|
Posted by Patrick Dickey on September 10, 2005, 5:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> 'Makster' wrote, in part:
> | Dear Panda_Man,
> | Thanks for the reply and classifying this as a "Stupid Question".
> _____
>
> The apparent direction of the question was how to design malware ("Just a
> question if this theory will work, if not, then it was worth a try asking
> :-)". This newsgroup is pretty clearly aimed at how to identify malware,
> how to prevent it from entering a system, and how to remove it from a
> system. It is not suprising that some participants would take exception to
> the tone of your inquiry; it's not the first post of its type.
>
> One of the reasons it is recommended to read a number of post before your
> first post in a newsgroup is to get a sense of what the newsgroup is about.
> If you had, then perhaps you would not have posted or would have made a
> different post. Certainly you would not be confused about the relationship
> among the newsgroup, its participants, and Microsoft. Then perhaps we would
> have been spared several intemperate subquent posts. Also newsgroups
> usually function as a discussion among participants, some of whom are
> silent. Directly addressing responses are off point. Keep in mind that
> google.com is evidently preserving all these conversations, indexed and for
> eternity.
>
> Phil Weldon
>
>
>>Dear Panda_Man,
>>
>>Thanks for the reply and classifying this as a "Stupid Question".
>>First, I know WORMS have POTENTIAL TO INFECT many machines, I think even a
>>12 year old now would know that.
>>Lastly, hopefully you are not a spokesperson for Microsoft. If you are
>>then
>>I assume from your answer that Microsoft does not take this a potential
>>way
>>of a new worm being created. I am not saying it will work, but it can
>>work,
>>then so be it, It would have been better for me to post this so called
>>stupid
>>theory and question of mine somewhere else where maybe someone does answer
>>me
>>back with the same respect as I would show the other person and I know
>>such
>>websites.
>>If you and Microsoft do think this is a Stupid Question and Microsoft has
>>better things to do, then I wont be troubling you anymore.
>>Have a nice day :-) btw you have no respect for the opinion of another
>>person which is quite evident from the use of the word stupid.
>>I wish you safe computing...
>>
>>--
>>Mackster
>>
>>
>>"Panda_man" wrote:
>>
>>
>>>Dear Mackster,
>>>
>>>Don't ask stupid questions . :)
>>>Ensure your computer,use firewall and anti-virus and leave Microsoft to
>>>think about "those problems" .
>>>
>>>All worms have THE POTENTIAL to infect many machines!
>>>Worms copy itself automatically!
>>>Have a really nice day !:)
>>>
>>>Panda_man
>>>
>>>
>>>"Mackster" wrote:
>>>
>>>
>>>>Hi,
>>>>Just a question if this theory will work, if not, then it was worth a
>>>>try
>>>>asking :-)
>>>>Currently Microsoft offers MSN Messenger, yahoo offer the Yahoo
>>>>Messenger,
>>>>and their are other such products. In all these chat products their is
>>>>a
>>>>facility to use them using a HTTP proxy, the information and settings
>>>>for
>>>>which are stored in the Registry (using regedit you can find it).
>>>>What if a worm was made, which created a proxy on the infected machine,
>>>>changed the registry settings such that the HTTP proxy was said to use
>>>>127.0.0.1 as the Proxy server, and any port can be used. Now, taking
>>>>MSN
>>>>Messenger as an example, if the Worm lets say ran the proxy on Port
>>>>1999 and
>>>>changed the registry for MSN Messenger to use to connect to the
>>>>internet
>>>>using HTTP proxy on port 1999. Now, as the MSN will connect through the
>>>>Worm
>>>>Proxy, the worm will have the data incoming and outgoing being sent by
>>>>the
>>>>MSN messenger, so
>>>>1. A window can be opened on the Chat data and the data can be captured
>>>>To spread, MSN messenger offers the user to transfer files, as now the
>>>>Worm
>>>>can have a look at the data being sent and recieved by the Messenger,
>>>>it can
>>>>easily modify the file being sent and attach itself or rather send
>>>>itself
>>>>first instead of the file, or send itself by attaching the file being
>>>>sent
>>>>underneath it to infect the other PC to which the file is being
>>>>transferred
>>>>over MSN.
>>>>Once on the other PC, if the file being sent is an executable, or let
>>>>say if
>>>>the file being sent was a zip file, called filexxxx.zip, the worm
>>>>changes the
>>>>file, attaches the zip file underneath it, renames the file to
>>>>filexxx.zip.pif. When the User on the other side of the chat clicks on
>>>>the
>>>>file being sent, the worm gets executed, which first makes the required
>>>>changes so that it Loads as soon as Windows starts and changes the
>>>>settings
>>>>for next time. It sent extract the actual file being sent and executes
>>>>the
>>>>appropriate command to open the file, so that the user does not know
>>>>that a
>>>>worm was executed on his / her machine.
>>>>
>>>>This is just an idea, and I am not that sure this can be done, but if
>>>>this
>>>>can be done, wont it have the potential of infecting a whole lot of
>>>>computers, and from the Worm Proxy, this can be used to become a
>>>>backdoor or
>>>>a trojan.
>>>>
>>>>Well, just an idea. Will this work ???
>>>>
>
>
>
Of course, if he is trying to create a virus, his ISP will love to know
about it. Mackster is forgetting that headers are a wonderful thing.
So, it won't be too hard for someone to trace any creations of his to
him. Especially since he asked about it in a Microsoft Newsgroup.
But, as I mentioned in my other reply (which was under a mistaken
impression that he wanted to know for protection purposes), MSN
Messenger is blocking ANY file type that could possibly execute code.
So, even if someone got the infection, it won't spread very far. Not my
Messenger at least. I'm sure Yahoo and AIM, along with the others are
following suit (or will be soon).
So, yes.. The theory is good, but the practice is faulty. As is the
Original Poster...
--
http://www.pats-computer-solutions.com
Smile.. someone out there cares deeply for you.
| 
XML site map