CricketMX.com

hello everyone

this is the first time i have prob with winmx

the ver i use is 3.53

iam useing zonelarm firewall and the winmx green light (online) is on but when iam connecting with peers it says (connection refused) or (waiting for incoming connection) and then it goes red.

the same thing goes with the upload.

i hope you guys know the prob ...thanks

Hello MX-Help.. Welcome to the forum ..

There are lots of little things that can cause your problem. We usually ask that you give us a little more information so that we can help you better.
1. What operating system do you use..Win XP, 98 etc..?
2. Are you behind a router?
3. How long has this been going on, and any recent changes to the system?
4. Are you on cable or dial-up..and if cable are you in the USA?

A few things to try are these standard ones:

If your on Windows Xp make sure your XP firewall is off, since you have ZoneAlarm. Also there are some people that have problems with ZoneAlarm and WinMX "playing nice" together so Sygate is the choice firewall of many ppl on WinMX. If you decide to try Sygate go here:
http://forums.cricketmx.com/viewtopic.php?t=1250

If your behind a router, have you forwarded the ports through? You can go to http://www.portforward.com/ find your router brand and model and follow the instructions if not. If you have then I suggest unplugging the router for ONE FULL minute from power, this usually resets them.

If you have made any recent changes to the system it can trigger your XP firewall to enable itselft.. so again double check that.
Control panel> Internet Options> Advanced tab> Protect My Comp From Outside Intrusions, Untick it.

There are several people on cable most of them in America that have been finding their ISP (internet service providers) are using filtering programs that limit WinMX or have blocked certain ports used by WinMX.
Try changing your ports on WinMX to TCP 455 and UDP to 1032..and in the router if your on one.

Last resort... sounds drastic, but has worked for me when I had this problem, is to uninstall Winmx and reinstall it. Sometimes a fresh copy of the program works great.

Hope something helps ya here and please let us know if it does or doesnt so we can pass it on to others with the same troubles...

Hope to see ya round the rest of the forum

Also, in the past people have reported problems with Zone Alarm Pro. It generally affects primary connections. Try a secondary. If it still doesn't work, get a different firewall and try that. If neither works... well... just use whichever you're more comfortable with. I'd never recommend working without a firewall.

yes the prob was the firewall i change it and its working good


but this new prob ....when it says (connecting to remote user) conniction refused but when it says (waiting for incomming connection) it works?

just keep your fire wall off and u probly want the 2ed connection

armyman wrote:just keep your fire wall off and u probly want the 2ed connection

Worst possible advice there from armyman. Please please please.... for your own safety.... Never work without a firewall.

Rat wrote:Worst possible advice there from armyman. Please please please.... for your own safety.... Never work without a firewall.

i will give 2 people as examples:

1. some idiot (who's name i dont know - but a friend of a friend) had 7 firewalls, causing 300ms ping to google - he was trying to play games but the added bloat of firewalls (exadurated by multiple firewalls as well) made it impossible
2. someone who has never used a firewall, and always had a DMZ set in any NAT routers if in use (aka unfirewalled) and never ever had any problems - that would be me

a firewall just blocks connections to programs that you have running, and if you havent installed a program to accept that connection - it wont be accepted anyway so why bother with the firewall?

This is supposed to be a help forum, so by all means go ahead and post what you feel is a safe method for using the net, but please try to avoid clouding the issue for people who are already having difficulties.

Expert users, such as KM, who know what they're doing are not the people at the greatest risk. The folks at risk are the >70% of internet users who (according to recent surveys) don't know even know what is meant by commonly used terms such as 'trojan horse', 'phishing', 'firewall' and so on. The only area of progress appears to be spam, most now know what it is, though the majority still don't know what to do about it.

(PS. Running multiple software firewalls is also pretty silly.)

Note that something KM said isn't quite true.

KM wrote: if you havent installed a program to accept that connection - it wont be accepted anyway

Why is this not quite true?

1. OS.
Your operating system uses various ports for various jobs when your computer is connected to the internet. Most people never go anywhere near any of these settings. People who spend their time building bot-nets of so called 'zombie' computers, however, spend a lot of time looking at ways to exploit commonly used ports. For this reason, the protocols which have provided the underlying infrastructure of the Internet since it's inception are continually being reassessed and reinvented. Take POP3 (Post Office Protocol v3) and SMTP (Simple Mail Transfer Protocol) for example. Almost all internet users use E-mail and almost all of that mail runs through those two protocols. In recent years it has been necessary to integrate various forms of security into E-mail (password authentication, TLS, SSL (which is run on non-standard ports), PGP and so on) because it's just not safe to ignore the risks anymore. Also, anyone who has ever run an FTP (File Transfer Protocol) server will have noticed that occassionally a login attempt comes in at port 21 (standard FTP port) from some unknown user. There are robots out there actively searching for open FTP connections to read your hard drive contents. (Advice, don't use port 21 and don't allow anonymous connections.) Still, there is FTP functionality in windows XP which lots of people have installed and active but just don't use or ever look at.

2. Trojans and viruses.
The whole idea of a massive proportion of these programs is to open ports on your computer through which a remote user can execute code. Bot-nets are built (and even sold) every day which contain thousands of enslaved PC's details. The machines are generally used as mail-hosts for spammers or are used in DOS (denial of service) attacks. The advice if you're not sure about this stuff is to install and regularly use and update anti-virus software and a firewall.

3. Stuff you have installed.
Sometimes the programs you install don't give you much control over the traffic they send and receive. Many times they don't tell you the ports and protocols to be used. Even if they do give you this information, there isn't always the means to change it. Some programs will open a whole range of ports (in case someone else uses them) when perhaps two or three will usually be more than enough.

To sum up.... your computer is full of holes.

It is up to each of us to plug as many unneccessary holes as possible.
------------------------------------------------------------------------------

Fact: Identity theft is Britain's fastest-growing white-collar crime, increasing at nearly 500% a year. (Source: BBC)

Fact: It is estimated that more than 100,000 people are affected by identity theft in the UK each year, costing the British economy over £1.3 billion annually. (Source: UK Government - Home Office)

Fact: 33% take no precautions against theft or misuse of their personal details. (Source: Which?)

Rat wrote:Note that something KM said isn't quite true.

KM wrote: if you havent installed a program to accept that connection - it wont be accepted anyway

Why is this not quite true?

File and printer sharing is the only thing that may be a concern - however the default file shares aren't a problem as its all passworded for anything useful by default - only potential problem could be the RPC bug that was recently an issue, but surely everyone has the patch for that anyway?

Take POP3 (Post Office Protocol v3) and SMTP (Simple Mail Transfer Protocol) for example. Almost all internet users use E-mail and almost all of that mail runs through those two protocols. In recent years it has been necessary to integrate various forms of security into E-mail (password authentication, TLS, SSL (which is run on non-standard ports), PGP and so on) because it's just not safe to ignore the risks anymore.

how are clients relevant to a firewall? connecting to google with a browser doesn't mean you are running a web server and people can connect to it and gain access!

Also, anyone who has ever run an FTP (File Transfer Protocol) server will have noticed that occassionally a login attempt comes in at port 21 (standard FTP port) from some unknown user.

and anyone who set up an FTP server would be a complete moron to set it to allow full access to their drive.

Still, there is FTP functionality in windows XP which lots of people have installed and active but just don't use or ever look at.

i've never seen that being an issue... if you're smart enough to go and install it, you're smart enough to not leave it badly set up, and you would also generally allow it in firewalls anyway

The whole idea of a massive proportion of these programs is to open ports on your computer through which a remote user can execute code.

open ports aren't a problem - i have loads of open ports but none of them let you just connect and execute things

The advice if you're not sure about this stuff is to install and regularly use and update anti-virus software and a firewall.

antivirus software is useful for some people - they do download some crap... some computers you only need to turn them on and count the toolbars to see the crap they click yes to... lol

3. Stuff you have installed.
Sometimes the programs you install don't give you much control over the traffic they send and receive. Many times they don't tell you the ports and protocols to be used. Even if they do give you this information, there isn't always the means to change it. Some programs will open a whole range of ports (in case someone else uses them) when perhaps two or three will usually be more than enough.

but they generally wont allow you to do anything on those open ports...

To sum up.... your computer is full of holes.

To sum up... your bucket is full of holes, if you buy a drill and start drilling holes in it

Fact: Identity theft is Britain's fastest-growing white-collar crime, increasing at nearly 500% a year. (Source: BBC)

Fact: It is estimated that more than 100,000 people are affected by identity theft in the UK each year, costing the British economy over £1.3 billion annually. (Source: UK Government - Home Office)

mostly people not ripping up bank details in the bin - lol

Fact: 33% take no precautions against theft or misuse of their personal details. (Source: Which?)

lazyness

Blah - I haven't read what you've just posted yet. I'll do that in a moment.

First questions:

1. Why is it that you seek to make everything look safe and cosy when it's not? It's ok for us who are at least 'aware' but that's still the tiny minority.

2. Are you stalking me with the intent of pulling all my postings to bits?

KM wrote:File and printer sharing is the only thing that may be a concern - however the default file shares aren't a problem as its all passworded for anything useful by default - only potential problem could be the RPC bug that was recently an issue, but surely everyone has the patch for that anyway?

No, they don't. People are slow to get patches. People are naturally lazy and furthermore, many are scared of technology.

KM wrote:how are clients relevant to a firewall? connecting to google with a browser doesn't mean you are running a web server and people can connect to it and gain access!

Absolutely right, but you just demonstrated the blind spot so many people have. Clients connect to servers which are not always where or what they ought to be. Few people think to check these things periodically. I know for a fact that mail servers are hacked and monitored as it's happened in one of our neighbouring institutions. The result was that several individuals passwords were stolen and one PC was subsequently contacted remotely (successfully!!) using one of those passwords..... thru purposely installed software..... thru a firewall. I aim only to show that people are ridiculously naive about internet security. (BTW - Thanks for that, actually I only wanted to point out that protocols that have been around a long time are having to be added to, patched, plugged, whatever, to keep them secure. I hadn't realised I'd written it so unclearly.)

KM wrote:and anyone who set up an FTP server would be a complete moron to set it to allow full access to their drive.

Yup. Again, it seems obvious doesn't it? People do this though.

Still, there is FTP functionality in windows XP which lots of people have installed and active but just don't use or ever look at.

i've never seen that being an issue... if you're smart enough to go and install it, you're smart enough to not leave it badly set up, and you would also generally allow it in firewalls anyway

No!!!! nOOOOOO! NONONONONO!!! That's just not true. Some people never install *any* part of their OS. They use the machine in the state it was delivered and *never* do anything to it's 'nuts and bolts'. Problems are directed straight to the original vendor or to third party PC maintenance companies. Also, people are 'smart enough' to install all the bits and pieces that come with windows whether they need them or not. They're also 'smart enough' to wonder if they'll ever use these things or whether they'll ever have to learn how to use them. In most cases, they don't use them, and they don't learn about them.
A survey covered by a BBC report shows up public ignorance nicely: A quarter said they knew what "spyware" was, although almost one in 10 of those thought it was a computer program that kept an eye on unfaithful partners. (Full report: http://news.bbc.co.uk/go/rss/-/1/hi/tec ... 413155.stm )

I think I can see a pattern forming here. You're an optimist right?

KM wrote:open ports aren't a problem - i have loads of open ports but none of them let you just connect and execute things

True, but if those ports were opened by a virus, the chances are that you would also have the necessary malign code installed for that to happen.

KM wrote:antivirus software is useful for some people - they do download some crap... some computers you only need to turn them on and count the toolbars to see the crap they click yes to... lol

Well you can add anti-spyware software to that too. Again, you're giving folks too much credit for being net savvy. They just aren't. Yes, folks do install download accelerators and toolbars and all manner of bells and whistles. In most instances it won't even occur to them to scan the damn thing first (assuming they have a scanner installed).

but they generally wont allow you to do anything on those open ports...

See above. People search for open ports that are being listened to by various bits of software. It's to their advantage to find ways to use those connections and, as most victims are totally unaware their PC is being used (Hey! Maybe yours is!!) by outsiders, it looks likely to remain an issue for some time to come.
Symantec publish an annual report on computer hijacking. They recently published the figures for last year (2004) and showed a peak rate of 75,000 PC hijacks daily. On average 30,000 PCs were hijacked daily in the first half of 2004. In the same period of 2003, only 2,000 PCs were hijacked. Given that these numbers can only be based on known incidents, I think we have to assume the real numbers are worse still.

mostly people not ripping up bank details in the bin - lol

That's one thing yeah, but the biggest by far is theft of credit card numbers from all sources (your papers, shops' papers, electronic transactions, online transactions, telephone conversations). Until you spot this in a bank statement or you get a call from your bank asking about unusual spending patterns you'll know nothing about it. I'm very careful to shred all my sensitive documents (yeah, paranoid as ever maybe) but still someone managed to use my credit card to spend £20 a couple of years ago. I was lucky, I spotted it almost straight away and the bank actually caught the bod responsible. I got my money back and a new card. The guy went to jail on multiple counts of credit card fraud. Seems he'd been nicking a little here and a little there for years from lots and lots of people. He got the numbers from paper records in a shop in Leeds, UK. Remember, it isn't only you that has access to your records.

Fact: 33% take no precautions against theft or misuse of their personal details. (Source: Which?)

lazyness

Yes!!! Largely! But also, people don't think about this stuff. 'Infosecurity Europe' carried out a survey in April. They stopped 200 people on the streets of London and, using the simple incentive of a chance to win free theatre tickets, got 92% of them to give up personal details such as their mother's maiden name, their first school or their date of birth. (Read: http://news.bbc.co.uk/go/rss/-/1/hi/tec ... 378253.stm )

And it's not just individuals. It's businesses too...

NewScientist wrote:A major report issued by the National Hi-Tech Crime Unit (NHTCU) on Tuesday reveals that 89% of UK businesses with over 1000 staff experienced some form of computer crime during the last 12 months - a 6% increase compared to the same period in 2003 to 2004.

The 2005 annual review indicates that 90% of UK companies targeted by cybercrime suffered a computerised break-in, while 89% were victims of data theft. And the total cost to UK businesses of computer virus infections is estimated to be in excess of £70 million.

Hmm. 89% of businesses with over 1000 staff. That's probably your bank.

Rat wrote:No, they don't. People are slow to get patches. People are naturally lazy and furthermore, many are scared of technology.

in most cases that is true but not too much of an issue, although that one is an exception - any system thats vulnerable to that and connected to the internet is back offline again within minutes, so generally if they are on the internet they aren't vulnerable to that one

KM wrote:Clients connect to servers which are not always where or what they ought to be. Few people think to check these things periodically.

I assume you mean the little tricks with things like exploiting the cache of DNS servers to get it to resolve http://www.google.com to 1.2.3.4 or whatever rather than caching it - not much of a concern as most people will be using their ISP's DNS servers, which will of course be configured to not have that problem (or running a relatively new version of whatever DNS server they are using so wont have the problem)

I know for a fact that mail servers are hacked and monitored as it's happened in one of our neighbouring institutions. The result was that several individuals passwords were stolen

unfortunately people are lazy and use the same passwords for everything, although you're more at risk of signing up to a forum than from your mail server (unless your ISP are complete dumbasses and shouldn't be trusted to install the google toolbar let alone set up the ISP's servers)

and one PC was subsequently contacted remotely (successfully!!) using one of those passwords..... thru purposely installed software..... thru a firewall.

exactly - firewalls dont offer any extra security

I aim only to show that people are ridiculously naive about internet security.

and i aim to try and get information out - i have found that people get a lot of misinformation and they are terrified to do safe things on the internet, or worse still think "i have a firewall, so i'm safe" (the worst assumption anyone can make is that a firewall and antivirus means they wont have problems!)

KM wrote:and anyone who set up an FTP server would be a complete moron to set it to allow full access to their drive.

Yup. Again, it seems obvious doesn't it? People do this though.

And i thought my relatives where bad... you actually know someone who went and set up an unsecured FTP server that allowed access to their entire drive? makes my aunt deleting all the files she didn't put there seem rather sane in comparison! lol

Also, people are 'smart enough' to install all the bits and pieces that come with windows whether they need them or not.

They are normally smart enough that they dont even know Windows was something thats installed - its part of the computer, it came with it already (and M$ claim they dont have a monopoly! oh no, if i remember correctly bill admited in court they did and said its not illegal, to which he was informed it was)

They're also 'smart enough' to wonder if they'll ever use these things or whether they'll ever have to learn how to use them. In most cases, they don't use them, and they don't learn about them.

you mean not everyone uses every single application/tool/hidden option that comes in the OS? dont tell lies!

A survey covered by a BBC report shows up public ignorance nicely: A quarter said they knew what "spyware" was, although almost one in 10 of those thought it was a computer program that kept an eye on unfaithful partners.

yes, i read that one in college recently... very ammusing, you can see where a lot of the mistakes come from though... but they are still extremely funny

You're an optimist right?

a factualist, i do by evidence only... then draw the best possible conclusion from it

True, but if those ports were opened by a virus, the chances are that you would also have the necessary malign code installed for that to happen.

and i would hope people would... bah, why bother? they'll probably give out their credit card details to some random stranger on MSN or something anyway... lol

Well you can add anti-spyware software to that too. Again, you're giving folks too much credit for being net savvy. They just aren't. Yes, folks do install download accelerators and toolbars and all manner of bells and whistles. In most instances it won't even occur to them to scan the damn thing first (assuming they have a scanner installed).

Perhaps someone should come up with a proper name for the measurement of computer illiteracy? i mean the toolbar count is a scientific way of measuring it (its a well known formula that Toolbar count / time they've had the PC = how seriously they should reconsider owning a PC)

See above. People search for open ports that are being listened to by various bits of software. It's to their advantage to find ways to use those connections and, as most victims are totally unaware their PC is being used (Hey! Maybe yours is!!) by outsiders, it looks likely to remain an issue for some time to come.

I think recently people have started to become a bit more aware of clicking yes to things etc, although it will be a few more years for the old people to die off (literally) and the younger more computer litterate to take over the world - then we wont have any problems

Symantec publish an annual report on computer hijacking. They recently published the figures for last year (2004) and showed a peak rate of 75,000 PC hijacks daily. On average 30,000 PCs were hijacked daily in the first half of 2004. In the same period of 2003, only 2,000 PCs were hijacked. Given that these numbers can only be based on known incidents, I think we have to assume the real numbers are worse still.

I actually found a different report more interesting, i cant remember where it was but some company was monitoring the IRC botnets etc, and found that most of the 1337 h4x0rz as they call themselves knew... well, less than my aunt that deleted all the files on her hard drive that she didn't put there!

That's one thing yeah, but the biggest by far is theft of credit card numbers from all sources

Thats one of the big things about people being misinformed, for example there aren't many people who will buy something online because "sending my credit card details over the internet isn't safe" - yet they are more than happy to hand their card over to someone in a shop, not only that but then type their pin number in to the shops credit card machine etc...

Yes!!! Largely! But also, people don't think about this stuff. 'Infosecurity Europe' carried out a survey in April. They stopped 200 people on the streets of London and, using the simple incentive of a chance to win free theatre tickets, got 92% of them to give up personal details such as their mother's maiden name, their first school or their date of birth.

yes, that shocked me when i first read it... yet those same people probably wont put in their name/address to buy their shopping online... lol

Hmm. 89% of businesses with over 1000 staff. That's probably your bank.

the weakest part of the chain... lol, as i said is amazes me that people dont have a problem with the random underpaid person behind the counter having their details, then sending them on to their credit card provider (or whatever you call those people) then going on to the bank, yet they have a problem with sending their data directly to the bank... lol

KM wrote:in most cases that is true but not too much of an issue, although that one is an exception - any system thats vulnerable to that and connected to the internet is back offline again within minutes, so generally if they are on the internet they aren't vulnerable to that one

Wrong again. Vulnerable PCs are kept online whenever possible and are exploited.

exactly - firewalls dont offer any extra security

I think they do... but again... you have to be aware of what it's doing and what traffic should be allowed to pass through it. Most folks perhaps aren't aware and this is where the super-aggressive 'block everything' firewalls are useful. Sadly, the people who benefit from these things then want to reconfigure them to steal copyrighted music from the internet. *sigh*

and i aim to try and get information out - i have found that people get a lot of misinformation and they are terrified to do safe things on the internet, or worse still think "i have a firewall, so i'm safe" (the worst assumption anyone can make is that a firewall and antivirus means they wont have problems!)

Now here, you have a valid point. People can be just as stupidly dependent on their security software as they can be blissfully unaware of the risks of *not* having security software. The happy people live somewhere in the middle I think. These are folks who understand their software (or lack thereof, if they so choose), know a fair bit about the risks and keep an eye on everything.

And i thought my relatives where bad... you actually know someone who went and set up an unsecured FTP server that allowed access to their entire drive? makes my aunt deleting all the files she didn't put there seem rather sane in comparison! lol

I'm a beta tester for GuildFTPd. You'd be surprised how many people ask terribly 'newbie' questions in the support forum. Just a few days ago we were asked how to use it as a web server (not in those terms of course) and also, by another user, whether they can use it on the internet. Hmmm. So... given that they will install software without actually knowing what it's for, do you still find it surprising that they set it up badly?

Relatives who delete files don't suprise me. I also knew a pathologist once (supposedly smart people - doctors heh!) who deleted all the files she found in her word processor's (M$ Word) working directory because she didn't type them. The (ahem) admin couldn't understand why the doc could no longer open her .doc files. This, again, shows that computer literate folk don't think like computer-illiterate folk. (Guess who had to diagnose the problem?)

Perhaps someone should come up with a proper name for the measurement of computer illiteracy? i mean the toolbar count is a scientific way of measuring it (its a well known formula that Toolbar count / time they've had the PC = how seriously they should reconsider owning a PC)

Cool 'law'. Perhaps we should give it a name. (Incidentally, Moore's law is 40 years old this week.)

I think recently people have started to become a bit more aware of clicking yes to things etc, although it will be a few more years for the old people to die off (literally) and the younger more computer litterate to take over the world - then we wont have any problems

The problem with a lot of malware is that it installs itself by stealth. There is no 'yes' to click on. In fact, there is no indication the thing moved in at all. Ben Edelman recently sent his browser (on a freshly installed copy of XP with no security software) to a web site which he knew contained spyware. No less than 16 programs were silently installed as a result of that single visit. Link to story: http://www.newscientist.com/article.ns? ... eats_rss20

Symantec publish an annual report on computer hijacking. They recently published the figures for last year (2004) and showed a peak rate of 75,000 PC hijacks daily. On average 30,000 PCs were hijacked daily in the first half of 2004. In the same period of 2003, only 2,000 PCs were hijacked. Given that these numbers can only be based on known incidents, I think we have to assume the real numbers are worse still.

I actually found a different report more interesting, i cant remember where it was but some company was monitoring the IRC botnets etc, and found that most of the 1337 h4x0rz as they call themselves knew... well, less than my aunt that deleted all the files on her hard drive that she didn't put there!

Yeah, a German project called HoneyNet (Not the same as the thing in my sig file!) is monitoring and infiltrating bot-nets run from IRC. Story about HoneyNet: http://www.newscientist.com/article.ns? ... eats_rss20

Thats one of the big things about people being misinformed, for example there aren't many people who will buy something online because "sending my credit card details over the internet isn't safe" - yet they are more than happy to hand their card over to someone in a shop, not only that but then type their pin number in to the shops credit card machine etc...

Mhmm. Happily, it will soon be even safer to do your business online.

BBC News wrote:From 30 June this year all web shops will have to comply with strict security standards drawn up by the world's big credit card companies. Online shops will be certified annually and checked quarterly to ensure they maintain the security standards.

Story here: http://news.bbc.co.uk/go/rss/-/1/hi/tec ... 449759.stm

Rat wrote:Vulnerable PCs are kept online whenever possible and are exploited.

you ever tried that with one of those worms that exploits the RPC bug? i'm guessing not... there are only 2 ways to do it, 1. remove it and patch the system, 2. if they know how to disable the shutdown and leave a semi-operable system online then they know enough to sort the thing out

I think they do... but again... you have to be aware of what it's doing and what traffic should be allowed to pass through it. Most folks perhaps aren't aware and this is where the super-aggressive 'block everything' firewalls are useful.

The super-aggressive block everything firewalls just demonstrate the huge problem with them simply stopping things workig, and ones where it asks "allow this to use the internet? yes/yes" are about as useful as a chocolate teapot

Sadly, the people who benefit from these things then want to reconfigure them to steal copyrighted music from the internet. *sigh*

probably something to do with people paying for the internet because they intend to use it, if they didn't want their applications to have access to the internet, they wouldn't have connected their computer to the internet

Now here, you have a valid point. People can be just as stupidly dependent on their security software as they can be blissfully unaware of the risks of *not* having security software. The happy people live somewhere in the middle I think. These are folks who understand their software (or lack thereof, if they so choose), know a fair bit about the risks and keep an eye on everything.

the problems of people clicking yes to things is the only real problem, and people do that because they think that they cant have a problem - they have antivirus that will pick up all viruses/worms/trojans (its magic) - a firewall that stops everything they dont want to happen (its psychic) and spyware removal programs that will get rid of any software their partner has installed to spy on them (lol) so clicking "yes" isn't a problem - click yes and you have problems, click no and you dont... firewalls etc dont really make any difference there

I'm a beta tester for GuildFTPd. You'd be surprised how many people ask terribly 'newbie' questions in the support forum. Just a few days ago we were asked how to use it as a web server (not in those terms of course) and also, by another user, whether they can use it on the internet. Hmmm. So... given that they will install software without actually knowing what it's for, do you still find it surprising that they set it up badly?

yes, but thats people like snip who just hear "oh, web server - that sounds advanced, so i'll install it to be really cool in front of my mates" - although again they'd probgably be stuck with default configs anyway, but still i wish the default configs for that type of person where "destroy the computer"... unfortunately the people who make software like that think of everything and put a more restrictive default on things

Perhaps we should give it a name.

"the toolbar test"? or TTT or is that too obvious?

The problem with a lot of malware is that it installs itself by stealth. There is no 'yes' to click on. In fact, there is no indication the thing moved in at all.

clicking "yes" is how most things get on there, although there are somebugs in IE that allow things to run without any prompts, initially put there because M$ wanted to be able to run things without prompting you, as well as a few things that where just there because M$ ***** up.

Yeah, a German project called HoneyNet (Not the same as the thing in my sig file!) is monitoring and infiltrating bot-nets run from IRC.

that was the one

btw, how do i compile this "linux kernel" program thingie to make my windows faster?

Mhmm. Happily, it will soon be even safer to do your business online.

BBC News wrote:From 30 June this year all web shops will have to comply with strict security standards drawn up by the world's big credit card companies. Online shops will be certified annually and checked quarterly to ensure they maintain the security standards.

yes, but when you consider most of the big leaks of credit card details have come from the banks and credit card companies... great people to trust to keep an eye on things i think the only problem people will have online are some scam sites, but i dont think you can fall for them more than about 10 or 15 times before you learn your lesson... lol

You know what? The EU actually has an approved 'Computer Users Driving License' course which besides covering all the basic computer literacy and information technology stuff, also covers basic use of the internet and so on....

Perhaps everyone should take the test.