Tuesday, December 12, 2006
My GMail account gets about 30+ spams per week and my personal email account gets one or two per month. One suggestion to those who are trying to 'regulate' spam. Why go after just the spammers? Why don't you go after those who buy the services at the same time? If you make it almost impossible for the ones who buy the service to make a profit then the volume will probably drop to a level that is not as annoying for all.
The upside is that Yahoo is very good at recognizing spam. Over 95% is correctly labelled. Only recently has spam gotten into my inbox. The only thing I did was to click on 'spam' to help them recognize future mails that are similar. If your ISP has spam filters I highly recommend that you make use of the facility. You still have to check your spam folder, but, most of the time you can delete them without reading and save yourself a lot of clicking on the delete key. If your ISP does not offer this then use the junk mail tools that your mail package has to make your life easier.
Saturday, December 09, 2006
Since she does not need SANE I removed all of the packages and disabled the PCMCIA options. I tweaked the system so that only services she needs runs. The major bonus is that her Canon IP3000 worked smoothly this time around. I used the BJC7000 driver. Profile one is in 300x300 dpi mode and profile two is in 600x600 dpi mode. The last time I configured it in Mandriva it took me almost one hour to get the configuration down, PCLinuxOS did it in less than five minutes.
My daughter is also quite pleased with the upgrade. She plays online games on my machine, but, has a friend over and it was a real pain for them to share the machine. Now both machines can play the same game networked together.
My last task is now to take the CD and run it on my daughter's machine and let her play with it there. Her machine is not connected to the Net and I want to make sure that the packages that are on the CD is all that she needs. We don't allow her direct access, she must use either my machine or my wife's machine while we are present.
Tuesday, November 28, 2006
I launched the PCLINUXOS Control Center and clicked on the System Icon. I then picked the add/update/delete packages option (Synaptic). I then did a search on SANE in 'Names and descriptions'. When it came back I deleted the following packages:
After the 'fun' I had on the V0.93 upgrade I was a lot more cautious on this upgrade. I let a bit of time pass for the V0.93a pass before trying to install. The first thing I did was boot the CD and log in as guest and work through the XSANE and K3B before installing on my box. The distro worked without a problem so I figured it is now safe to upgrade my main box. The boot from the CD is almost as fast as from the hard drive. All of the screens here are 320x256 and was captured on my digital camera to give you an idea of a few screens during the installation and upgrading. The quality is low and you can see the horizontal refresh lines.
Once the system was up I was presented with the logon screen. This time around I selected root as I was going to do the installation. I also remembered to set one of my partitions to '/mnt/pclinuxos' and let the installation start. The partition option is almost idiot proof. I selected custom as I wanted to see if I can install and keep my old 'home' directory intact so I don't have to do a restore from backup. The installation went very smooth and within 30 minutes I had a working installation.
When the installation was done I rebooted the machine and logged in. The nice part is that all of my settings and files are still there. I didn't have to do a restore which is nice.
I then verified that XSANE and K3B worked I started to do the patching. So far the system seems to be stable and it has a good number of games that my wife is interested in playing. I will let her look and play and she likes this I will then migrate her from Mandriva to PCLINUX. The only one I won't probably upgrade is my daughter as the default distro does not have all of the games, I have to download them and her machine is not linked to the internet.
Saturday, November 18, 2006
My next task was to pull out my bootable CDs and work with them. Each one would give either a kernel panic or VFS error and lock up. I tried again with the SLAX USB key that is bootable and I got the same problem. I then downloaded a current copy of PCLINUX OS V0.93A and fired that up. Again it locked so I tried the 'MEMTEST' option. When that started it generated hundreds of errors when it was checking the RAM. I shut down the system and opened it up. There was a bit of dust so I cleaned out the system and tried again. The next run of MEMTEST still picked up memory errors. It looks like the 512M memory stick is fried. I will be going out on Sunday to pick up a new 512M and try that. The first thing I will be doing when the system is back up is to do a full backup as it has been a month since my last backup.
If you don't have a copy of PCLINUX OS I highly recommend that you do. The MEMTEST option by itself is worth the time to download and burn a CD. INSERT also has MEMTEST if you want to use that distro.
I installed a new 512M memory module in the system. When I booted up I let the system fix the file areas and Linux is now up and running without a problem. In the future if you get kernel panic or VFS errors you may want to check the memory first before any other problem.
Sunday, November 05, 2006
My wife is now starting to use Scribus more and more and she is starting to like the package. There is a learning curve there and we needed to 'unlearn' what we do in MS Publisher. She is now starting to push the machine and is doing things that I wasn't sure how to do in Linux. She is comfortable enough to explore and play knowing that she won't totally hose her system like she can do in Windows.
Now that Mandriva 2007 is out I will let it 'mature' a bit more before seeing about upgrading my wife's machine. I figure a couple of months will allow Mandriva to find and fix any of the quirks before I upgrade.
Wednesday, October 18, 2006
As of 2006/10/18 for this blog I had 57 visits.
- Windows 63.15%
- Linux 33.34%
- OS X 1.75%
- Other 1.75%
- IE 28.57%
- Firefox 58.93%
- Konqueror 10.75%
- Opera 1.79%
- Netscape 0%
- Mozilla 0%
- Safari 0%
For my blog on gardening the stats are for 70 visits.
- Windows 69.99%
- Linux 15.71%
- OS X 12.86%
- Other 1.43%
- IE 54.29%
- Firefox 30.00%
- Konqueror 0%
- Opera 0%
- Netscape 1.43%
- Mozilla 2.86%
- Safari 10.00%
Those numbers are quite startling for me especially on the gardening site. While the absolute numbers are small they should be troubling for Microsoft as more and more people are not using Microsoft products. I have more numbers for my Google home page, but, those numbers are skewed in favour of Linux and Firefox as only family members use that page and we tend to use Linux and Firefox.
Friday, October 06, 2006
I know that there are laws in the U.S . and other countries that purports to minimize spamming, but, how about the various government LEAs look at who is buying the spammers services and go after them rather than the spammers themselves as a start. FOLLOW the money people and nail the ones using the services and spam may drop to tolerable levels. SPAM will never go away, but, will go down to a level where 80% of my email is legit rather than 80% spam as it now stands.
A good number of messages now are for stock promotions. For a while I forwarded them to the SEC, but, most of them now are repeats of the same companies so I have stopped for a while. When I find something new I pass it on.
For everyone who are using Windows (or Linux or Mac OS for some of the below):
- Are you using a firewall?
- Are you using an anti-virus canner package?
- Are you using a spyware scanner package?
- Are you keeping your software up-to-date?
- Are you keeping Windows up-to-date using Windows update?
Friday, September 29, 2006
The only problem is that there were a number of hackers who probed my system and found that my system was available. Not a problem in that I don't have default IDs or passwords, but, I did leave an anonymous account available to make it easier for family to get on. The hackers did use that to try to put up warez, but, didn't have the access authority to do much else . It was a real pain as I needed to clear out the upload area every several days from their 1 meg test files and clear out my security log for the password attempts. A few sites did respond back to me when I sent a copy of my log and hopefully they will cancel their accounts, the rest didn't send me a reply.
I did make a few changes on the FTP server.
- FXP is now off (default is on). FXP stands for File eXchange Protocol and it lets you copy files from one FTP-server to another using a FXP-client. Normally you transfer files using the FTP protocol between your machine and a FTP-server, and the maximum transfer speed depends on the speed of your Internet connection (e.g. 56k, cable or T1). When transferring files between two remote hosts using a FXP client, the maximum transfer speed does not depend on your connection but only on the connection between the two host, which is usually much faster than your own connection. Because it is a direct connection you will not be able to see the progress or the transfer speed of the files. I guess the hackers took advantage of this.
- There is a prompt for userid and password now.
- I deleted the ability to download from the upload area. They can put files up, but, no one can download from that area until I vet the files and move them to the download area.
- I updated the router firewall to block out the offending sites that didn't reply back on the hack attempts.
Update 2006/10/06: Another site has replied back that they are looking at the problem. I believe them as I have not had a hack attack for almost a week from their IP ranges. It helped that I wrote a short, but, nice note and then attached the log showing the full attack for them. Their reply was just as polite and very professional. The change I made to turn off FXP seemed to have stopped the hackers from dropping files on my server as I have not seen any activity there for the last week.
The machine is running smoothly and when 0.94 comes out (or a major patch to 0.93) I will be doing another upgrade (after backups of course).
Monday, September 04, 2006
Once I got the install going it took only about 10 minutes for the software to install and the machine was back up and running. It took longer for me to restore my backups for my profile, the FTP profile and my daughter's profile on this machine than to install the software.
I modified a few things from the default install:
- Changed the sound from the Intel option (ALSA) to the OSS version. It seems to skip a bit less.
- GPROFTPD installed so I can run the ftp server.
- GAIM. I prefer this IM client.
- SCRIBUS. We are playing with this as a replacement for MS Publisher which is running on a partition on the wife's machine.
- JPilot. I prefer this over the KDE, personal preference and it is a simple clean interface for me.
- Games. Installed a large chunk of the games as I will be sharing my machine with my daughter. She has her own machine, but, it is in her room and we will not allow her unsupervised net access so she has an id set up in the office and we can watch her while working.
Saturday, August 26, 2006
I will be playing with the live CD before installing to see how it works on the system. I have no doubts that it is as solid as V0.92, but, I think it would be prudent to test first as this is my main machine.
There are other versions available if you don't want to download and check out the complete version. You can go to PCLinuxOS to get more information on this excellent distribution.
In a related topic Mandriva has released a beta version of Mandriva Linux 2007. My wife and daughter are using that distribution on their machines as they like the selection of games. You can go to Mandriva for the news release.
Tuesday, August 15, 2006
Now and then I get a person who thinks they can crack the system and they fail, every time. Last night was different in that I had two separate simultaneous attacks. The short attack lasted for almost 290 password combinations over two different IDs. The main one was much more determined in that he/she used over 1,100 passwords over two different IDs. The beauty of it was that every attack was logged and earlier this evening two emails went out the attackers ISPs. The ISP of the main attack politely asked me for a copy of the log and I was more than happy to send them a copy of the security log.
I am very certain that the hackers didn't get anything as I don't have any default IDs on this system. I also enforce password changes every 90 days and yes that is overkill for a personal system, but, it is a good habit to get into. The last thing is that ROOT never accesses the FTP server and the 'power' ID does not have root priviliges, just enough to maintain the FTP directories.
If you do decide to run a FTP server (Windows or Linux) here are a few things to keep in mind:
- Have and use a firewall.
- Have and use a virus scanner (Windows only, not really necessary for Linux).
- Kill all default IDs and passwords.
- Enforce regular password changes. Minimum for me is 6 characters with 1 character that is not A-Z.
- Turn on the FTP security and log everything.
- The ID that services the FTP area does not have root capabilities.
- Grant only the bare minimum of authority to any ID.
- Backup your data on a regular basis.
- Apply all patches ASAP.
- Review your FTP and firewall logs regularly.
- Log and trace all intrusion attempts. You can trace back the attacker to their ISP by using WHOIS and then send a short note to the admin or abuse email ID.
Monday, August 07, 2006
Legit = 1,716 messages
Spam = 3,365 messages
Of the spam 223 were obvious scams and another 118 were phishing attemps. The worst month was May when I endured a flood of 1,767 spam messages while receiving only 141 legit emails.
For those who get spam:
- Don't 'unsubscribe'. When you reply with the 'unsubscribe' spammers know that they got a live account and your inbasket will probably be flooded.
- If your ISP provides spam filtering use it!
- For phishing attempts forward them to the financial institution for them to handle. Don't ignore them as this gives the spammer time to hurt some one else.
- Create a 'throw-away' account in Yahoo, Hotmail or GMail. When you fill in those registration cards use that account and not your personal.
- If it is an obvious spam don't read the message. Discard it. There are ways for the spammer to know the message was read. The easiest is to embed a graphic link so that when you open the mail it send a request to send the picture and the spammer knows it is a live account.
Here is a quick list of a number of email addresses to forward those phishing attempts to:
- Bank of America - firstname.lastname@example.org
- Barklays - email@example.com
- Chase - firstname.lastname@example.org
- EBay - email@example.com
- MSN - firstname.lastname@example.org
- PayPal - email@example.com
- VISA - firstname.lastname@example.org
A few more things you should be doing:
- Keep your anti-virus up-to-date.
- Keep your firewall up-to-date.
- Keep your system patched. If you are using Windows use 'Windows Update'.
- Backup all of your critical data to CDs (or DVD) on a regular basis.
Thursday, July 20, 2006
2006/07/25 - Google is now updating. You can see the current IP at http://thomas.traynor.googlepages.com/home
Sunday, July 16, 2006
The other change is from 'recs' to 'ratings' and this is not too much of a change to handle. I normal prioritize the rating of the messages as what to read first, then who writes the message as the second criteria so going from 'recs' to 'ratings' is not too bad.
One thing I would like back is the old layout for quickly seeing the postings. The work-around right now is using the search capability and don't enter anything for a criteria.
A number of people said that they won't be back and that is sad. It is going to take us a while to get used to the new format, but, I am willing to wait-and-see how it works out.
Monday, July 10, 2006
Sunday, June 18, 2006
Today I rebuilt the O/S from scratch and it is working without a problem. File restore worked without a hitch and the machine is working fine. Moral of this story is to do regular backups. Also, if you don't change your system and you get a kernal panic on startup check the temperature of the machine, the memory may be overheated and your system won't boot. I also mounted an additional fan on the front of the machine to help keep the system cooler. It was positioned at the same height of the memory stick to help there.
BTW the two messages I got were ->
Kernel panic: VFS: Unable to mount root fs on unknown-block(1,3)
Kernel panic: VFS: Unable to mount root fs on unknown-block(3,3)
Friday, June 09, 2006
You do have a few options.
- You can move up to a more recent version of Microsofts OS offerings.
- You can keep your version of Windows, but, no bug fixes or upgrade.
- You can look at a Linux distribution (see Distrowatch on the right hand side).
Friday, May 26, 2006
For those who keep saying that CANSPAM works... It does not. Not all of the spammers are in the US and they have more than made up for the drop from last year. What is the solution, I am not totally sure. It may help if people secure their machines better and check to see if their machine is clean from all of the Mal-ware. Next the ISPs should be looking at the volume of email coming from people to see if they are really a business or a machine that has been hacked.
I will try to remember to update these numbers at the end of May.
Update 2006/05/29 - 1689 mails, 1533 spams, 136 legit. Spammers do your worst, Yahoo filters are working over 99% of the time and all legit mail was received.
Sunday, May 14, 2006
On Saturday I tried to enter the census system and it told me that the environment was not supported, which from my viewpoint was total bullshit. The government, when they allow their citizens access to services should not dictate the O/S in any way. If they were concerned about security then they should be banning the use of Windows as it is the O/S of choice for viruses, trojans and spyware.
On Sunday I saw a short note on the Yahoo SCOG forum that the Feds updated the system to allow access for Linux based systems and when I tried it the site worked! One more small victory for Linux. I hope that the Federal government realizes that they would be better off designing systems that meets standards (not Microsoft's version) that are O/S independent. I realize that it makes testing more difficult, but, it will allow anyone with the proper secure protocols access to the system.
Sunday, April 30, 2006
In the last three days I have one hundred and forty-five emails and only two were legit. There must be something going on in the bot world. One hundred and twenty of them were for porn and I automatically delete them without even reading them. They may be hoping that the curious will eventually click on the message.
If your ISP offers spam filters make use of them! The filters may accidentally classify legit email as spam, but, you should be able to redefine it as legit later on. If you are on dial-up, using the filter will allow you to keep your mail pickup times to a minimum. You can then use the web mail interface (the ISP has one doesn't it?) to review the subject line of the mail and the sender of the mail flagged as spam so you can pick out the ones you actually want to receive.
Friday, April 28, 2006
I have been keeping track of the Yahoo account and here is a short summary of legit email:
January - 42.7%
February - 49.6%
March - 38.3%
April - 27.6%
So far out of 1455 messages only 553 were legit. There were 50 phishing attempts and the rest were UCE, porn and scams. In my not very humble opinion the law is almost completely useless. Spammers just moved their operations to where U.S. law does not apply, fired up their bot nets and let fly with their spam like usual.
Thursday, April 20, 2006
If you want stock information don't take unsolicited notes, talk to a real financial planner or stock broker. They will do a fair bit of work identify what level of risk you can handle and make recommendations on what you should invest in. You also should do your own homework and research the companies before investing.
For the last 10 days the email in Yahoo has been approximately 2 spam for every legit email. One question for the legislators in the U.S. How effective do you think the CANSPAM act is because just the same amount of crap is migrating into my mailbox now?
Saturday, April 08, 2006
Here is a copy of the email and I will highlight all of the errors in red that they made in the message.
Dear Chase Member,
This email is to inform you, that we are upgrading our ways of security and your account may have been compromised by other parties.
Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some
unusual activity in our research due upgrading related that your account indicates that other parties may have access and or control of your details in your account.
These parties have been involved with money laundering, illegal drugs, terrorism and various Federal Title 18 violations.
Your will need to re-enter some imformations about your account for advanced verification and to let us know that your are aware of this violation and due this way we can stop the outside parties.
We won't require your ATM PIN number for this operation!
Please follow this link to complete your security verification and protect your account :
Update your account now.
Please be aware, if you don't upgrade your account this will lead to money loss and we will have no other liability for your account or any transactions that may have occurred lately.
Thank you for your time and consideration in this matter .
© 2006 JPMorgan Chase & Co.
I removed the link on 'Update your account now'. When you get such a message check the address that the link leads to you will notice that it will not be to the site that the message claims to be from.
Saturday, March 25, 2006
I liked PCLINUXOS enough to put my money down and support the package. If you are using Linux yourself think about supporting the distro that you are using. This will allow the person(s) who are putting a huge amount of time a bit of cash to help keep working on the product.
I may eventually migrate the other two machines. I don't like the fact of how they treated Gael Duval when he was let go from Mandriva. He was in my not humble opinion the reason that Mandriva got to be so popular. I hope that his new enterprise Ulteo does take off. That and IMNSHO Mandriva is getting too big and bloated. It is a wonderful distro and is a snap to install and administer, but, it has way too much and suffers for that.
Friday, March 10, 2006
I got desperate and tried a few Linux distros that had HPFS support. Unfortunately I could not get the RW option to work on her drive. It looks like she will have to use Knoppix to backup her data to CD and then wipe the drive and do a clean install.
The only thing she did was to click on one of the files Matthew downloaded before they scanned it. It took over her machine so fast and thoroughly that it is not funny.
Microsoft why do you allow your OS to do this? Why can't you set things up that a normal user cannot totally screw up the OS? I understand that users don't want to have an 'admin' id and a normal one, but, at least force a few more screens asking if they are sure and then ensure that it is a real person keying in the reply and not a program.
Upside is that I now have two people who may now listen to me about Linux. They can keep windows for the stuff that isn't on Linux, but, use Linux for everything else and they won't get screwed over as bad by the next Windows virus/trojan.
As for the trojan and spyware makers, YOU ARE SCUM! Any moron can wreak havoc on a machine and own it. Try something difficult, make a useful program that the user can uninstall when they don't want it.
Matthew is backing up the laptop and will be re-imaging the machine again. This time he plans on turning up the security to a higher level. Namely dis-allowing a normal id admin functions, up-to-date virus scanner and several free sypware scanners. I also gave them a copy of Knoppix just in case.
Wednesday, March 08, 2006
The link itself was 'http://______.ro/PayPal.exe' (I deleted most of the link so you cannot accidentally go there). Note the '.ro', that is Romania if I remember correctly. Remember, never click on the links in the notes. Go to the site yourself if you are not sure send them an email first. I run Linux at home so I felt safe to try to download the program and see what little nasties were in it. Fortunately it appears that the link was not valid. I was disappointed in that I could not try out CLAMAV on this.
Here is the complete text of the message. I highlighted all of the spelling and grammar errors.
While performing it's regular scheduled monthly billing address check our system found incompatible information which seams to be no longer the same with your current credit card information that we have on file. If you changed your billing information or if you moved from you previous address please follow up the link bellow and update your billing information: If you didn't change any of this information you still need to follow up the previous link and update your existing billing information because it means that our database regular scheduled update wasn't made correctly. Choosing to ignore this message will result in to a temporary suspension of your account within 24 hours, until you will choose to solve this unpleasant situation.
We apologies for any inconvinience this may caused you and we strongly advise you to update your information you have on file with us. Clicking Click here for download PayPal Driver_ you will avoid any possible futuring billing problems with your account.
This is not one of the better phishing attempts going around. The thing that makes it different is that they are looking at getting you to click, download and run a program.
Two links that you can go to:
Monday, February 27, 2006
That is a handy thing. I now know how to set up password protected files that only certain people can access even if everyone else can see the names of the files. I also learned how to set up an anonymous id with only read access to the files.
Sunday, February 26, 2006
- Replacement cartridge is about $80;
- It actually mentioned on the packaging that it is Linux compatible.
The test pages came out very quickly and the graphics were great. I then set up Samba to share the printer throughout the house for myself and the family. That took all of 30 seconds to do.
One little feature on the printer I like is the off/on button. Most manufacturers think leaving this out and trumpeting 'sleep mode' is great. Personally if I am not using the printer I want it off and not in sleep mode. Sleep mode still uses hydro and I am paying for that.
Last note, Staples has an online site where you can fill in for the rebate. I did that this morning and I will see how that process goes. It beats filling in a paper form and then use a stamp to get money back. There is also a web site so you can monitor the status of the rebate. More on how this worked later on.
Saturday, February 18, 2006
I will try the printer on another computer later to verify that it is the printer and not the server that has problems. This gives me another excuse to look at a newer model printer for our home network. The price of cartridges also is a factor. The only upside is the last time I replaced the cartridge was August 2002.
Time to do my homework. I prefer laser, but, if it is not fully supported in Linux I will use an injet. Cost is another factor. A new printer is actually cheaper to buy than replacing a cartridge many times.
I thought about using SSH, but, had a thought. Why not set up a FTP server and he can dump his files here and then send an email to everyone else that new files are there for anyone in the family to look at. This is a good way of putting up the files as a number of people are on dial up and it won't take hours to download their email with photos/movies, they can go to the server and download only the files that are of interest to them.
I did a quick look through the Mandriva CDs for what FTP packages are available. I finally settled on GPROFTPD. It was small and simple. It took me all of five minutes to set up and the server. A generic account with read-only access was quickly created for family members. My brother-in-law had his id created quickly along with myself. Setting up the software, configuring and playing with the settings and options took one day. I tested the link from work and it didn't work. When I got home I found the problem in that I set it up as an XINET daemon rather than a stand-alone application. Once that was fixed it worked without a problem.
Sunday, February 05, 2006
- Kama Sutra
- Nyxem version D
- Nyxem version E
As a suggestion how about a central reposititory of discovered viruses, how it works, etc? The security community can then define a standard naming convention so that the short name is meaningful, but, allow the first to discover it to give it a 'common name'. In other words a 'Taxonomy' for computer mal-ware. This is good enough for the scientific community for identifying and naming organisms so why not for security software companies to define mal-ware? I use the phrase mal-ware so that viruses, trojans, spyware can all be classified, not just viruses, and the results are available to the public and media. Just enough information should be available to the general public to inform themselves on the risks and how to clean up the mal-ware.
The other benefit is that the massive list of viruses and trojans will be cut down and companies will find it harder to trumpet the number of mal-ware items they scan for as a marketing tool and not as a consumer information tool. In my opinion a lot of the counts are inflated with minor and meaningless variants on the same virus. It would also make it easier for the consumer to compare products to see which package fits their needs. At this time you almost have to be a computer security expert to determine the package that truly fits your security needs.
They should be looking at this as an opportunity to take their software and break the Windows® dependecy. What sections of the code does not require windows and what does. From what I figure there are three very basic sections for the software. First if the database where you store the data, second is the calculation engine and the third is the presentation (and printing) engine. If you modularize the code so that only small specific sections in the modules are operating system specific then developing a package that will run on different operating systems is simplified.
The last thing you should think about. Linux runs on IBM mainframes and Windows® does not. Is there an opportunity to offer the software to corporations who can then offer the chance to do their taxes at work as a corporate benefit? Just a thought.
Sunday, January 29, 2006
To those who think spam is a legit way of getting your message out I have a message for you:
- Your spam does not work. Most of us now have spam filters and your spams are consigned into the electronic trash heap. Personally I check the sender name and if I don't recognize it I delete it without opening the message.
- If I recognize your name as a local operation I make it a point NEVER to patronize your business.
- If I am interested in your product and/or service I will go to your web page myself and do my research and compare you against your competitors. No amount of spam will interest me (see #2).
For those of you who are flooded with spam you can do a few things.
- If your email package has a spam filter, use it!
- If your ISP offers spam protection, use it! If your ISP does not have one ask them why?
- If you use HOTMAIL, GMAIL or YAHOO use their spam filters!
- If your account is totally flooded look at creating a new email id and only a few friends and family members get that id. Leave the old account as spam bait.
- For all of those warranty forms that ask you for your email account, don't use your main id. Create a disposable account. When it gets spammed you can ignore those messages. We do this at home. My Yahoo account is the id used for all warranties and registrations. That is also why I get so much spam.
Wednesday, January 18, 2006
Tuesday, January 17, 2006
- Never click on a link in a note that purports to be from your bank, insurance company, ISP or just about anyone else asking you to re-enter your personal information again. These companies won't ask you do do this and even if they do it is much safer for you to open your browser and go to the site yourself.
- If a 'financial opportunity' sounds too good to be true it probably is. Many of these people are playing on our greed.
- If a company is asking for your email address to register use a throw-away id and never use your main personal email address. I use Hotmail and Yahoo for this and my personal box does not get the volume of spam that I used to get.
- Make sure that your system is up-to-date. Use the Windows update facility.
- Get a router with a basic firewall. Make the job of the crackers difficult.
- Get firewall software and keep it up-to-date.
- Get virus scan software and kep it up-to-date.
- Make sure that your system is up-to-date. Use whatever facility your distro has to install updates. Just because we are using Linux does not mean you don't have to patch your system.
- Get a router with a basic firewall. Same as windows.
- If your distro comes with IPTABLES or firewall software use it. Why make the job of a cracker any easier.
- As for virus scanner that is up to you. I run one as my SAMBA share is used by the kids and they use Windows. This allows me to check the directory even if I am not affected by the virus/trojan.
Sunday, January 01, 2006
I have received a reply from E-Bay and I will quote the first paragraph of their note:
We have reviewed your report and have found that the message you received was made to appear as if it had been sent by an eBay user; however, it was not. All email sent to you from other members through eBay's email system will also appear in the My Messages portion of My eBay. If you get an email to your registered eBay email address that looks like it's from eBay or another eBay member asking a question, check My Messages first. If it's not there, it's a fake email.