Mailinglist Archive: opensuse (3637 mails)

< Previous Next >
Re: [SLE] My Suse battles a Windows trojan and wins!
Thanks Ben, Dee, and all. I install pmfirewall and it closed down the ports
that I wanted. Now I can feel somewhat secure while I learn more about what
ports i want to open or close, etc.

Feelilng better, Cheers. Curtis Rey

On Friday 25 May 2001 12:06 am, Curtis Rey wrote:
> Nice to know there's a safe haven on your box, isn't it? I got the naked
> lady virus on my linux box - tried to execute but fell all over itself.
> That's why the only thing I use windows for is to play games, and hopefully
> that will change. I have two running on Linux and plan to get more. At the
> rate I'm going I'll strip winblows off - reload it to a basic,barebones
> system for high perfomance gaming and that's it. No M$ anything but for
> games I can't do without - email, browsing, word processing, data base -
> all Linux. In a couple of years I hope that the variety of 3rd parly
> vendors will be such that I'll never touch a winblow product again. And
> the future is looking bright now that consoles and set-top boxes are using
> Linux based systems more and more. It's only a matter of time. Now if I
> can just find a HOWTO/walkthrough on how to setup a Linux firewall without
> getting a screaming headache I'll be happy!!! :)
>
> Cheers, Curtis Rey
>
> On Thursday 24 May 2001 10:41 pm, Ron Sinclair wrote:
> > > A few day ago, I wiped my Windows partition clean and reinstalled W98.
> > > I
> >
> > had hoped to reinstall alot of my programs from my CDRW disks but found
> > most of them to be corrupt (!!), so I didn't have a virus protection
> > program.
> >
> > While perusing USENET, I accidentally clicked on a message to view and
> > Free Agent opened up a SubSeven trojan (MUIE version)!
> >
> > I didn't even know until that it was a trojan until I saw strange modem
> > activity and someone banging off my firewall. The firewall wouldn't let
> > the trojan server start, which is good. I immediately went to
> > www.trendmicro.com and downloaded the latest PC-Cillin, but because the
> > server .exe file was executed by the NG client, the damage was done. I
> > couldn't delete the trojan server or change its name. The virus
> > protection couldn't either. I could detect it but that was about all it
> > could do.
> >
> > Since the trojan was detected, I found out the name of the troubling
> > file. I went into real-mode MSDOS and tried to delete it, which didn't
> > help.
> >
> > I went and downloaded a few versions of SubSeven clients and servers
> > (from Linux) to see if I could use cracker tools to remove the trojan
> > server. This particular trojan server couldn't be accessed since I didn't
> > know which port it was using to access my system. It also could have
> > been protected.
> >
> > I thought that I may have to wipe the partition and reinstall W98 again,
> > but then I thought that maybe I could go back into Linux and delete the
> > offending file. I didn't know if this would damage my system but at this
> > point this tactic was my last option, IMO.
> >
> > I went into Linux and found the file on my Windows partition and deleted
> > it. Then I went back into W98 and checked with the virus scanner to see
> > if it would again detect the trojan...it didn't.
> >
> > I'm sure I could have fixed this a different way, but I'm no Com. Sec.
> > consultant, just an everyday computer user.
> >
> > Linux ruled, in this situation! I'm SOOOO glad I use Linux! :o)
> >
> > Ron Sinclair
> > http://members.tripod.com/~WIGGLIT/
>
> ----------------------------------------
> Content-Type: text/html; charset="iso-8859-1"; name="Attachment: 1"
> Content-Transfer-Encoding: quoted-printable
> Content-Description:
> ----------------------------------------

< Previous Next >
Follow Ups