Who is Brimstone.Burningman.com

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 17, 2007 9:15 am

When I've been linking to eplaya in the past, it has always been eplaya.burningman.org now its brimstone.burningman.com

come now if that doesn't mean that BM is a cult and why the connoctation to such a negative word.

Has anyone been linked up to goliath.word-to-the-wise.com as known IP server hacker site lately.

AIIZ

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 17, 2007 11:01 am

How many of you have been running Netstat on your command prompt or start>run. Run " Netstat help" for more network and internet connections!

If you see something similar to the above such as this phishing code
69-44-123-169.wcg.net. this is going to a sub domain such as eplaya.burningman.org.

your looking for the hyphen "-" between numbers in an IP type address
then you're been hacked.

Don't trust browers such as firefox, netscape or IE. I've seen firefox being hacked too.

I think the new IE 7 with disable add-ons and anti-phishing is the safest.

Also does your anti-virus update in SSL secure connection. If it doesn't I would use the new live onecare. It is the only virus software that I know that does. They have a trialware for 90 days.

HOw about updating your windows using their SSL. Click Tools>update window once connected type in an "s" after http (https://) and reconnect.
Many people don't know this. If you can't connect or it jumps back to an un-secure connection then something is funny with you computor. Wipe out your hard drive then reinstall your operating system using the https://update.windows.com connection. don't not use your third party firewall but only windows set on "No Exception" rules. Then install Live Onecare. Use that with it set to no exceptions at all times unless you need File and printer sharing, but if you are surfing the web remember set it to "No-exceptions"

You can place web sites in your Not Trusted Zones for further protection. Or you can open up your .Net frameworks and adjust your Zone security so no programs run malicious codes or install programs on their own.

Here are some ip sites that host hackers. again Look for these in your Netstat.

62.41.80.74, zonerhost.net, do a samspade.org to look for full ip range if you want to block these addresses in your physical firewall (most software firewalls are easily hacked).

so Do a netstat check right now. what do you see. Post that info now for us to see.

If you don't see a anything and your browser in not open or programs are not updating then your OK. But if you reading this then something is amiss there should be connections that are either open, waiting, listening but you should have some connections. especially if you have been browsing and you haven't restarted your computor.

gyre · Post by **gyre** » Sat Mar 17, 2007 1:00 pm

I didn't understand about half of that.
Can you translate into english please?

GREENPENIS · Post by **GREENPENIS** » Sat Mar 17, 2007 1:34 pm

Brimstone is a negative word ???
As in fire and ......... ?

Anything that goes with fire so well is OK by me.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 17, 2007 4:34 pm

gyre wrote:I didn't understand about half of that.
Can you translate into english please?

which half?

Greenpenis, is your penis Irish?

then happy Patty's Day!

I still haven't heard what happened to the Eplaya sub site?

brimstone is personified in a negative manner made so by the christians to attack the weccans as Evil. It is an offensive word which offends my weccan witch friends therefore I find it offensive. Brimstone which is sulphur was melted and pour on the faces and hands of witches as a form of branding. Now do you get the message!

AIIZ

Dork · Post by **Dork** » Sat Mar 17, 2007 5:57 pm

Where are you seeing the links to brimstone.burningman.com? It's probably something that was set up some time ago for testing purposes and forgotten about.

What do you mean by "Eplaya sub site" ?

Lassen Forge · Post by **Lassen Forge** » Sat Mar 17, 2007 6:19 pm

Yeah - you need a password to get in. My guess is it's a backup or old testing site.

Or a hacker site...

bb

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 17, 2007 6:46 pm

Dork wrote:Where are you seeing the links to brimstone.burningman.com? It's probably something that was set up some time ago for testing purposes and forgotten about.

What do you mean by "Eplaya sub site" ?

Well when I'm in eplaya now and I am using netstat to view my network connections all I see is a connection to brimstone.burningman.com. now that could be because of the problems we had last year and eplaya had to be recreated in a new directory so the problems could be resoved. But I check my connection all the time and now its showing this ip. samspade.org shows it within the BM site.

Now eplaya.burningman.org's pointer is set to this directory that I may be mistakenly be calling a "Sub Site".

Bridgebay sees that connection. Is anyone else?

And yes, its passworded protected.

I'm sure its OK, but I'm waiting to here from a moderator or admin.

AIIZ

PS- it seems that goliath.word-to-the-wise.com is the host site for samspade.org. They recently moved to that new web host server since the old host server couldn't handle the bandwith.

helitack · Post by **helitack** » Sat Mar 17, 2007 7:02 pm

You are certainly being hacked at this moment. Run like hell...

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 17, 2007 7:15 pm

you would have to strike when I was in the middle of a Peace Movement!

Now pull up pants while running

Jeffery "Helitack" Damer strikes again!

Lassen Forge · Post by **Lassen Forge** » Sat Mar 17, 2007 7:44 pm

Little bit abrasive, don't you think AZ??

Make that kind of combative, and rude.

To the extreme.

I'm not only not impressed, I'm rather disappointed. Dahmer, indeed.

Classless. Worse, some boards would ban you for such things.

bb

Dork · Post by **Dork** » Sat Mar 17, 2007 10:48 pm

Ok, I see it too now. What I believe is happening is netstat gets a list of connections by IP address, then does a reverse lookup on that IP. brimstone and eplaya both have the same IP address, and the lookup sends brimstone as the first result. Watching web traffic in my browser I'm not seeing any requests go to brimstone.

It's not any sort of hack and you aren't actually connecting to brimstone, netstat is just picking the wrong server name to display.

GREENPENIS · Post by **GREENPENIS** » Sun Mar 18, 2007 12:19 am

Apollonaris Zeus wrote:
gyre wrote:I didn't understand about half of that.
Can you translate into english please?
which half?

Greenpenis, is your penis Irish?

then happy Patty's Day!

I still haven't heard what happened to the Eplaya sub site?

brimstone is personified in a negative manner made so by the christians to attack the weccans as Evil. It is an offensive word which offends my weccan witch friends therefore I find it offensive. Brimstone which is sulphur was melted and pour on the faces and hands of witches as a form of branding. Now do you get the message!

AIIZ

And happy St.Patty's right back at cha.
Well, I am 1/2 Irish so I suppose my penis
would also be 1/2 Irish.
That would explain why it is shaped like
a Hillshire Farms cheese log.
Having been force fed Babtist theology
and beliefs for most of my childhood,
brimstone to me has always been part of
fire and brimstone, like the kind that God
rains down upon sinners when something
particularly pisses him off from time to time.
For early christians to implement brimstone(sulphur)
is actually morbidly poetic, since they thought
that to scar or burn a witch was giving them a
taste of what would come if they didn't change thier
evil ways. This would actually anathematise them from
having any chance of co-existing in society for the
remainder of thier lives. Pretty tragic, but worse than death?
But still I find a certain beauty in the phrase
Fire and Brimstone, of its usual phonetic pairing.
To think that using the word brimstone
leads to an insinuation that Burning Man is a cult
is simply silly. Burning man is a freakin smorgasboard
of cults. Some serious and some not so. Besides, what is
wrong with belonging to a cult ?

gyre · Post by **gyre** » Sun Mar 18, 2007 6:31 am

Pretty much the part with computer advice.
I could use good advice on configuring firewalls and router antivirus settings.
Not clear on most of what you are talking about though.
Using mcafee now but was looking at ca.
Need a choice for apple too.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sat Mar 24, 2007 7:34 pm

gyre wrote:Pretty much the part with computer advice.
I could use good advice on configuring firewalls and router antivirus settings.
Not clear on most of what you are talking about though.
Using mcafee now but was looking at ca.
Need a choice for apple too.

Make sure you have a physical firewall. Most routers have them and some modems do as well. NAT enabled ones are the best. But make sure that they are enabled which is the default setting, but it could be turned off. There are other settings to look for. If you don't use file and printer sharing, then you don't need those in your connection setting and they should be deleted not just unchecked. In your advance settings, net bios should be disabled as well.

But there are other important settings. I would check microsoft support for them as well as google for more. There is alot to learn and beyond my experience. You can ask
DVD for more info.

AIIZ

helitack · Post by **helitack** » Sat Mar 24, 2007 7:57 pm

Use a Mac. Enable the firewall and your done. Easy isn't it?

gyre · Post by **gyre** » Sun Mar 25, 2007 6:16 am

I still have to keep an ibm on as I need to be more conversant, but apple too and clearly the way to go.
My default on the router is firewall down so I have to set that up.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sun Mar 25, 2007 10:11 am

Apple is good, but the new ones will be more like an ibm. It will be based on the Motorolla 86x chip and more compliant to window code. Apple is not as safe as most apple people believe only that less viruses are written for it then windows. Browsers are universal therefore a viruses written for a them work on any machine including java, flash, active x.

What gets me is that you have people finding flaws, it takes time to find them and companies like microsoft doesn't reward them in cash, but only credits them. So these are sold to anti viruses companies that have clients pay for their critical updates. Or worse, on the black market ending up on porno-videos and attachments or are worms seeking a micro-second opened port.

Mircosoft will be the last to offer them to the general public.

gyre- if you have been operating without a firewall most likely your machine has been hacked. Worms are sent out regularly by other infected machines. If one of those machines are behind the firewall, your router firewall is useless. Once your machine has been hacked, you can't fix it. You can only reinstall your operating system and it has to be on a drive that has been wiped clean of all information. Sometimes to a low level format: 010101010101... if you do that, you must set your windows firewall to full restrictions, ie. No Exceptions! Even the software that is bundled with your restore disks can open ports that are accessed when those programs open them and worms can find their way inside.

I use only original Operating systems disks sold seperately so I don't have the bundles software installed. Most of the bundle software is crap that I never use so why install that shit in the first place only to uninstall later. Buy the windows disks, order the Service Packs from microsoft, install them before accessing the internets (don't set up network connections until after these are installed)

Once the disks are install. Before you connect to the internet or network, remove all services in your connection. You only need "Internet Protocol"
Click properties>Advance>Wins and check "Disable netbios" that is an open port that windows keeps open for people that use a networks system at work or home office.

Now do the windows critical update on the internet using https://updatewindows.mircosoft.com

Make sure you see the Lock Icon in the lower right bottom.

After installing the critical updates, install your anti-virus, anti-spyware and anti-christ software (trademarked)!

Does you virus software update using an SSL connection. If it doesn't it useless. Anti-virus updates over the internet can be altered so that certain virus are not detected.

It can take several viruses before a hacker has total control of your machine. One to take out your anti-virus program, one to disable your firewall, one to disable your system restore, one for this and one for that and you are not in control of your machine.

If you are unsure whether your anti-virus updates in SSL, call the company. Don't send an emal- it won't do you any good if your machine's been hacked already.

Once you have updated your OS and AntiVirus, now install the other software. If you are on a network file sharing DSL, you can re install those features now. You can uncheck, "No Exceptions" or use your software firewall along with your router or modem firewall.

Another, precaution; if you have multiple machines behind your router or modem firewall, turn them off until you have updated everything.

Case in point, after updating one of my computers, Norton warned me that an intruder was trying to access my newly re-installed and updated machine. It was coming from another machine behind the firewall. That is why you want to turn off all the machines behind the firewall and why you always want a software firewall set to no exceptions on each machine behind the physcal firewall.

If you have several machines using file and printer sharing in a biz enviroment, don't have them connected to the internet unless you don't mind someone hacking your machine have a separate computer that connects to the internet and not your office or home network. That is the only reliable way to secure your sensitive date!!!!

good luck

AIIZ

Dork · Post by **Dork** » Sun Mar 25, 2007 1:09 pm

Wow... there's just so much wrong in that post I don't know where to start. I'm speechless.

helitack · Post by **helitack** » Sun Mar 25, 2007 1:30 pm

No shit?

Archantael · Post by **Archantael** » Sun Mar 25, 2007 1:50 pm

I think AIIZ did a good job of covering the basics that most people never consider and there is truth to much of what he wrote.

The most important thing that anyone can gain from all of it is Info Security is a serious problem that belongs to everyone. Almost anything that gets people off their ass to think about it IMHO is a good thing.

Dork · Post by **Dork** » Sun Mar 25, 2007 3:00 pm

There was some truth in there, and a lot of nonsense.

Browsers are not universal. It's possible for a browser exploit to exist in all Windows, Mac, and Linux versions but this is certainly no guarantee. Same with Java and Flash - the software that interprets what you download could easily have a flaw in one implementation and not another.

I don't know where that black market stuff comes from. Flaws are found by hackers (in the good sense of the word) or by people working for security companies. They usually send out a press release and MS creates a patch. Worms and virii are generally created after the flaw hits the press and often after a patch is released, which is why keeping current on updates is important (one of the things AZ got right)

SOMETIMES worms are able to propigate within a network, most are not very smart. Most rely on the user performing some action like opening an attachment, installing an ActiveX control, etc. Some can be hard to remove or cause hassles when your anti-virus software quarantines the files.

Disabling netbios is probably a good idea, but a router firewall should keep that type of attack from hitting your computer. The "intruder" from another machine behind your firewall could easily be something innocuous that Norton blocked. Just like the innocuous thing that you thought was an attack when you started this thread.

If someone is skilled and determined enough to modify your virus software's downloads in a way that won't be detected, you're screwed and having SSL definition downloads won't help you.

The vast majority of "attacks" are automated and simply search for any computer with a particular known vulnerability. When they find one they copy themselves to your computer and continue their search, sometimes screwing up your system in the process. Unless you have someone specifically out to get YOU (you've pissed off the wrong person or work for a company with sensitive data) it's unlikely anyone will care about your sensitive data.

Want to be secure? Use a router with a firewall (all should have them at this point) turn on your software firewall, install antivirus software, configure it and Windows Update to automatically check for updates, never install an activex control unless you're sure you know the source is good and never run email attachments unless you were warned ahead of time by the person who sent it and you know what it is.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Sun Mar 25, 2007 7:53 pm

Dork wrote:There was some truth in there, and a lot of nonsense.

Browsers are not universal. It's possible for a browser exploit to exist in all Windows, Mac, and Linux versions but this is certainly no guarantee. Same with Java and Flash - the software that interprets what you download could easily have a flaw in one implementation and not another..

We seem to be in agreement on these points, but no guarantee!

Dork wrote:I don't know where that black market stuff comes from. ..

that came from a NYtimes article and a NPR broadcast If I remember correctly. Some of these people have made up to $50,000 for exploitations and Some have been found on Ebay for auction!

Dork wrote:If someone is skilled and determined enough to modify your virus software's downloads in a way that won't be detected, you're screwed and having SSL definition downloads won't help you...

OK this is beyond my expertise- so, How can they, I ask? Can a DSL connection be hack physically? If youre in a SSL connection the transfered info can't be interupted, so how can that happen?

Dork wrote:The vast majority of "attacks" are automated and simply search for any computer with a particular known vulnerability. When they find one they copy themselves to your computer and continue their search, sometimes screwing up your system in the process. Unless you have someone specifically out to get YOU (you've pissed off the wrong person or work for a company with sensitive data) it's unlikely anyone will care about your sensitive data...

Do I ever piss anyone off? Bi'da way, youre not cristjin, jewish, muslim, Mormon, FBI, local police or any of the religions, companies, government that I have critiqued, are you?

Dork wrote:Want to be secure? Use a router with a firewall (all should have them at this point) turn on your software firewall, install antivirus software, configure it and Windows Update to automatically check for updates, never install an activex control unless you're sure you know the source is good and never run email attachments unless you were warned ahead of time by the person who sent it and you know what it is.

Dork, I don't see where you have contradicted me really. If I had written, "sometimes", "maybe", "not all but some", we be pretty much had written the same thing. You and I seem to have points that are agreeable then not.

YOu think someone is out there to trying to get into burningman's server for info? Big Bro, Spammers, Anti-Man or 9 year old geeks just wanting to brag they shut down Eplaya.

What also bothers me is PING. Why can't I make that invisible? Once someone finds out your ip address all they have to do is ping your computer to find out if youre online then set their programs to constantly send worms and trojans to your IP address.

You might not know but some organized crime sydicates, including the mafia, hire some of the best software minds in the world just like security firms. Some of these people, like double spies, might work in norton, microsoft, trend. If double spies are found working for our government then why not the mafia or some other group, or for a company wishing to gain industrial information. Mankind is corruptible.

Again this year, laptops were missing from the FBI. Can you guess what these little machines are capable of doing? They are portable spy centers almost capable of getting into any computer in the world except the most highly encrypted ones. the fbi always sez the same bullshit- no important data was on those laptops. Yeah right and no terrorists learn to fly planes in america either.

The government tried to past a law under the premise of fighting TERRORISM that corporate encryptions had to be filed with the government- it failed- bet Alberto and John Ashwipe were a bit disapointed. These laptops contain secret windows and apple code to get into any machine except the machines that have been altered with encryption and maybe even those. Do you think they're capable of interception of web data without being detected? When you hire the best in the software biz, you can always stay one step ahead.

And Helitack, you know for a so called photographer that is weak on intellectual property and copyright laws, sure you don't moonlight as a spy or narc, but you didn't comment on any of the flaws you found on my post. "No Shit" sez nothing! Make your point!

Does my avatar mean anything to you?

AIIZ

helitack · Post by **helitack** » Sun Mar 25, 2007 9:37 pm

No it doesn't.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Mon Mar 26, 2007 8:43 am

'Bout those stolen FBI laptops, you know who's stealing them- FBI agents. If the FBI has honesty problems with its own agents, it makes you think how many Hansons are there in the dept. If its not USSR anymore, who can it be now.

Its one reason why we need lie detector tests for all of them and expand that to all LEOs and those that oversee them.

gyre- there are a few more changes you can make to make your computer safe. but that will be later. Our dog died yesterday, hit by a car. I couldn't dig a grave. The soil is all rocks and boulder so we have to take her to a vet. Best thing is that she will be cremated.

AIIZ

Archantael · Post by **Archantael** » Mon Mar 26, 2007 9:48 am

Apollonaris Zeus wrote:'Bout those stolen FBI laptops, you know who's stealing them- FBI agents.

AIIZ, I have to call B.S. on that one. Don't believe that.
I work in a field for a group that is aware of the issue and all I can say in an open channel is that accusation has been proven to be false.

Disclaimer: The views expressed in this post are my own and do not reflect those of my employer who's systems are being used to make this post.

Dork · Post by **Dork** » Mon Mar 26, 2007 10:32 am

Apollonaris Zeus wrote:
Dork wrote:If someone is skilled and determined enough to modify your virus software's downloads in a way that won't be detected, you're screwed and having SSL definition downloads won't help you...

OK this is beyond my expertise- so, How can they, I ask? Can a DSL connection be hack physically? If youre in a SSL connection the transfered info can't be interupted, so how can that happen?

You were suggesting that without SSL someone could stop your antivirus software from receiving a particular update. I'm suggesting that the likelihood of SSL making a difference is small. All SSL does is encrypt data going in each direction. It does not hide where the request is going and don't keep anyone from blocking the request if they are able to do such a thing.
Here are the cases I can think of:
1) You're already infected, and that virus disabled the antivirus software.
2) You're already infected, and that virus is keeping the antivirus software from receiving updates
3) Someone, somehow is filtering your internet connection and has blocked AV updates completely
4) Someone, somehow is filtering your internet connection and is altering the AV updates in a way that blocks a particular definition from being downloaded, without tripping the security built into the AV.

#4 is the only one SSL would make a difference on and would require being able to set up this filter and knowing enough about the AV software to fake a response that the software will think is valid. If they have this kind of access and skill, you're already screwed.

Dork, I don't see where you have contradicted me really. If I had written, "sometimes", "maybe", "not all but some", we be pretty much had written the same thing. You and I seem to have points that are agreeable then not.

The problem is you're advocating quite a bit of unnecessary and/or drastic actions that do little to actually make you more secure. It's like telling people that stocking up on duct tape and plastic sheeting will protect them from terrorists.

YOu think someone is out there to trying to get into burningman's server for info? Big Bro, Spammers, Anti-Man or 9 year old geeks just wanting to brag they shut down Eplaya.

So far the only targeted attack I've seen here is the spam SED launched to complain about spam. Everything else has just been a script or worm that searched for a hole and jumped in when it found one.

What also bothers me is PING. Why can't I make that invisible? Once someone finds out your ip address all they have to do is ping your computer to find out if youre online then set their programs to constantly send worms and trojans to your IP address.

Ok, one more attempt at reason before I give up. First, you can block PING on a server. Many servers do this already, but it's to stop denial of service attacks. It has nothing to do with "finding" you. If you're behind a router, all the ping will do is reach the router anyway. It won't get to your computer unless you've configured your router to forward incoming traffic to that computer, which is not something most users would do.

Isotopia · Post by **Isotopia** » Mon Mar 26, 2007 10:40 am

'Bout those stolen FBI laptops, you know who's stealing them- FBI agents.

Cites please. Otherwise i9t's just more shit talkin'

Archantael · Post by **Archantael** » Mon Mar 26, 2007 11:12 am

As far as the FBI laptops go, those units if they comply w/ policy should have token access HDD encryption among other measures that would render them useless in the wrong hands. That's what's really pissed people off. Those units should have been effectively ko'd.

Apollonaris Zeus · Post by **Apollonaris Zeus** » Mon Mar 26, 2007 12:44 pm

Dork- thanks that good solid information.

So SED was on a ramppage! See I was right bout those 9 yr old geeks!

He owes me a bullet ya know

Archantel: Shisssshhh, wait for the Dome of Silence to lower and we can talk!

AIIZ