating a virus IP address with some email address. How can you find an old email with the IP in it? Who has copies of that old mail? You aren't talking about getting newmail with the IP which you said you used your 'New Item Alert window' in a previous post. I'm hearing the story two different ways and neither one of them makes sense to me yet. I understand how I as an end user who has a bunch of old mail might look back thru' my mail for an item I received in the past from someone. I'm not clear on how you do that as an admin. > Business using firewalls or NAT devices > that report their own IP address actually make it easier for me to > identify the company, and I can leave it to their admin to figure out > whose infected. If you have the IP address, you can see if it performs a rDNS and what that is. That's what this one did. The IPs which don't have an IP address belong to a netblock whose provider can be notified. In this case, the rDNS and the name of the netblock holder correlated, but weren't exactly the same. 67.154.122.226 rDNS ip67-154-122-226.z122-154-67.customer.algx.net whois -h whois.arin.net 67.154.122.226 OrgName: XO Communications NetRange: 67.152.0.0 - 67.155.255.255 abuse@xo.com also, the abuse.net contact for algx.net is abuse@xo.com but there is an algx abuse address ALGX Abuse Role Account (AARA-ARIN) abuse@algx.net > But I've found an infected sender > seven times now. What exactly do you mean by that? > Five of those have been business relationships, > whose admins have handled their problem. Then your result with those 5 has been exactly the 'standard' approach, which is to notify the provider for the IP address, not the email address you have tried to attach to the IP address. 'Anyone' can notify the provider for the IP address which is the 'normal' way of doing diligence with viral propagations. > Two have been personal > relationships, and are unresolved today, but only coming to a single > employee. I'm not clear on how you have correlated these two 'personal' relationships. Are you correlating an IP of a virus propagation with an email which preceded or followed that viral propagation? And, whichever of those before vs after it was, how did the IP 'relate' to the email address? You said you weren't accessing the logs -- so you would have to have accesss to the mail itself. How would you have access to old personal mail of an employee's? Or new for that matter. Do you know if the IP of these two examples was dynamic or not? >> What do you think the ping and tracert are going to show you above >> and beyond what you already know, the IP? That is, what will it >> show you which is useful for your purpose of determining the email >> address of the infected propagator? > > Ping gives me a domain name. Actually, the ping isn't what gives you the domain name. All the ping does is ping the IP address. The resolution of the IP doesn't actually come from the ping function itself, but from the nslookup function. A plain ol' ping 67.154.122.226 doesn't give an address. The address comes from ping -a 67.154.122.226 where -a is for resolve addresses to hostnames That is, you are using your ping command to get your resolver to resolve the IP. The same is true for the tracert function. -- Mike Easter kibitzer, not SC admin From jg at coks.net Wed Dec 28 10:07:02 2005 From: jg at coks.net (jg) Date: Wed Dec 28 13:05:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email In-Reply-To: References: Message-ID: On 12/28/2005 3:16 AM Mike Easter scribbled: >> >>Is that cracker as in software lingo or cracker as in food? > > > Cracker as in probing the IP looking for vulnerabilities, which was > described in my preceding par. The netbios is such a vulnerability > which gives you a peek into the other system, and it is so exploitable > that the unnamed^1 pchelp guy made a little .bat file to get a netbios > name table, perhaps the mac address, and maybe the resources shared by > the machine. Thats what I thought. I've looked into that .bat file a while ago, but it seems to be W98 only and looks to be over 3 yrs old. > > So, if you were using such a trace.bat file, you would be wearing your > cracker suit, but you would just be a 'baby' cracker or wearing a baby > cracker 'suit' -- worse than a script kiddie. Baby crackers and script > kiddies are considered fair game to be eaten alive by advanced crackers. > > ^1 he is anonymous but with picture and general geographical area at his > website^2, but elsewhere^3 I've heard his name is Keith Little > ^2 http://www.pc-help.org/trace.htm PCHelp's Network Tracer > ^3 http://www.saltmeadow.com/privacy/tr.html Find out who's at the other > end of your line, with Network Tracer > Thanks for that little tour - the PC Help guy seems to have seen better days. Bit fiesty I'd say... From gregstigers+msnews at spamcop.net Wed Dec 28 16:26:22 2005 From: gregstigers+msnews at spamcop.net (G) Date: Wed Dec 28 16:30:04 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Mike Easter" wrote in message news:douipj$8sg$1@news.spamcop.net... >G wrote: > >> Let me stress that I'm not passively waiting to see if we get email >> from that IP address. I'm actively looking for email we already got >> from that IP address. > > Where 'we' means? That 'we already got' means that you have a 'copy' of > the mail received in the past? I'm not completely clear on how this > mail is administered? By "we", I mean the set or subset of individuals receiving viral email. As the email header I posted indicates, we have an Exchange server, on which our email resides. > Now I'm getting more confused about how you go about correlating a virus > IP address with some email address. How can you find an old email with > the IP in it? Who has copies of that old mail? You aren't talking > about getting newmail with the IP which you said you used your 'New Item > Alert window' in a previous post. I'm hearing the story two different > ways and neither one of them makes sense to me yet. > > I understand how I as an end user who has a bunch of old mail might look > back thru' my mail for an item I received in the past from someone. I'm > not clear on how you do that as an admin. I get administrative alerts that email have been handled by our email AV. Thus I know who the set of users are. As often as not, a user reports getting the viral email, and asks me about it, so I go to them. In a couple of cases, the number of alerts has caught my attention, and I went to an available user. In either case, on the user's PC, I get the IP address from the email header, and configure a rule to alert on email with that IP address in its header. I run the rule against existing email, as described. I wish I were sure of a better way to do this at the server. We were only keeping Exchange message logs for a few days, so any logged IP address will definitely include viral email. I see that MS provides a log parser, which I could use to roll my own solution. I'm surprised that noone in microsoft.public.exchange.admin pointed me in that direction. > If you have the IP address, you can see if it performs a rDNS and what > that is. That's what this one did. The IPs which don't have an IP > address belong to a netblock whose provider can be notified. In this > case, the rDNS and the name of the netblock holder correlated, but > weren't exactly the same. I don't see what this gets me, that I don't already have. >> But I've found an infected sender >> seven times now. > > What exactly do you mean by that? Using what I have described, I have, to my satisfaction, been able to contact someone about an infected system sending our users viral email. That is, I have found legitimate email from the same IP address as the viral email. The hostname that ping -a returns matches the domain or business name of the sender in the email, and whois of the domain lists the address block or individual IP address as registered to the business operating registering that domain. In five of those seven cases, the viral email stops within a day. >> Five of those have been business relationships, >> whose admins have handled their problem. > > Then your result with those 5 has been exactly the 'standard' approach, > which is to notify the provider for the IP address, not the email > address you have tried to attach to the IP address. 'Anyone' can notify > the provider for the IP address which is the 'normal' way of doing > diligence with viral propagations. When you write "provider", I think in terms of an ISP, not a business's system administrator(s). I'm notifying the system administrators or the next best thing, in the case of the controller I notified. You write that "'Anyone' can notify the provider". But before anyone can do what I am doing, he has to identify the business. As for notifying the ISP, most of the posts describing experience doing so are unenthusiastic about its effectiveness. And I am less than enthusiastic about notifying the infected sender. The admins I have spoken with have been courteous, and apparently found and addressed their infected user by some means. I'm not sure that an enduser reporting an email claiming that he is infected is going to get quite the same attention, nor have the ability to communicate the evidence. I've had my share of users report NDRs and auto-notification from email AV software (can't those vendors do better than that?). >> Two have been personal >> relationships, and are unresolved today, but only coming to a single >> employee. > > I'm not clear on how you have correlated these two 'personal' > relationships. Are you correlating an IP of a virus propagation with an > email which preceded or followed that viral propagation? And, whichever > of those before vs after it was, how did the IP 'relate' to the email > address? You said you weren't accessing the logs -- so you would have > to have accesss to the mail itself. How would you have access to old > personal mail of an employee's? Or new for that matter. Do you know if > the IP of these two examples was dynamic or not? I've explained what I have seen for IP addresses and how little they change, and really only would be repeating that explanation. I think I'm repeating myself quite a bit. I explained above how I access email. As for the relationships being personal, the users told me. When ping -a showed me the host name that included a business name in the managed device, I asked the user who she knew at that business. I was told to let our user handle those. Greg Stigers From nobody at devnull.spamcop.net Thu Dec 29 06:59:46 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Thu Dec 29 07:00:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "User" wrote in message news:dosc8i$vqb$1@news.spamcop.net... > Every connection leaves an IP trail which, for the most part, can be > traced right back to the source. Rejected mail is still logged although > not rec'd by the recipient. I thought the 'actual' sender can't be found, just the IP address he used to send email (unless, of course, it is a static IP assigned to a particular person). And of course, if s/he is still online at the time you are looking, perhaps you could find the actual computer. Well, that's nice to know that rejections are logged. That means that one doesn't have to accept it to trace it. > > In the old days, before firewalls became popular and ports 137-139 were > wide open, we used to grab the IP from a "nasty-gram" and bust in to the > perpetrator's computer and leave a nice little message right on their > desktop. Ah, the 'good old days' :) when the color of your hat meant something! Miss Betsy From nobody at devnull.spamcop.net Thu Dec 29 07:29:31 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Thu Dec 29 07:30:02 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "G" wrote in message news:douvu1$fr4$1@news.spamcop.net... > Using what I have described, I have, to my satisfaction, been able to > contact someone about an infected system sending our users viral email. That > is, I have found legitimate email from the same IP address as the viral > email. The hostname that ping -a returns matches the domain or business name > of the sender in the email, and whois of the domain lists the address block > or individual IP address as registered to the business operating registering > that domain. In five of those seven cases, the viral email stops within a > day. > > >> Five of those have been business relationships, > >> whose admins have handled their problem. > > > > Then your result with those 5 has been exactly the 'standard' approach, > > which is to notify the provider for the IP address, not the email > > address you have tried to attach to the IP address. 'Anyone' can notify > > the provider for the IP address which is the 'normal' way of doing > > diligence with viral propagations. > > When you write "provider", I think in terms of an ISP, not a business's > system administrator(s). I'm notifying the system administrators or the next > best thing, in the case of the controller I notified. You write that > "'Anyone' can notify the provider". But before anyone can do what I am > doing, he has to identify the business. As for notifying the ISP, most of > the posts describing experience doing so are unenthusiastic about its > effectiveness. And I am less than enthusiastic about notifying the infected > sender. The admins I have spoken with have been courteous, and apparently > found and addressed their infected user by some means. I'm not sure that an > enduser reporting an email claiming that he is infected is going to get > quite the same attention, nor have the ability to communicate the evidence. > I've had my share of users report NDRs and auto-notification from email AV > software (can't those vendors do better than that?). > > >> Two have been personal > >> relationships, and are unresolved today, but only coming to a single > >> employee. > > > > I'm not clear on how you have correlated these two 'personal' > > relationships. Are you correlating an IP of a virus propagation with an > > email which preceded or followed that viral propagation? And, whichever > > of those before vs after it was, how did the IP 'relate' to the email > > address? You said you weren't accessing the logs -- so you would have > > to have accesss to the mail itself. How would you have access to old > > personal mail of an employee's? Or new for that matter. Do you know if > > the IP of these two examples was dynamic or not? I am confused also since I regularly notify ISPs (and sometimes also the contacts on whois for businesses or organizations) about viruses just from reading the headers. However, I don't have much luck in matching IP addresses with correspondents. I have twice known someone in the organization that I contacted when nothing happened using the normal abuse or admin contacts. One told me that it was a computer that was not being used any longer that someone had turned on and not turned off again. Another did not have any connection whatsoever with the IP address (it was a large governmental agency), but the viruses did stop when he contacted his IT department. He said that his section had outgoing AV scans, etc. At the moment I am being bombarded with Sober from Verizon IPs (up to 5 different ones now), but not one of them is even remotely connected with the two correspondents who use verizon. Of course, some people who use their own website might use verizon servers. And once at work, I did find a suspicious email that was using an IP address of a company that we do associate with on a business basis. So, is that what you are saying? Because you can search more easily than I can (in your logs), you can find a correspondent who uses the same IP address as the virus and then you contact the server admin of that company. Or, in the case of personal use, you leave it to the end user to contact their correspondent to contact the correspondent's IT department or ISP. I don't imagine that business email is forwarded to many people. I have a feeling that my email may be forwarded to many others so that my email address is in the computers of people I don't have any knowledge of which is why it seems confusing to me. Miss Betsy an almost new internet user From gregstigers+msnews at spamcop.net Thu Dec 29 10:00:02 2005 From: gregstigers+msnews at spamcop.net (G) Date: Thu Dec 29 10:05:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "Miss Betsy" wrote in message news:dp0koc$dl3$1@news.spamcop.net... > However, I don't have much luck in matching IP addresses with > correspondents. > At the moment I am being bombarded with Sober from Verizon IPs (up > to 5 different ones now), but not one of them is even remotely > connected with the two correspondents who use verizon. Of course, > some people who use their own website might use verizon servers. Are you using Outlook? If so, follow the steps I have previously described: 1. Get the originating IP addresses from the viral email headers. 2. Create a new rule in Outlook to: a) look for messages with those IP addresses as specific words in their headers. b) Set the action to "display New Item alert". 3. Do not turn on the rule, but run the rule now against the highest level folder containing inbound email, typically either your Inbox or the mailbox root. You should get a New Item alert dialog listing all email with those IP addresses in their headers. This will include the viral email, although, depending on the virus and your configuration, you can alter the rule to exclude these. This will also include any regular email from that IP address. With the exception of dialup, this is probably the infected user, or another user at the same company, or a NATing device that "specially" handles SMTP traffic. You can confirm some of the details of this by whois for IP and for domain name, and by pinging, and tracerouting the IP addresses. If you think you have a match, use the info in whois to contact the admin. Or, if this is a company that you do business with, call. If this is a friend or relative, contact him or her directly. Businesses may have only a device at that IP address which lists as belonging to an IP block managed their connection provider. But whois for their domain will list exactly that IP address as assigned to their domain. Feel free to reply to me by email if I can provide further clarification. Greg Stigers From nobody at nowhere.invalid Thu Dec 29 23:15:39 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Thu Dec 29 17:20:02 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: On Tue, 27 Dec 2005 10:21:47 -0500, indigo coughed into spamcop.geeks and left this in : > The drive is still mounted, but DOA. Is the drive bad, or could > something else be wrong? It almost looks like the buffer overflow > problem you get when trying to burn a CD too fast....... It could be either the HD or the interface between it and the FW line. If the disk inside the box is a standard PATA drive you could try installing it in the machine and see what gives. -- Steve Some marriages are made in heaven, but they all have to be maintained on earth... From redford_stone at INVERSE_OF_COLDmail.com Fri Dec 30 04:38:10 2005 From: redford_stone at INVERSE_OF_COLDmail.com (Redstone) Date: Thu Dec 29 23:40:03 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: Steven Maesslein wrote in news:slrndr8o0b.cpb.nobody@127.0.0.1: > On Tue, 27 Dec 2005 10:21:47 -0500, indigo coughed into spamcop.geeks > and left this in : > >> The drive is still mounted, but DOA. Is the drive bad, or could >> something else be wrong? It almost looks like the buffer overflow >> problem you get when trying to burn a CD too fast....... > > It could be either the HD or the interface between it and the FW line. > > If the disk inside the box is a standard PATA drive you could try > installing it in the machine and see what gives. > But if the external drive was working before Windows tanked, I'd be hard pressed to say it is a hardware problem. My thinking is likely to be software related. He may want to try and shut off any performance enhancing preferences first like the write caching feature Winslows has for hard disks. From porpoise1954 at yahoo.co.uk Fri Dec 30 11:43:05 2005 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 30 06:50:03 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: "Redstone" wrote in message news:Xns973BD1F05E7ADtinlc@216.154.195.61... > Steven Maesslein wrote in > news:slrndr8o0b.cpb.nobody@127.0.0.1: > >> On Tue, 27 Dec 2005 10:21:47 -0500, indigo coughed into spamcop.geeks >> and left this in : >> >>> The drive is still mounted, but DOA. Is the drive bad, or could >>> something else be wrong? It almost looks like the buffer overflow >>> problem you get when trying to burn a CD too fast....... >> >> It could be either the HD or the interface between it and the FW line. >> >> If the disk inside the box is a standard PATA drive you could try >> installing it in the machine and see what gives. >> > > > But if the external drive was working before Windows tanked, I'd be hard > pressed to say it is a hardware problem. My thinking is likely to be > software related. Could be corrupted MFT caused by the crash!?! > > He may want to try and shut off any performance enhancing preferences > first like the write caching feature Winslows has for hard disks. > Yeah. That delayed write business can really screw an MFT if the machine crashes halfway through a delayed write. From porpoise1954 at yahoo.co.uk Fri Dec 30 13:55:52 2005 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 30 09:00:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: "Frog Prince" wrote in message news:dojkjr$fcm$1@news.spamcop.net... > Neighbor lady (she does brownies right!!) just called and she wants me to > pick up a wifi AP for her to give to her family (I'm to install this on > the > QT) as a Christmas present. > > As I'm going to be responsible for supporting this install (did I mention > she's a great lady as well as great cook?) what should I recommend I get > that would best fit her needs. I don't know what your budget is, or what's available where you are, but the current 'A' listed wireless router in "PC Pro" magazine, is the Belkin Wireless Pre-N: http://catalog.belkin.com/IWCatProductPage.process?Product_Id=184316 I've generally found Belkin products to be first class - along with D-Link (as suggested by someone else) From porpoise1954 at yahoo.co.uk Fri Dec 30 14:17:54 2005 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 30 09:20:03 2005 Subject: [SpamCop-Geeks] Re: Maxtor Drive References: Message-ID: "dwåcôn" wrote in message news:do22pn$qa7$1@news.spamcop.net... > After my Windows Server 2003 box started exhibiting strange lock-ups... > and I determined there were no viruses or spyware... I discovered the > Maxtor 5000LE 80GB external USB drive seemed to be the culprit. > .........................SNIPPED > Wonder if there are any suggestions. I consulted a few local computer > shops but the employees there barely know how to work the cash register, > much less provide repair for equipment (especially if it wasn't purchased > at their store). I might consider sending it somewhere, but given some of > my data is sensitive, that would be only an act of desperation. > > Anyway... any ideas on how to fix this would be greatly appreciated. > Thanks! There are several possibilities as to what the problem is/was created by, and various ways of recovering the data accordingly. It all depends on the nature of the problem and one's level of expertise. It can range from simply booting from a Linux DVD and copying the files from one drive to another, to recovering raw data off the drive at binary level. (Having done it myself, I can understand why data-recovery companies charge so much!) Basically, if the disk still spins (i.e. not broken mechanically) then the dat is recoverable - how easily, depends on the severity and nature of the problem. If you have a backup copy of the MFT, you may be able to recover by restoring the MFT from that (if the problem is a corrupted MFT). Booting from a Linux DVD (such as knoppix) may enable you to copy the data from the troubled disk to another disc/partition. If it's really stuffed, the only answer may be recovery at binary level using suitable specialist software (such as Winhex - http://www.x-ways.net ). Without having physical access to the drive, it's very difficult to advise what the problem/solution is. From nobody at nowhere.invalid Fri Dec 30 15:28:03 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Fri Dec 30 09:30:02 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: On Fri, 30 Dec 2005 13:55:52 -0000, Porpoise coughed into spamcop.geeks and left this in : > I've generally found Belkin products to be first class - along with D-Link > (as suggested by someone else) I'd never buy Belkin on principle: http://groups.google.com/group/news.admin.net-abuse.email/browse_frm/thread/6c5036983a38c83a/a2f1f0993da51df6#a2f1f0993da51df6 For the wrap-challenged: http://tinyurl.com/8rfyg -- Steve Your fault: core dumped From porpoise1954 at yahoo.co.uk Fri Dec 30 15:00:38 2005 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 30 10:05:02 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: "Steven Maesslein" wrote in message news:slrndragvj.47p.nobody@127.0.0.1... > On Fri, 30 Dec 2005 13:55:52 -0000, Porpoise coughed into spamcop.geeks > and left this in : > >> I've generally found Belkin products to be first class - along with >> D-Link >> (as suggested by someone else) > > I'd never buy Belkin on principle: > > http://groups.google.com/group/news.admin.net-abuse.email/browse_frm/thread/6c5036983a38c83a/a2f1f0993da51df6#a2f1f0993da51df6 > > For the wrap-challenged: http://tinyurl.com/8rfyg Well, they do mention the free 6 month subscription for parental control - but I do take your point. You can make some comparisons with other routers here: http://www.pcpro.co.uk/labs/75093/belkin-wireless-pren.html From nobody at spamcop.net Fri Dec 30 10:05:57 2005 From: nobody at spamcop.net (indigo) Date: Fri Dec 30 10:10:04 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: Steven Maesslein wrote: > On Tue, 27 Dec 2005 10:21:47 -0500, indigo coughed into spamcop.geeks > and left this in : > > > The drive is still mounted, but DOA. Is the drive bad, or could > > something else be wrong? It almost looks like the buffer overflow > > problem you get when trying to burn a CD too fast....... > > It could be either the HD or the interface between it and the FW line. > Is that something that could have been hosed along with my OS? The firewire card, I mean? > If the disk inside the box is a standard PATA drive you could try > installing it in the machine and see what gives. Not ready to got there yet...don't really know what's inside the enclosure. From nobody at spamcop.net Fri Dec 30 10:06:48 2005 From: nobody at spamcop.net (indigo) Date: Fri Dec 30 10:10:08 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: Redstone wrote: > > He may want to try and shut off any performance enhancing preferences > first like the write caching feature Winslows has for hard disks. Red, you're a genius! That's the error message I'm getting! Now how do I fix it, bright boy? ;-) From user at domain.invalid Fri Dec 30 09:21:04 2005 From: user at domain.invalid (User) Date: Fri Dec 30 10:20:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. In-Reply-To: References: Message-ID: On 30.12.2005 09:00, Porpoise wrote: --- Original Message --- > "Steven Maesslein" wrote in message > news:slrndragvj.47p.nobody@127.0.0.1... >> On Fri, 30 Dec 2005 13:55:52 -0000, Porpoise coughed into spamcop.geeks >> and left this in : >> >>> I've generally found Belkin products to be first class - along with >>> D-Link >>> (as suggested by someone else) >> >> I'd never buy Belkin on principle: >> >> http://groups.google.com/group/news.admin.net-abuse.email/browse_frm/thread/6c5036983a38c83a/a2f1f0993da51df6#a2f1f0993da51df6 >> >> For the wrap-challenged: http://tinyurl.com/8rfyg > > > Well, they do mention the free 6 month subscription for parental control - > but I do take your point. You can make some comparisons with other routers > here: > > http://www.pcpro.co.uk/labs/75093/belkin-wireless-pren.html > > FWIW, I use the Linksys plugged into my CICSCO router. With my two kids and their spouses joining us for several days during the holidays and ALL of 'em have wireless laptops .. well, you get the picture - little radio waves all over the steenkin place from one end to the other. What really makes a difference in this scenario is the range-extender antennas on the WAP. Now, I can send the lot of 'em out on the patio with nary a dropped packet ... :-) From user at domain.invalid Fri Dec 30 09:32:36 2005 From: user at domain.invalid (User) Date: Fri Dec 30 10:30:03 2005 Subject: [SpamCop-Geeks] Stock Report Spam ??!! Message-ID: Anybody got a handle on all of these stock reports infiltrating every nook and cranny ??!! sheesh ! Guess I should post this in the relevant spam group .. But my main question centers around is if anybody knows if this spam violates any sort of SEC (Securities and Exchange Commission) regulation(s). SpamAssassin catches 'em all, thank goodness for that. From nobody at spamcop.net Fri Dec 30 10:35:48 2005 From: nobody at spamcop.net (Ellen) Date: Fri Dec 30 10:50:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: "User" wrote in message news:dp3j2k$26p$1@news.spamcop.net... > On 30.12.2005 09:00, Porpoise wrote: > > FWIW, I use the Linksys plugged into my CICSCO router. With my two kids > and their spouses joining us for several days during the holidays and > ALL of 'em have wireless laptops .. well, you get the picture - little > radio waves all over the steenkin place from one end to the other. What > really makes a difference in this scenario is the range-extender > antennas on the WAP. Now, I can send the lot of 'em out on the patio > with nary a dropped packet ... :-) randomly tacking on to the thread and taking it OT .... we just had someone write and say that the spam coming from their system was a result of some hacker using the "mail logs to the admin" feature of their linksys ... this make sense to anyone? I don't have a linksys and my dlink isn't inclined to mail anything to anyone as far as I can see :-) Ellen From bar_n0ne at hotmail.com Fri Dec 30 20:07:14 2005 From: bar_n0ne at hotmail.com (Berny) Date: Fri Dec 30 11:10:04 2005 Subject: [SpamCop-Geeks] Re: Stock Report Spam ??!! References: Message-ID: "User" wrote in message news:dp3jo5$2h4$1@news.spamcop.net... SNIP > But my main question centers around is if anybody knows if this spam > violates any sort of SEC (Securities and Exchange Commission) regulation(s). Generally they crap that is pumped would, Pump and Dump is illegal, If the spam is sourced by the actual investors/insiders, then It is at least unethical and under many circumstances also illegal, and also if there is incomplete disclosure or any dishonesty in the promo it is also. > SpamAssassin catches 'em all, thank goodness for that. Lucky you From bcs1 at spamcop.net Fri Dec 30 11:31:41 2005 From: bcs1 at spamcop.net (Bcs1) Date: Fri Dec 30 11:25:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: "Kenneth Loafman" wrote in message news:vntgq1d01qkua4kl62b7q9c4f83703q2mp@4ax.com... > On Tue, 20 Dec 2005 12:15:32 -0500, "Joe Gill" > wrote: >> >>I guess I have a whole different 'take' on the logon screen, and maybe I >>am >>living with a 'false sense of security'... >>I have, passwords turned on, use 'strong' password, and a timeout >>interval. >>In addition, 'guest' is disabled. >>My 'theory', is that if someone can 'hack' to my PC, then they have to >>crack >>to password.... >>Also if the PC is stolen .. .same security.. > > If I've physically got your computer, I've got your data *unless* said > data is encrypted with strong encryption and Windows has left no clues in > the registry, etc. All you've done is slow me down the length of time it > takes for me to go to the web and get a Windows password cracker. Last > time I looked, there were a bunch. > > You might slow me down some more with a BIOS password, but that's not more > than 10 minutes to clear at the most. > > The only secure data is inside a vault with no electrical connections, but > its kind of useless, except for the warm fuzzy of feeling secure. > Agreed, I have a single floppy disk here that I can use on a machine by booting to the windows XP/2k cd and hitting f6 to install a 3rd party driver, when prompted I put the floppy disk in, hit enter, and a few mins later I'm prompted to change the password of which ever user I choose ( usually administrator...LOL) then the system reboots, I login as administrator with the new password I just set, and .. well... you know the rest..... :) Bill From jg at coks.net Fri Dec 30 08:42:15 2005 From: jg at coks.net (jg) Date: Fri Dec 30 11:40:04 2005 Subject: [SpamCop-Geeks] Re: Stock Report Spam ??!! In-Reply-To: References: Message-ID: On 12/30/2005 8:07 AM Berny scribbled: > "User" wrote in message > news:dp3jo5$2h4$1@news.spamcop.net... > SNIP > >>But my main question centers around is if anybody knows if this spam >>violates any sort of SEC (Securities and Exchange Commission) > > regulation(s). > > Generally they crap that is pumped would, Pump and Dump is illegal, If the > spam is sourced by the actual investors/insiders, then It is at least > unethical and under many circumstances also illegal, and also if there is > incomplete disclosure or any dishonesty in the promo it is also. > Incomplete disclosure and dishonesty is present in every one - prosecuting it downright impossible, however, and the SEC has its hands full working the /normal/ busines world... > >>SpamAssassin catches 'em all, thank goodness for that. > > > Lucky you > > From bcs1 at spamcop.net Fri Dec 30 12:22:13 2005 From: bcs1 at spamcop.net (Bcs1) Date: Fri Dec 30 12:15:04 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: "Canopus" wrote in message news:docral$ksq$1@news.spamcop.net... > indigo on 20/12/2005 wrote: > >>There's a way to permanently fix that, I'm not sure if you need MSCONFIG >>to >>do it or if it's something emedded in Windows already.....it's been so >>long >>since I've fixed it I don't remember how I did it, but if you googled it >>I'm >>sure it would pop up. > > It's not a part of msconfig and there's no options for it under Users. > Will try a Google tomorrow, never thought of that and there I've been > using Google Earth and Googlemail (hangs head in shame). > on XP there's an option to change the way users log on/off and in 2k there's an option to automatically log a particular user in for XP You can configure Windows XP to automate the logon process if your computer is not part of a domain. 1. Click Start, click Run, and type control userpasswords2. 2. Clear the Users must enter a username and password to use this computer check box. 3. Click Apply. 4. Enter the user name and password you wish to automatically log on with, and then click OK. 5. Click OK again and you're all done. This feature allows other users to start your computer and use the account that you establish to automatically log on. Enabling auto logon makes your computer more convenient to use, but can pose a security risk. hope that helps Bill From bcs1 at spamcop.net Fri Dec 30 12:22:58 2005 From: bcs1 at spamcop.net (Bcs1) Date: Fri Dec 30 12:15:10 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: "Canopus" wrote in message news:doe5af$cvu$1@news.spamcop.net... > Mr K. Mean on 22/12/2005 wrote: > >>Canopus wrote: >>>indigo on 20/12/2005 wrote: >>> >>>>There's a way to permanently fix that, I'm not sure if you need >>>>MSCONFIG to >>>>do it or if it's something emedded in Windows already.....it's been so >>>>long >>>>since I've fixed it I don't remember how I did it, but if you googled >>>>it I'm >>>>sure it would pop up. >>> >>>It's not a part of msconfig and there's no options for it under Users. >>>Will try a Google tomorrow, never thought of that and there I've been >>>using Google Earth and Googlemail (hangs head in shame). >> >>Does TweakUI fix it? > > Possibly, but, I've just found out how it comes about and how to fix it > the official way. As I suspected you loose auto log on when Net Framework > is installed. There is a registry hack to fix it, but, there is an easier > way: > > Start > Run then type in "control userpasswords2" without the quote marks. > Select account you want to auto log on, un-check "User must enter a user > name and password to use this computer", click Apply, another screen pops > up to enter Password and confirm it (leave all blank for no password), > click Apply, exit and re-boot. Now no Log On screen appears 8¬) > ahh beat me to it LOL Bill From nobody at nowhere.not Fri Dec 30 18:49:10 2005 From: nobody at nowhere.not (Robert Blair) Date: Fri Dec 30 13:50:02 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: On Fri, 30 Dec 2005 15:35:48 UTC, "Ellen" wrote: > randomly tacking on to the thread and taking it OT .... we just had someone > write and say that the spam coming from their system was a result of some > hacker using the "mail logs to the admin" feature of their linksys ... this > make sense to anyone? I don't have a linksys and my dlink isn't inclined to > mail anything to anyone as far as I can see :-) My linksys will not send an email but it will send the log to an IP (that I configure) and port (I think it is port 514 which I can not configure) so that the log can be archived. -- Robert Blair From nobody at devnull.spamcop.net Fri Dec 30 13:57:50 2005 From: nobody at devnull.spamcop.net (Pop) Date: Fri Dec 30 14:00:03 2005 Subject: [SpamCop-Geeks] DSL related Message-ID: Hi, Haven't been able to decide the best place to ask this, and Verizon has been no help but I keep plugging away at them. So I thought i'd check here - lotsa good knowledge-heads here! I ordered DSL from Verizon yesterday; self install kit. No turn-on date confirmed as yet. Then I happened to think: I routinely, probably once a month or so, use XP's Remote Access featuers to take hold of my sister's computer and help her out with clearning/housework. She's a user not a doer, so it helps her quite a bit. My son, whom I've lost so many arguements (debates?) to, tells me that with DSL I'll no longer be able to do that because the router/modem Verizon sends out won't allow the foreign access. I said baloney, because I don't see anywhere that the modem, router, whatever except possibly a firewall, would have to do with anything. That part of it will be as transparen with DSL as it is with dialup: As long as there's an invite and an acceptance, the remote access is going to work. But ... I really don't know what I'm talking about and he can talk circles around me technically, so all I have to go on is what I know of XP and the protocols it uses, and then not to any kind of guru status. As I see it, nothing will change except for the method of transport (analog modem to DSL). I know, I know, I'll find out eventually, probably after a bunch of false starts if it goes as usual, but my son and his family leave on Monday, so if he's wrong I won't get to rub it in as well from afar . So: Anyone have any experience with a DSL and the XP remote access features? Both ways, to and from DSL, to a dialup and also another DSL? Don't you hate it when your kids do SO much better than you did? And to think I worked so hard at making sure that happened! Regards, Pop From user at domain.invalid Fri Dec 30 13:58:44 2005 From: user at domain.invalid (User) Date: Fri Dec 30 15:00:03 2005 Subject: [SpamCop-Geeks] Re: DSL related In-Reply-To: References: Message-ID: On 30.12.2005 12:57, Pop wrote: --- Original Message --- > Hi, > Haven't been able to decide the best place to ask this, and > Verizon has been no help but I keep plugging away at them. So I > thought i'd check here - lotsa good knowledge-heads here! > > I ordered DSL from Verizon yesterday; self install kit. No > turn-on date confirmed as yet. Then I happened to think: > > I routinely, probably once a month or so, use XP's Remote Access > featuers to take hold of my sister's computer and help her out > with clearning/housework. She's a user not a doer, so it helps > her quite a bit. > > My son, whom I've lost so many arguements (debates?) to, tells me > that with DSL I'll no longer be able to do that because the > router/modem Verizon sends out won't allow the foreign access. > I said baloney, because I don't see anywhere that the modem, > router, whatever except possibly a firewall, would have to do > with anything. That part of it will be as transparen with DSL as > it is with dialup: As long as there's an invite and an > acceptance, the remote access is going to work. > > But ... I really don't know what I'm talking about and he can > talk circles around me technically, so all I have to go on is > what I know of XP and the protocols it uses, and then not to any > kind of guru status. > As I see it, nothing will change except for the method of > transport (analog modem to DSL). > > I know, I know, I'll find out eventually, probably after a bunch > of false starts if it goes as usual, but my son and his family > leave on Monday, so if he's wrong I won't get to rub it in as > well from afar . > > So: Anyone have any experience with a DSL and the XP remote > access features? Both ways, to and from DSL, to a dialup and > also another DSL? > > Don't you hate it when your kids do SO much better than you did? > And to think I worked so hard at making sure that happened! > > Regards, > > Pop > > > I use VNC - http://www.vnc.com/ over a VPN built in to the router. But just plain old VNC will work on any connection afaik, haven't tried 'em all ... yet. :-) I also believe that your Son is wrong - first time? That's one for Pop. When my Son turned 15, I didn't know ANYthing .. However, when he turned 21 he exclaimed "Gee Dad, you sure learned a lot in SIX years" .. :-) He and his wife and my grandson just left to head back to Kentucky where they evacuated for Katrina. VNC plays a major role in keeping in touch. We'll have 'em back at the end of March. From g2p4i1902 at sneakemail.com Fri Dec 30 20:07:39 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Fri Dec 30 15:10:02 2005 Subject: [SpamCop-Geeks] DSL related In-Reply-To: References: Message-ID: Pop wrote: > > So: Anyone have any experience with a DSL and the XP remote > access features? Both ways, to and from DSL, to a dialup and > also another DSL? Probably the main questions are does Verizon block that port across the DSL network (as opposed to the dialup one) and will the port pass through the router/modem? If the modem is also a router, you might have to forward that port. But if you are calling out and the receiving computer is already visible on the internet, I don't see why you would have any problems. And it looks like port 3389 is the one to be looking for. http://www.microsoft.com/windowsxp/using/mobility/rdfaq.mspx From user at domain.invalid Fri Dec 30 14:15:26 2005 From: user at domain.invalid (User) Date: Fri Dec 30 15:15:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. In-Reply-To: References: Message-ID: On 30.12.2005 09:35, Ellen wrote: --- Original Message --- > "User" wrote in message > news:dp3j2k$26p$1@news.spamcop.net... >> On 30.12.2005 09:00, Porpoise wrote: >> >> FWIW, I use the Linksys plugged into my CICSCO router. With my two kids >> and their spouses joining us for several days during the holidays and >> ALL of 'em have wireless laptops .. well, you get the picture - little >> radio waves all over the steenkin place from one end to the other. What >> really makes a difference in this scenario is the range-extender >> antennas on the WAP. Now, I can send the lot of 'em out on the patio >> with nary a dropped packet ... :-) > > > randomly tacking on to the thread and taking it OT .... we just had someone > write and say that the spam coming from their system was a result of some > hacker using the "mail logs to the admin" feature of their linksys ... this > make sense to anyone? I don't have a linksys and my dlink isn't inclined to > mail anything to anyone as far as I can see :-) > > Ellen > > I only deal with CISCO and Linksys and Linksys BFSR-81 does not have a feature to auto-mail logs to anyone. Possibly a newer model or another one does but not to my knowledge. 'course anything can happen, especially since Linksys is part of CISCO now, who knows. From nobody at spamcop.net Fri Dec 30 15:48:44 2005 From: nobody at spamcop.net (Ellen) Date: Fri Dec 30 15:50:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: "User" wrote in message news:dp44au$c3o$1@news.spamcop.net... > > > > I only deal with CISCO and Linksys and Linksys BFSR-81 does not have a > feature to auto-mail logs to anyone. Possibly a newer model or another > one does but not to my knowledge. > > 'course anything can happen, especially since Linksys is part of CISCO > now, who knows. Nod -- it wasn't something I had ever heard of either but as you say -- who knows :-) Thanks everyone for responding ! Ellen From nobody at spamcop.net Fri Dec 30 15:52:43 2005 From: nobody at spamcop.net (indigo) Date: Fri Dec 30 15:55:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: Ellen wrote: > "User" wrote in message > news:dp44au$c3o$1@news.spamcop.net... > > > > > > > I only deal with CISCO and Linksys and Linksys BFSR-81 does not > > have a feature to auto-mail logs to anyone. Possibly a newer model > > or another one does but not to my knowledge. > > > > 'course anything can happen, especially since Linksys is part of > > CISCO now, who knows. > > Nod -- it wasn't something I had ever heard of either but as you say > -- who knows :-) Thanks everyone for responding ! > > Ellen The thread hijacking is hereby concluded. We now return you to your regularly scheduled programming.... From nobody at devnull.spamcop.net Fri Dec 30 16:52:18 2005 From: nobody at devnull.spamcop.net (Pop) Date: Fri Dec 30 16:55:04 2005 Subject: [SpamCop-Geeks] DSL related References: Message-ID: "Mr K. Mean" wrote in message news:dp442c$brt$1@news.spamcop.net... : Pop wrote: : > : > So: Anyone have any experience with a DSL and the XP remote : > access features? Both ways, to and from DSL, to a dialup and : > also another DSL? : : Probably the main questions are does Verizon block that port across the : DSL network (as opposed to the dialup one) and will the port pass : through the router/modem? If the modem is also a router, you might have : to forward that port. But if you are calling out and the receiving : computer is already visible on the internet, I don't see why you would : have any problems. And it looks like port 3389 is the one to be looking : for. : http://www.microsoft.com/windowsxp/using/mobility/rdfaq.mspx That's quite helpful at first glance; thank you! Pop -- "...Life is not a journey to the grave with the intention of arriving safely in one pretty and well preserved piece, but to slide across the finish line broadside, thoroughly used up, worn out, leaking oil, and shouting GERONIMO!!!" From BNRAGMAOKKXT at spammotel.com Fri Dec 30 23:58:43 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Fri Dec 30 19:00:05 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: Bcs1 on 30/12/2005 wrote: >>Start > Run then type in "control userpasswords2" without the quote marks. >> Select account you want to auto log on, un-check "User must enter a user name and password to use this computer", click Apply, another screen pops up to enter Password and confirm it (leave all blank for no password), click Apply, exit and re-boot. Now no Log On screen appears 8?) >> > >ahh beat me to it LOL >Bill And everything was in the very first link when I did a Google search. That'll teach me 8?) -- Rob http://www.flickr.com/photos/canopus_archives/ From BNRAGMAOKKXT at spammotel.com Sat Dec 31 00:01:25 2005 From: BNRAGMAOKKXT at spammotel.com (Canopus) Date: Fri Dec 30 19:05:03 2005 Subject: [SpamCop-Geeks] Re: That Dam Log-on Screen References: Message-ID: Bcs1 on 30/12/2005 wrote: >This feature allows other users to start your computer and use the account >that you establish to automatically log on. Enabling auto logon makes your >computer more convenient to use, but can pose a security risk. Heck, that means my 80+ year old mother may hack my PC!!! Time to reactivate manual log on :-( -- Rob http://www.flickr.com/photos/canopus_archives/ From nobody at spamcop.net Fri Dec 30 19:07:17 2005 From: nobody at spamcop.net (Ellen) Date: Fri Dec 30 19:10:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: "indigo" wrote in message news:dp46ms$dj2$1@news.spamcop.net... > > > The thread hijacking is hereby concluded. We now return you to your > regularly scheduled programming.... > > A newsgroup thread that veers back on topic. How quaint! E From bcs1 at spamcop.net Sat Dec 31 04:20:20 2005 From: bcs1 at spamcop.net (Bcs1) Date: Sat Dec 31 04:15:02 2005 Subject: [SpamCop-Geeks] Re: Help Goddammmmitt! References: <436F6FC8.79C260F6@spamcop.net> <436F8BD4.29A5ACA5@spamcop.net> Message-ID: "indigo" wrote in message news:dkoh7r$to4$1@news.spamcop.net... > > Indi, just find "winsockfix.exe" or "WinsockxpFix.exe" and run it, it will replace the registry settings for the sock stack, and you should be fine if that's the issue..... if you can't find them (they are both freeware) just let me know and I'll put a copy on my site for you to download... Bill From nobody at devnull.spamcop.net Sat Dec 31 06:44:47 2005 From: nobody at devnull.spamcop.net (Miss Betsy) Date: Sat Dec 31 06:45:03 2005 Subject: [SpamCop-Geeks] Re: How to handle viral email References: Message-ID: "G" wrote in message news:dp0tll$iic$1@news.spamcop.net... > "Miss Betsy" wrote in message > news:dp0koc$dl3$1@news.spamcop.net... > > However, I don't have much luck in matching IP addresses with > > correspondents. > > > At the moment I am being bombarded with Sober from Verizon IPs (up > > to 5 different ones now), but not one of them is even remotely > > connected with the two correspondents who use verizon. Of course, > > some people who use their own website might use verizon servers. > > Are you using Outlook? If so, follow the steps I have previously described: Unfortunately, I am not using Outlook so I can't do that. It took verizon about a week to stop each one so I am not complaining. Also, I am not sure that it would work since my email address is in a lot of address books of people who never (or rarely) email me. There are two reasons for this: one, my sister-in-law has a huge list of correspondents that she doesn't bcc; and two, we are involved with several groups where our email address is also available to all members, several of whom, like my sister-in-law, have huge 'Fw Fw' lists not in the bcc. Like the one involving the government agency - the only correspondent I had was my brother-in-law and it was not his IP address. It could have been one of his correspondents that he had forwarded an email of mine to (though I think he usually uses a different email address for personal mail) or my email address could have been in a FW FW from one of the other groups and it was just coincidence that I actually had a correspondent in that agency. Miss Betsy From redford_stone at INVERSE_OF_COLDmail.com Sat Dec 31 12:53:01 2005 From: redford_stone at INVERSE_OF_COLDmail.com (Redstone) Date: Sat Dec 31 07:55:03 2005 Subject: [SpamCop-Geeks] Re: External HD problem References: Message-ID: "indigo" wrote in news:dp3ie9$1s2$1@news.spamcop.net: > > Red, you're a genius! That's the error message I'm getting! Now how do > I fix it, bright boy? ;-) > > Okay.. lets see.. first you may want to make sure that the drive is connected to your PC so that it shows up on Device manager. Control Panel => System => Harware => Device Manager => Disk Drives => (Right click on external drive) => Properties => Policies => Uncheck on "Enable Write Caching" => OK. Alternatively, you can do this.. Open Exploder.. I mean.. Explorer.. My Computer => (Right click on external drive) => Properties => Hardware => (Select external drive again) => Properties (button) => Policies => Uncheck on "Enable Write Caching".. etc. I'm not sure if you need to reboot or not, but I don't think you will need to. Hope this works. From g2p4i1902 at sneakemail.com Sat Dec 31 13:21:06 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Sat Dec 31 08:25:03 2005 Subject: [SpamCop-Geeks] Windows registry corrupt Message-ID: Ok, how screwed am I? Has anybody fixed this one before? I assume this is the problem I'm having. http://support.microsoft.com/default.aspx?scid=kb;en-us;307545 My computer boots but any account I try to log into, it starts logging in and then immediately logs out and takes me back to the login screen. My recovery disk doesn't work because I don't have the administrator password. I have other account on the machine that are administrators but it doesn't ask me for them. So, I'm trying the copying thing from Knoppix then. But any advice? Anybody successfully fixed this one before? From porpoise1954 at yahoo.co.uk Sat Dec 31 14:40:17 2005 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Sat Dec 31 09:45:03 2005 Subject: [SpamCop-Geeks] Re: Windows registry corrupt References: Message-ID: "Mr K. Mean" wrote in message news:dp60ju$ce5$1@news.spamcop.net... > Ok, how screwed am I? Has anybody fixed this one before? I assume this > is the problem I'm having. > http://support.microsoft.com/default.aspx?scid=kb;en-us;307545 > > My computer boots but any account I try to log into, it starts logging in > and then immediately logs out and takes me back to the login screen. My > recovery disk doesn't work because I don't have the administrator > password. I have other account on the machine that are administrators but > it doesn't ask me for them. So, I'm trying the copying thing from Knoppix > then. > > But any advice? Anybody successfully fixed this one before? That's the reason I would never buy a system from a supplier who only supplies a recovery CD/DVD rather than the full installation disc. With that scenario, you can't recover a system, only restore the system to how it was when it left the supplier - which stuffs any user accounts/passwords you may have added since purchase. (Unless you have a full backup regime, of course). So what, actually, was it you did? Did you; 1. try to do a fix using a system restore disc? 2. try to do a fix using system repair using a full installation disc? 3. try to do a restore from a backup? Alternatively, what is it that actually happened and/or what is it you're trying to do? I deduce that you have, in some way, become the lucky owner of a screwed registry........ 8>[] Which OS are you using? I take it you don't have a backup of the registry?! From g2p4i1902 at sneakemail.com Sat Dec 31 16:22:42 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Sat Dec 31 11:25:03 2005 Subject: [SpamCop-Geeks] Re: Windows registry corrupt In-Reply-To: References: Message-ID: Porpoise wrote: > "Mr K. Mean" wrote in message > > So what, actually, was it you did? Did you; > > 1. try to do a fix using a system restore disc? > > 2. try to do a fix using system repair using a full installation disc? > > 3. try to do a restore from a backup? > > Alternatively, what is it that actually happened and/or what is it you're > trying to do? I deduce that you have, in some way, become the lucky owner of > a screwed registry........ 8>[] > > Which OS are you using? I take it you don't have a backup of the registry?! I didn't buy it. It is a company laptop, which is why I don't have the administrator password. They don't care if they don't have installation disks. If anything goes wrong, they just reimage the hard drive. I'm sure I could get them to help me fix this, but I'm sort of on my own until at least Tuesday though. Any of the various Windows rescue methods are sort of not terribly useful since they probably all require the password. I normally had administrator access to the machine but only through either the domain user or as an additional user I added to the local machine. But nothing I have tried so far allows me access to the hard drive through Windows. I think I just need to copy those five files in the Windows directory. So far, Knoppix doesn't allow read/write to the NTFS drive. So, I'm trying some other Linux rescue type disks that do allow read/write. But I do have complete read only access to everything, so I know it is all there and intact. It is XP SP1. No backup of the registry. I could live with the registry being somewhat screwed up as long as I can login. At this point, I only use a few key programs on it and those can easily be reinstalled. Most of the data is backed up elsewhere too but it would suck to have to start from scratch. I wouldn't lose anything critical. Besides I can copy it all off the hard drive right now as it is anyways. I think it happened when I unchecked a few items to not automatically start up at login, some of the LanDesk things. It probably didn't write to the registry right, Autoruns, that is. From g2p4i1902 at sneakemail.com Sat Dec 31 18:47:00 2005 From: g2p4i1902 at sneakemail.com (Mr K. Mean) Date: Sat Dec 31 13:50:04 2005 Subject: [SpamCop-Geeks] Re: Windows registry corrupt In-Reply-To: References: Message-ID: Porpoise wrote: > So what, actually, was it you did? Did you; > > 1. try to do a fix using a system restore disc? > > 2. try to do a fix using system repair using a full installation disc? > > 3. try to do a restore from a backup? Ok, hurray, I seem to be back in now. Trinity Rescue Kit rocks. It let me reset the passwords. http://trinityhome.org/trk/usage.php#winpass But it wouldn't let me copy any of those system files from Linux. But once I had the password I could go to the Windows rescue consoles and copy restore points from the System Volume Information folder, the last one was from this morning so I don't think I lost anything. http://support.microsoft.com/default.aspx?scid=kb;en-us;307545 It looks like it took me back to before the changes I made. It looks like the only ill effects are that I had to log in once as a really low screen resolution so it scrambled my icons around on the desktop a bit. From jzeitlin at spamcop.net Sat Dec 31 15:49:22 2005 From: jzeitlin at spamcop.net (=?ISO-8859-1?Q?E=F6nw=EB?=) Date: Sat Dec 31 15:50:24 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: On Fri, 30 Dec 2005 13:55:52 -0000, "Porpoise" wrote: > >"Frog Prince" wrote in message >news:dojkjr$fcm$1@news.spamcop.net... >> Neighbor lady (she does brownies right!!) just called and she wants me to >> pick up a wifi AP for her to give to her family (I'm to install this on >> the >> QT) as a Christmas present. >> >> As I'm going to be responsible for supporting this install (did I mention >> she's a great lady as well as great cook?) what should I recommend I get >> that would best fit her needs. > >I don't know what your budget is, or what's available where you are, but the >current 'A' listed wireless router in "PC Pro" magazine, is the Belkin >Wireless Pre-N: > >http://catalog.belkin.com/IWCatProductPage.process?Product_Id=184316 > >I've generally found Belkin products to be first class - along with D-Link >(as suggested by someone else) > After a 'feature' that Belkin put in one of their routers not that long ago, I will be DAMNED if I will purchase a Belkin product with any intelligence in it. For those that don't remember the ruckus, the 'feature' was that every so often, it would hijack your web browser to Belkin's site to tell you about a parental control feature built in, until/unless you had the control set. It didn't matter what you were trying to do at the time, you would be hijacked. Even if you were in the middle of a time-sensitive transaction with private/"secure" information being transferred. If you hit the time when it was "supposed" to remind you, you got hijacked. Their first attempt at fixing this was even more offensive; you had to accept a cookie to get it not to do that. They eventually released a firmware patch, as I recall - but that was after the damage was done. -- E?nw? (SpamCop subscriber, not staff/admin) From nobody at nowhere.invalid Sat Dec 31 23:47:13 2005 From: nobody at nowhere.invalid (Steven Maesslein) Date: Sat Dec 31 17:50:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. References: Message-ID: On Sat, 31 Dec 2005 15:49:22 -0500, E?nw? coughed into spamcop.geeks and left this in : > After a 'feature' that Belkin put in one of their routers not that long > ago, I will be DAMNED if I will purchase a Belkin product with any > intelligence in it. Given that it's Belkin's marketoons writing the firmware now, you're well advised not to hold your breath while waiting for a Belkin product with any intelligence in it to appear on the market! > They eventually released a firmware patch, as I recall - but that was > after the damage was done. Too little, too late. I no longer have any trust in Belkin products. -- Steve Stupidity is NOT a handicap. Park elsewhere! From user at domain.invalid Sat Dec 31 19:42:19 2005 From: user at domain.invalid (User) Date: Sat Dec 31 20:45:03 2005 Subject: [SpamCop-Geeks] Re: Need recommendation for a Wifi access point. In-Reply-To: References: Message-ID: On 31.12.2005 16:47, Steven Maesslein wrote: --- Original Message --- > On Sat, 31 Dec 2005 15:49:22 -0500, E?nw? coughed into spamcop.geeks and > left this in : > >> After a 'feature' that Belkin put in one of their routers not that long >> ago, I will be DAMNED if I will purchase a Belkin product with any >> intelligence in it. > > Given that it's Belkin's marketoons writing the firmware now, you're > well advised not to hold your breath while waiting for a Belkin product > with any intelligence in it to appear on the market! > >> They eventually released a firmware patch, as I recall - but that was >> after the damage was done. > > Too little, too late. I no longer have any trust in Belkin products. > Belkin is now sold in Home Depot. Nothing degrading to HD but rather the other way 'round .. Sad day for B From pete+usenet at heypete.com Sat Dec 31 21:05:46 2005 From: pete+usenet at heypete.com (Pete Stephenson) Date: Sun Jan 1 00:10:13 2006 Subject: [SpamCop-Geeks] Just got a Garmin StreetPilot c330 Message-ID: This evening I went looking for a Garmin road-capable GPS unit. I prefer Garmin over other manufacturers, have a few of their non-road-capable ones (used for camping, hiking, etc., and wanted something to help me out for long road trips. Although I'd like some extra geeky features (showing which satellites are being tracked, the exact time, and other geeky info), this unit doesn't provide it. Still, the amount of information it has is frightening. It knows all the gas stations, places to eat, local attractions, and so forth around here. One can enter any street address in the United States or Canada and it'll show the location on a map as well as calculate directions to get there. Even better, if one deviates from a route, it'll recalculate a new route and directions without any user input. It even talks. I plan on doing some road trips in the near future. As such, I'll be far away from MapQuest or Google Maps. Being able to find out where the heck I am when I'm in the middle of nowhere, where my destination is, and how to get there (as well as finding some gas stations along the way) will be exceedingly helpful. Anyone else have any fun experiences with road-capable GPS receivers? Any interesting directions, wrong routes, etc.? This one's got the most recent version of their mapping data, but I'm hesitant to fully trust it. -- Pete Stephenson HeyPete.com From bait-423c86b2-42ff9001 at good.julianhaight.com Sat Dec 31 23:34:42 2005 From: bait-423c86b2-42ff9001 at good.julianhaight.com (Chris F. Willoughby) Date: Sun Jan 1 02:35:03 2006 Subject: [SpamCop-Geeks] Re: Just got a Garmin StreetPilot c330 References: Message-ID: I've used the C340 and it's quite handy. You can also add your own points of data if it doesn't have it. It CAN lose signal in areas with lots of trees around.. at least temporarily. But for the most part that's not a problem. Chris "Pete Stephenson" wrote in message news:pete+usenet-C79C12.21054631122005@news.cesmail.net... > This evening I went looking for a Garmin road-capable GPS unit. I prefer > Garmin over other manufacturers, have a few of their non-road-capable > ones (used for camping, hiking, etc., and wanted something to help me > out for long road trips. > > Although I'd like some extra geeky features (showing which satellites > are being tracked, the exact time, and other geeky info), this unit > doesn't provide it. Still, the amount of information it has is > frightening. > > It knows all the gas stations, places to eat, local attractions, and so > forth around here. One can enter any street address in the United States > or Canada and it'll show the location on a map as well as calculate > directions to get there. Even better, if one deviates from a route, > it'll recalculate a new route and directions without any user input. It > even talks. > > I plan on doing some road trips in the near future. As such, I'll be far > away from MapQuest or Google Maps. Being able to find out where the heck > I am when I'm in the middle of nowhere, where my destination is, and how > to get there (as well as finding some gas stations along the way) will > be exceedingly helpful. > > Anyone else have any fun experiences with road-capable GPS receivers? > Any interesting directions, wrong routes, etc.? This one's got the most > recent version of their mapping data, but I'm hesitant to fully trust it. > > -- > Pete Stephenson > HeyPete.com