Donny Mack

Post Your Junkie / Junk Mail List Here

I wanted to start somewhere to post email junk mail lists. So I started a new Forum Group “Forums That Never Will Be On Forums Home Page”

I've posted over a thousand junk email addresses I've received. Please help contribute. let's see if we can reach OLK 2K3 Max Junk Mail File size.

Also, this is the only place you can find this link so only forward on to people you trust. I guess on the flip side, if a spammer get this list they'd be spamming themselves :-)

Junk Mail Lists

Since installing OLK 2K3 I've been religiously addign emails to my junk mail list and I currently have over 3K of them and I'd like a place to post them and to let people add to them so I can grow mine. I'm to the point that I only get about 4-5 new junk mails (unfiltered) in my inbox every day, but I'd like to eliminate it completely (without using one of those third-party forwarders)

Anyone know of anywhere, or do you think we should start one here? I can start a forum for it if we want it?

Let me know! I'll probably start one anyway, but it would be nice to know if anyone else would use it also first.

Fix for Virus: W32.Blaster.Worm

Fix: http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

When W32.Blaster.Worm is executed, it does the following:

1. Creates a Mutex named "BILLY." If the mutex exists, the worm will exit.
   
   
2. Adds the value:
   
   "windows auto update"="msblast.exe"
   
   to the registry key:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   
   so that the worm runs when you start Windows.
   
   
3. Calculates a random IP address, A.B.C.0, where A, B, and C are random values between 0 and 255.
   
   NOTE: 40% of the time, if C > 20, a random value less than 20 will be subtracted from C.
   
   
4. Once the IP address is calculated, the worm will attempt to find and exploit a computer on the local subnet, based on A.B.C.0. The worm will then count up from 0, attempting to find and exploit other computers, based on the new IP.
   
   
5. Sends data on TCP port 135 that may exploit the DCOM RPC vulnerability.
   
   NOTES:
   • This means the local subnet will become saturated with port 135 requests.
   • Due to the random nature of how the worm constructs the exploit data, this may cause computers to crash if it sends incorrect data.
   • While W32.Blaster.Worm cannot spread to Windows NT or Windows 2003 Server, unpatched computers running these operating systems may crash as the result of attempts by the worm to exploit them. However, if the worm is manually placed and executed on a computer that is running these operating systems, it can run and spread.
     
     
6. Creates a hidden Cmd.exe remote shell that will listen on TCP port 4444, allowing an attacker to issue remote commands on the infected system.
   
   
7. Listens on UDP port 69. When the worm receives a request from a computer it was able to connect to using the DCOM RPC exploit, it will send that computer Msblast.exe and tell it to execute the worm.
   
   
8. If the current month is after August, or if the current date is after the 15th, the worm will perform a DoS on Windows Update. The worm will activate the DoS attack on the 16th of this month, and continue until the end of the year.
   

The worm contains the following text, which is never displayed:

I just want to say LOVE YOU SAN!!
billy gates why do you make this possible ? Stop making money and fix your software!!

New Blogger: Paul

Paul http://www.dotnetjunkies.com/weblog/plaudeman/ 

Just set him up!

Web Server Market Share and HTTP Compression

Tim Huckaby

InstantDoc #39729

July 29, 2003

In January, I wrote about an interesting Port80 Software survey that concluded that IIS is the dominant Web server platform for Fortune 1000 companies' public Web sites. Port80 conducted another survey this month and again concluded that IIS dominates the Fortune 1000 market. The new survey's results indicate that IIS has 53.7 percent of the market share. The next closest competitors are Netscape and Apache Web servers, with 18.6 percent and 16 percent of the market, respectively. Netscape continues to decline as a Web server choice for Fortune 1000 companies, losing 2.4 percent in the July survey. The survey data also indicates a general shift from Internet Information Server (IIS) 4.0 running on Windows NT 4.0 systems to Internet Information Services 5.0 (5.0) running on Windows 2000. IIS 6.0 running on Windows Server 2003 appears on the survey, but only at 0.5 percent. I'll be interested to see how the IIS 6.0 number jumps when Port80 conducts its next survey.

Another result to note is the Other category, which consists of IBM, Lotus, unknown, and other Web servers and which jumped significantly to 11.7 percent. I'm guessing that the "other" option in the Other category comprises variants of Linux-based Web servers. You can check out the most recent survey results at http://www.port80software.com/surveys/top1000webservers .

Port80 also recently completed a survey about HTTP compression, an underused technology for accelerating Web sites and Web-based applications. When IIS receives a request, HTTP compression checks to determine whether the browser is compression-enabled. IIS then checks the filename extension to determine whether the requested file is static or contains dynamic content. If the file contains static content, IIS checks to determine whether the file was previously requested and has been stored in a compressed format in the temporary compression directory. If not, IIS sends the uncompressed file to the browser, compresses the file, then adds the compressed copy to the temporary compression directory. If the file was previously requested and is already stored in a compressed format, IIS sends the compressed file to the browser. In some cases, HTTP compression technologies can make Web applications and sites run dramatically faster, reducing bandwidth costs. To learn more about HTTP compression and how to enable it i

n IIS, click the following URL: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/standard/qos_utilbandwdth.asp?frame=true .

Very few of the Fortune 1000 companies--only 2.9 percent--realize HTTP compression benefits. Port80 speculates that the Fortune 1000 could save more than 25 percent in bandwidth costs (millions of dollars annually) and more than 30 million bytes of data on their home pages alone by using HTTP compression. As you might expect, Internet-savvy companies such as Google, Amazon, and Yahoo! use HTTP compression.

IIS 6.0 has HTTP compression built in, which contributes to its fantastic performance. Chris Page, chief technical information officer (CTIO) for Web-hosting provider MaximumASP, understands the importance of HTTP compression technology. He said, "Prior to upgrading to Windows Server 2003 and IIS 6.0 as our hosting platform, MaximumASP closely evaluated several third-party HTTP compression technologies and found that HTTP compression actually improves the performance of the IIS Web server while significantly reducing the bandwidth required to deliver content. At that time, we chose to wait until we moved to IIS 6.0 to start utilizing HTTP compression, which has excellent HTTP compression built in, but there's no question in our minds that any Web server not running IIS 6.0 will benefit from employing third-party HTTP compression tools."

A list of the top 10 companies that would benefit the most and least from HTTP compression among the Fortune 1000 is available on the Port80 Web site, and I bet that some of the companies on the list will surprise you ( http://www.port80software.com/surveys/top1000compression/toptencompression ). If you want to see the individual statistics for each company on the survey or test your own site's HTTP compression, visit the following URL: http://www.port80software.com/surveys/top1000compression .