:: 08-Apr-2000 01:48 (Saturday) ::

As an update to my previous plan I thought I would inform those of you
who have open share or who are wondering if you are open to attack.

So with that said, here is some info. You might want to take a look at
http://www.grc.com/ and use the ShieldsUP utility to test your computer
for vulnerabilities and information about how to secure yourself. This
web site has some great info on how secure your machine and info on products
you might want to look into. Follow the sheilds up links and read carefully.

ZoneLabs also has a free for personal-use firewall at
http://www.zonelabs.com/ that you may wish to consider installing. This
product is very easy to use and best of all is free for your personal use.

With this info to read and look at, we should get to the root of the
problem. Open windows shares. You might have thought it a great idea to
be able to share files with your freinds, family, coworkers, and the like.
But when you set up your windows shares, you decided that you wanted these
people to be able to write, change, and share data. So you said no when
windows gave you the option to set a password on the share.

So now you can share your files with others without needing them to know
a password. Great! Wrong! You have now completely opened your computer to
anyone who has net access to you. You should consider the need for shares.
If you do not need share at all, turn them all off. If you need to just
make info available to people you might consider sharing a single folder
and making it read-only. If you need to share data and need someone to
alter that data, you might want to consider sharing a single folder and
password protect that share. After that you should remove all share that
you do not need.

So what do you do to close your shares? Well first of all, you can shut
your shares off buy going to Control Panel–>Network and turn off file
sharing, or unbinding it from the TCP/IP interface totally.

If you think you were infected please contact help@distributed.net

Well I hope I didn’t bore you too much.

:: 03-Apr-2000 20:44 (Monday) ::

It has come to our attention that a user has been using a derivative of
the back orifice VBScript/open windows share hole to install the
distributed.net client on unsuspecting machines. The basic hole is described
at http://vil.mcafee.com/vil/vbs98477.asp, where the user attaches to an
open share and places the VBScript on the users hard drive for execution
on the next reboot and installs the executable and configuration files.
After infection the trojan attempts to find other insecure machines to
install itself on.

Infections can be verified by looking for a network.vbs and a
microsoft_office.lnk in the Startup folder. The dnetc.exe and dnetc.ini
files will be present in the c:\windows\ directory, and a network.log is
frequently found in the root directory (c:\).

We are still working to track down the user responsible for this act.
Information is still being gathered at this time.

It is against distributed.net policy to install and run the distributed.net
client on machines where authorization has not been given. Please see
http://www.distributed.net/legal/policy.html for our policy concerning
usage of the distributed.net client.

Users should be aware that this attack is not specific to distributed.net.
This attack can be used to install any software on a users workstation,
such as Back Orifice or any other application. This attack depends on
finding machines that have open (no password is set) Windows Network
Neighborhood shares. Users should disable file and printer sharing if
possible, and if not, ensure that all of their shares are password
protected.

:: 20-Mar-2000 05:24 (Monday) ::

Ok…

Final internal client/proxy testing is going on. We are hoping to have
an open beta here soon. Please don’t mail me asking when, pay attention
to the web site.

:: 17-Feb-2000 00:39 (Thursday) ::

The following clients have been updated/added:

– Acorn RISC OS [ARM] v2.8007.458

– NeXT/OS [x86] v2.8007.458

– Solaris/SunOS [2.x/x86/MT] v2.8007.458

– NetBSD [m68k] v2.8007.458

– Linux [ARM/aout] v2.8007.458

We now have 30 clients that are v2.8007.458!

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

Enjoy.

:: 14-Feb-2000 05:32 (Monday) ::

The following clients have been updated/added:

– NeXT/OS [m68k] v2.8007.458 – Tru64 UNIX / DEC UNIX / OSF1 [Alpha]
v2.8007.458 – OpenBSD [Sparc/aout] v2.8007.458

The following proxies have been updated/added:

– OS/2 (x86) [313] – Linux glibc2.1 (alpha) [313]

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

:: 13-Feb-2000 23:34 (Sunday) ::

The following clients have been updated/added:

– SGI IRIX [6.5/MIPS/64/MT] v2.8007.458 – SGI IRIX [6.5/MIPS/n32/MT]
v2.8007.458 – FreeBSD [ELF/x86/MT] v2.8007.458b – Linux
[Alpha/ELF/glibc2.1/MT] v2.8007.458 – OS/2 [x86] v2.8007.458 – Windows
95/98/NT [x86/Zipped] v2.8007.458b – Windows 95/98/NT [x86/Installer]
v2.8007.458b

These are all the update for Feb 13th 2000.

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

:: 13-Feb-2000 07:03 (Sunday) ::

The following clients have been updated/added:

– FreeBSD [ELF/x86/MT] v2.8007.458b

this version fixes a coredump in the freebsd client.

Don’t forget to participate in OGR you must have client that is v2.8007.458
or above and a personal proxy v311 or above. Also if you use cascading
proxies all proxies in the chain must be v311 or above.

If you plan on writing any kind of proxylog analyzer, be aware that the
OGR log format in v311 is not the same as v313.

Proxy v313 is recommended over v311 due to a number of known networking
issues in build v311. So please use v313 when available for your platform.

Please see http://www.distributed.net/~bovine/fom/index.cgi?file=20 if
you have questions about OGR.

:: 12-Feb-2000 23:18 (Saturday) ::

The following clients have been updated/added:

– Linux [ARM/ELF] v2.8007.458 – MacOS [PPC/OS7.5+] v2.8007.458 – MacOS
[m68k/OS7.5+] v2.8007.458 – Windows 95/98/NT [x86/Installer] v2.8007.458

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

More to come soon. Enjoy!

:: 11-Feb-2000 22:13 (Friday) ::

The following clients have been updated/added:

– Windows 95/98/NT [x86/Zipped] v2.8007.458 – Windows 3.x [x86]
v2.8007.458 – PC-DOS, MS-DOS [x86] v2.8007.458 – FreeBSD [ELF/x86/MT]
v2.8007.458

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

More to come soon. Enjoy!

:: 10-Feb-2000 04:13 (Thursday) ::

The following clients have been updated/added:

– Linux [PPC/glibc2/mt] v2.8007.458

By Date: http://www.distributed.net/download/updates.html By Sys:
http://www.distributed.net/download/clients.html

Changes.txt: http://www.distributed.net/download/changes.txt

More to come soon. Enjoy!