|
StarLink-IRC announces our 'kids channel' subnetwork.
These channels will be regular net channes but will be operated and managed
to provide a friendly and safe environment for kids around the 8-14 age
group.
The principal coordinator for SLIRC-Kidz is Cheetah who
should be contacted if you are interested in supporting or establishing
a Kidz channel or have any suggestions.
On a related issue, to support SLIRC-KIDZ, Channel Services
announces the formation of a Junior Channel Service program. The details
of the CServiceK program are still being worked out but we think it will
provide our new SLIRC-Kidz channels with support and assistance by kids
for kids.
|
We welcome wantabe.com to the SLIRC family! Wantabe.com
is a small ISP in Houston, Texas USA (which any of you in the area
should give a try as your ISP) that has recently decided to join our network
after looking at our principles (and after unmerciful nagging by Lt_Ed
from #Cops).
The owner of wantabe.com goes by the nick sinbad or spiderman
and, for all you techies, is a recognized UNIX expert.
|
SLIRC is always on the lookout for people or groups who
want to sponsor technical support channels like #mIRC or #PIRCH, #Macintosh,
#Win95 and the like. There is a lot of expertise scattered over our little
township and users always need help. If you have the expertise (and feel
like putting in the time) then check in #Channels for more information.
One thing, if you do want to sponsor a tech support channel, please try
to make sure that you or your friends doing it are online to occupy it
at least most evenings. There's nothing more disheartening than seeing
just the help channel you need on the list and then finding it unoccupied
when you enter!
|
|
29 APR 97
STARLINK-IRC Bot Hack
Dateline: 29 Apr 97, Starlink-IRC Trans Galactic
Really Spiffy Command Post hidden deep below .. ah.. hm.. ok it was the
#Oper channel, but its NEARLY the same thing....
Tuesday night, around 11pm ET, someone masquerading as
Dev|Null managed to hack the SL-IRC Operator Service Bot (DeathStar).
The main purpose of the hack appeared to be just general network wide harassment,
such as filling all channel banlists with "YOU'VE BEEN HACKED..."
etc.
Special Note, we have VERIFIED that the hacker was, in
fact, NOT Dev|Null but someone else apparently accessing a similar compuserve
account.
In any case, due to VERY quick response by your
friendly neighborhood StarLink IRC staff (with VERY SPECIAL kudos
to Atlanta and birdman for fast reaction!!!) DeathStar was immediately
shut down, and the hacker dealt with. The hacker's entry point to the bot
was identified and removed and DeathStar was restarted without difficulty.
There were no apparent long-lasting effects on the servers, CStar, or DeathStar.
Banlist Note: Most channel banlists had been completely
filled with the hack message. (Bans set through CStar were NOT affected,
however, so those will not need to be reset). We did remove the channel
bans to free up the banlist, so PLEASE be sure to restore any legitimate
channel bans that may have been removed in the process. We sincerely
apologize for any inconvenience this mass clearing may have caused, but
at 1 AM, getting the banlists cleared seemed more important than finesse.
The final result is that the net was restored to normal
and we are taking steps to identify the attacker and take whatever actions
are appropriate. Oh, and to all you StarLink-IRC folks who were on-line
during the excitement - thanks very much for your patience and understanding
during the moments of crisis. Everyone deserves a pat on the back for this
one!!
18 APR 97
AOLFREE VIRUS
AOL4FREE.COM Virus Warning! From DOE CIAC.
Note: This is NOT the same as the earlier AOL trojan
hoax.
Article summarized for archiving. Check the CIAC site
for details.
INFORMATION BULLETIN
AOL4FREE.COM Trojan Horse Program Destroys Hard
Drives
April 16, 1997 18:00 GMT Number H-47
VULNERABILITY ASSESSMENT Users who download
the trojaned AOL4FREE.COM program and executes it will destroy all the
files and directories on their DOS C: drive.
NOTE: THIS IS DIFFERENT FROM THE EARLIER AOL4FREE
HOAX!!!
CIAC has obtained a Trojaned copy of AOL4FREE.COM
that destroys hard drives.
CIAC has obtained a Trojaned copy of the AOL4FREE.COM
program that, if run, deletes all the files on a user's hard drive. If
you are e-mailed this file, or if you have downloaded it from an online
service, do not attempt to run it. If the program was received as an attachment
to an e-mail message, do not double click (open) it. Opening an attached
program runs that program, which in this case deletes all the files on
your hard drive. The original AOL4FREE.COM was a program for fraudulently
creating free AOL (America Online) accounts. Note that any attempt to use
the original AOL4FREE.COM program may subject you to prosecution.
NOTE: Most antivirus programs will not detect this
or other Trojan Horse programs.
Recovery ========
Pressing Ctrl-C before the Trojan Horse finishes
deleting all your files will save some of them. If the program runs to
completion, all the files on your root drive will have been deleted. The
files are deleted with the DOS DELTREE command, so the contents of the
files are still on your hard disk, only the directory entries have been
deleted. Any program that can recover deleted files will allow you to recover
some or all of the files on your hard disk.
While attempting to recover files, be sure to not
write any new files onto the hard disk as the new files may overwrite the
contents of a deleted file, making it impossible to recover. You will probably
have to boot your system with a floppy and run any recovery programs from
there.
If you happen to have one of the delete tracking
programs installed on your system (a program that keeps track of deleted
files in case you want them back) the recovery operation will be relatively
simple. Follow the directions in your delete tracking program to recover
your files. If not, you will probably have to recover each file individually,
supplying the first character of the file name, which is overwritten in
the directory when the file is deleted. Most DOS/Windows disk tools programs
also have the capability for recovering deleted files so follow the directions
included with those programs to do so.
Background ==========
The original AOL4FREE.COM program was developed
to fraudulently create free AOL accounts. The creator of that program has
pleaded guilty to defrauding America Online for distributing that program.
Anyone else attempting to use that program to defraud AOL could also be
prosecuted.
An e-mail message was recently circulating about
the Internet that warned of an AOL4FREE virus, but that warning is either
a hoax or a badly misunderstood description of this Trojan Horse. 1. This
program is a Trojan Horse, not a virus. It does not spread on its own.
2. A Trojan Horse must be run to do any damage. 3. Reading an e-mail message
with the Trojan Horse program as an attachment will not run the Trojan
Horse and will not do any damage. Note that opening an attached program
from within an e-mail reader runs that attached program, which may make
it appear that reading the attachment caused the damage. Users should keep
in mind that any file with a .COM or .EXE extension is a program, not a
document and that double clicking or opening that program will run it.
CIAC still affirms that reading an e-mail message,
even one with an attached program, can not do damage to a system. The attachment
must be both downloaded onto the system and run to do any damage.
|