Sunday, November 27, 2005

Playing games with phishers

I just received another phishing attempt in an email that purports to be from Paypal. I forwarded the email, but, this time I was a bit bored so I decided to have a bit of fun with phishers.

Email address: EatShit@die
Password: eatshitanddie
Name: Yousef R Screwed
Address: 24 Sussex, Ottawa

Believe it or not they accepted the above without verifying that @die is not a valid domain. I decided to have fun with the information that they asked for. I had a lot of fun filling in bogus information. I really hope they try to use the information and see how screwed over they will be afterwards. For those of you who are not Canadian the address is the residence of the Prime minister.

The system came back and prompted me for a valid address so I used EatShit@die.com and it accepted.

Spam summary

Here is a summary of my mail that I have received. I have made a small change. Rather than showing week by week I will show month by month. It has gotten a bit better as the large scale spammers are slowly being taken offline.












Time PeriodLegit emailPhishing attemptsOther Spam% Legit email
June 133 10 264 32.7
July 128 6 158 43.8
August 148 8 126 52.5
September 144 4 87 61.3
October 141 6 97 57.8
November 169 9 105 59.7
December 8 0 2 80.0

Sunday, November 20, 2005

Mandriva 2006

I finally got the download of the three ISO images for the latest Mandriva and burned onto CDs. I then proceeded to back up my main machine. It took about 30 minutes as I have a lot of photos scanned in. Eventually I may move them to the second hard drive and clean up my home directory.

After the backup I inserted the boot CD and did a restart. The installation process has not changed too much. I picked out all of the individual packages like before. A few notes ->
  • GTK-Gnutella is now a package that you can install.
  • CLAM AV is installable. This is nice as we still have two kids using windows and I can scan the shared folder for viruses.
  • In deselected Scribus, but, the support library still loaded. Small point that does not affect installation.
  • CDs, USB hard drives, USB memory sticks, floppies now show in 'Devices' rather than each one cluttering up your desktop.
From the point of boot up, selecting packages, installing packages and rebooting took about 45 minutes. It then booted up and I logged in without a problem. KDE 3.4 has a few changes, but, the basics are still the same.

Jane was installed in the same amount of time. The only difference is that she wanted all of the games installed.

Update:
I installed Mandriva 2006 on my daughters machine. Again no hitch, three different computers without any problems at all. She just loves it and thinks that the new backgrounds are totally cool.

I did a scan on the shared drive using CLAM-AV and it found five nasty little critters and trashed them. Jane and I didn't notice them as they were windows based and didn't affect our Linux boxes, but, it is nice to know that the new tool worked.

Monday, November 14, 2005

New Phishing variant

I received an email that looked to be from EBay. It was for a 'survey' and you get a $20 certificate. Reading it I noticed that it stated that I had an EBay account (I dont') so I forwarded it to EBay. I have just received a note back that this is a phishing attempt. The phishers are starting to get better, rather than say you have a security problem they ask you to fill in a survey. As a 'thank you' you get a $20 certificate.

Ebay has a few suggestions ->




In the future, be very cautious of any email that asks you to submit information such as your credit card numbers or passwords. If you are ever concerned about an email you receive from eBay, simply follow these steps:

1. Open a new Web browser and type www.ebay.com into your browser address field to go directly to the eBay site.

2. On eBay, sign into your account and click the "My eBay" button at the top of the page.

3. Check the My Messages section located at the top of the My eBay page. If an email affects your eBay account, it's now in My Messages. Any email sent to your registered eBay email address from eBay or from another eBay member via eBay's member-to-member communication system will now appear in My Messages.

Just remember, if you get an email to your registered eBay email address that looks like it's from eBay about a problem with your account or requesting personal information, check My Messages first. If it's not there, it's a fake email.

If you still have any doubt about whether an email message is from eBay, please forward it immediately to spoof@ebay.com. Do not respond to it or click any of the links. Do not remove the original subject line or change the email in any way when you forward it to us.



Sunday, November 06, 2005

Linux at home.

Our house uses Mandrake Linux, but, it does not stop me from looking at other distributions to see if they are better. On Saturday I tried Kubuntu 5.10 to see if it will replace our setups. I like the fact that it is on on CD.

My quick impressions:
  1. Installation was fairly simple. I had a few problems on the custom partitioning on my machine.
  2. I like the simple options presented. However, I would prefer finer options on what is installed or not installed. I really didn't need all of the things it installed by default. Not a problem as I could run ADEPT to remove what I didn't like.
  3. I had a few problems with my USB drive being recognized. I realized the the SDA error was really an information message and the drive was there.
  4. It didn't recognize my USB scanner at all. As I need that the distro would not be installed.
  5. It didn't come with any games by default. For me that is not a problem as this is a work machine, not a game machine. For my wife and especially my daughter that was a problem. For my daughter this distro was a non-starter as her PC is not hooked up to the internet and I had no way to easily install all of the cool linux games she likes to play with.
  6. The first ID you create has admin capabilities by default. I like to grant only root the rights to add/delete software. When I want to do something to the machine I sign on as root or use SUDO.
  7. I liked ADEPT. From my short time using it I prefer it over the RPM manager in Mandrake.
As a result of this I am still using Mandrake. When they fix the USB scanner issue and maybe a game issue I will look at it again.

On a side issue my daughter has been playing with my wife's Linux box for the last several months and asking me to install Linux on her own PC as it has more cool games. I installed Mandrake 10.2 in one hour (installation and configuring) she now has a dual boot machine and just loves playing the various games that comes with Linux. She has absolutely no problems logging in and out and working with Linux. She is now using OpenOffice to write her letter to Santa. This impressed myself and my wife as neither of us showed her where office was. For anyone who says Linux has a ways to go in the user interface to match windows keep this in mind-> She is a seven year old who has no problems using the Linux interface and is capable of figuring it out on her own.

My next project is to eventually hook up my daughters machine to the home network. But, I will be setting up a very restrictive firewall on her box. Windows will have not network connection! I can then apply patches to her Linux partition, send files to the printers but she can only surf the web from either my machine or her mother's machine under our supervision. I can also set it up that only a few sites are available to her for researching her class projects.

Eventually Mandrake 2006 will be generally available for download and I will then do the upgrade path on all of the boxes here at home.