My brother recently asked me how to tell if your computer was part of a botnet. Now, I'm not a real Windows jock any more, so I don't know how much help I can be:
I'm not really up on the mechanics of telling if your computer is
compromised from the inside.
I can tell you, though, that it may not be
practical to even try.
The problem is that if your computer has been compromised, the
attacker can install components that change the behavior of tools
running inside the computer. There are specific toolkits, "rootkits",
that target antivirus and other security software to hide the presence
of the compromising code, even modifying the running security
applications so they don't see the files that the malware is hiding in.
If you "run a security" and don't see anything, you still can't be sure.
The best way to tell if your computer is part of a botnet is from
outside your computer. What I used to do, before virtual machines, was
run an external firewall router. Since the firewall isn't inside the
computer's trust boundary, it's not going to be compromised by the
malware. You can look through your logs on the firewall to see
connections to unexpected sites or connections when you're not actually
using the computer. These days, you can run Windows in a virtual
machine, and get the same result more cheaply.
But really, for most people, you still can't be sure. It could be
sleeping. It could be that you're just not familiar with reading log
files.
So the best thing to do if you even suspect your computer
might be infected is to back up all the data (you're keeping backups,
right?) and reinstall from scratch, reinstalling any applications from
the original media. Again, if you're running Windows in a virtual
machine, you can roll back to the original snapshot. Even if you're not
infected, this cleans up cruft and dander and leaves your computer
feeling years younger with a lovely silky complexion.
I used to do that every year or so, when I was using Windows at home
for more than the occasional videogame. Just because it ended up making
my computer faster. Apart from the external backup drive, I kept two
drives inside the system and switched which one was primary. The
process: unhook the "current" drive, and install Windows over again on
the "old", reformatting the drive in the install process. Now the "old"
drive is "current", and the current is "old". Hook up the "old" drive
long enough to copy the data off it (just the data, no applications),
then disconnect it, leaving it powered off until next time. If you put
your ear up against it, maybe you can hear the botnet screaming to be
let out...
21 April 2012
Writing code to fit into small places...
Somewhere around here I have the source to Jim Penny's "Freelancin'
Roundtable" chat system, which I asked him for because it was supposed
to be an amazing piece of tight coding... I thought I might learn
something from it. This was in the early '80s, and an 8-user dialup chat
system was an amazing thing. I learned a lot, actually, particularly
about the kind of things that become reasonable when you're up against
the wall and have absolutely no cycles left to spare.
One quirk of Roundtable was that your user ID was 4 hex digits, and your password was a fixed random string that you couldn't change... every now and then he'd mail all the users with a new user ID and password.
It ran on a TRS-80 and communicated with 8 modems through unbuffered UARTs, so it absolutely had to get back to all 8 serial ports 30 times a second, every second, to output or input the next character of text.
Reading data from files or writing it out again was obviously out of the question, and memory was really tight, so he didn't even implement any lookup tables. Instead, he would eyeball the binary code of the program for printable strings. Your user ID was the address of the string. Every time he recompiled the program he had to come up with a new set of user IDs and passwords and send them out to all the users before they could log in again.
One quirk of Roundtable was that your user ID was 4 hex digits, and your password was a fixed random string that you couldn't change... every now and then he'd mail all the users with a new user ID and password.
It ran on a TRS-80 and communicated with 8 modems through unbuffered UARTs, so it absolutely had to get back to all 8 serial ports 30 times a second, every second, to output or input the next character of text.
Reading data from files or writing it out again was obviously out of the question, and memory was really tight, so he didn't even implement any lookup tables. Instead, he would eyeball the binary code of the program for printable strings. Your user ID was the address of the string. Every time he recompiled the program he had to come up with a new set of user IDs and passwords and send them out to all the users before they could log in again.
24 March 2012
The Towers of Utopia
In this 1975 novel Mack Reynolds
equipped every resident of Skyler Deme with a "TV Phone" that was also a
"Universal Credit Card", and was routinely used to query "the
computers" as well as being a RFID-like access card.
I last read this about 20 years ago. Re-reading it now - this is probably the best depiction of a "smart phone" in pre-web science fiction that I can think of.
I last read this about 20 years ago. Re-reading it now - this is probably the best depiction of a "smart phone" in pre-web science fiction that I can think of.
28 January 2012
Just dropping this here for convenient reference.
Newsgroups: comp.unix.bsd
Path: sparky!uunet!mcsun!news.funet.fi!hydra!klaava!torvalds
From: torvalds@klaava.Helsinki.FI (Linus Torvalds)
Subject: Re: 386BSD vs Linux: major differences?
Message-ID: <1992Dec20.115036.7197@klaava.Helsinki.FI>
Organization: University of Helsinki
References:
Date: Sun, 20 Dec 1992 11:50:36 GMT
Lines: 17
In article davis@csrg2.ee.iastate.edu(Jim Davis) writes:
> But I have wondered
>why there are two efforts to provide a free UNIX...is it just coincidence
>that two groups developed a distribution at about the same time? or did
>they have different goals? or is this a BSD vs. System-V thing?
It's just coincidence: I knew about 386bsd through DDJ, but it obviously
wasn't ready when I would have wanted it, so I just started on my own.
If 386bsd had been ready one year earlier, I'd probably not have started
on linux at all, but used bsd instead - although I'm very happy with how
it all turned out.
As to bsd vs sysv - no, nothing like that. Linux isn't exactly sysv,
but has a lot of features from both camps, and looks a bit more like
sysv simply because POSIX generally leans in that direction.
Linus
Path: sparky!uunet!mcsun!news.funet.fi!hydra!klaava!torvalds
From: torvalds@klaava.Helsinki.FI (Linus Torvalds)
Subject: Re: 386BSD vs Linux: major differences?
Message-ID: <1992Dec20.115036.7197@klaava.Helsinki.FI>
Organization: University of Helsinki
References:
Date: Sun, 20 Dec 1992 11:50:36 GMT
Lines: 17
In article
> But I have wondered
>why there are two efforts to provide a free UNIX...is it just coincidence
>that two groups developed a distribution at about the same time? or did
>they have different goals? or is this a BSD vs. System-V thing?
It's just coincidence: I knew about 386bsd through DDJ, but it obviously
wasn't ready when I would have wanted it, so I just started on my own.
If 386bsd had been ready one year earlier, I'd probably not have started
on linux at all, but used bsd instead - although I'm very happy with how
it all turned out.
As to bsd vs sysv - no, nothing like that. Linux isn't exactly sysv,
but has a lot of features from both camps, and looks a bit more like
sysv simply because POSIX generally leans in that direction.
Linus
07 January 2012
A comment found in an old eBook
"1. [ur] 26Aug1990 02:39:58pm [2:44] I'm done! Ha Ha, I'M DONE! hahahahahahahahahah Hooray, I'm done I'm done, I'm done, I'm done. Heheheheheheheheh ha argle gobble gobblelskd adj kjkjoiqu.joij!" -- final Author's Note in the annotated edition of A Fire Upon the Deep by Vernor Vinge.
27 December 2011
First use of "pirates" in the "copyright" sense - 1703
"As to Answers, Banters, True-English Billinsgate, I expect them till
no body will buy, and then the Shop will be shut. Had I wrote it for
the Gain of the Press, I should have been concern’d at its being Printed
again and again, by Pyrates, as they call them, and Paragraph-Men: But
would they but do it Justice, and print it True, according to the Copy,
they are welcome to sell it for a Penny, if they please." - D. Defoe "The True Born Englishman" (1703)
Yes, I was surprised too.
Yes, I was surprised too.
24 December 2011
Thinking about Google+ and the #nymwars...
Wouldn't you like to get away?
Sometimes you want to go
Where everybody knows your 'nym,
they don't know you're a her or him.
You wanna be where you're not seen,
'cos everyone looks the same.
You wanna be where nobody knows
your name.
Sometimes you want to go
Where everybody knows your 'nym,
they don't know you're a her or him.
You wanna be where you're not seen,
'cos everyone looks the same.
You wanna be where nobody knows
your name.
Subscribe to:
Posts (Atom)
