:: 08-Apr-2000 23:24 (Saturday) ::

I haven’t said anything in my .plan in quite sometime so I figured I’d
make some sort of announcement. Moonwick and I are currently finishing up
the first part of a series of projects I currently have planned. Stay
tuned to this space in the next day or so for details.

:: 08-Apr-2000 01:48 (Saturday) ::

As an update to my previous plan I thought I would inform those of you
who have open share or who are wondering if you are open to attack.

So with that said, here is some info. You might want to take a look at
http://www.grc.com/ and use the ShieldsUP utility to test your computer
for vulnerabilities and information about how to secure yourself. This
web site has some great info on how secure your machine and info on products
you might want to look into. Follow the sheilds up links and read carefully.

ZoneLabs also has a free for personal-use firewall at
http://www.zonelabs.com/ that you may wish to consider installing. This
product is very easy to use and best of all is free for your personal use.

With this info to read and look at, we should get to the root of the
problem. Open windows shares. You might have thought it a great idea to
be able to share files with your freinds, family, coworkers, and the like.
But when you set up your windows shares, you decided that you wanted these
people to be able to write, change, and share data. So you said no when
windows gave you the option to set a password on the share.

So now you can share your files with others without needing them to know
a password. Great! Wrong! You have now completely opened your computer to
anyone who has net access to you. You should consider the need for shares.
If you do not need share at all, turn them all off. If you need to just
make info available to people you might consider sharing a single folder
and making it read-only. If you need to share data and need someone to
alter that data, you might want to consider sharing a single folder and
password protect that share. After that you should remove all share that
you do not need.

So what do you do to close your shares? Well first of all, you can shut
your shares off buy going to Control Panel–>Network and turn off file
sharing, or unbinding it from the TCP/IP interface totally.

If you think you were infected please contact help@distributed.net

Well I hope I didn’t bore you too much.

:: 07-Apr-2000 16:26 (Friday) ::

OK, I know I’m supposed to be getting OGR stats working, but I couldn’t
stand it any longer.

I’ve made some tweaks to the RC5-64 stats processing to eliminate some
unnecessary bottlenecks and resource usage. Things like eliminating
“distinct” in the same query with “group by”, since “group by” will return
distinct groups anyway. And like updating three fields at once instead of
three separate queries.

Also, I changed the ranking scripts so, in the case of a tie for rank,
the newest participant (largest id) will be listed first. This should
allow new members to see themselves in the ranking list sooner. Before,
they were sorted low-to-high ID.

Apart from the sorting, the only visible impact should be a slight (and
I do mean slight) increase in processing speed.

On a personal note, I wanted to apologize that the OGR stats are taking
so long. The rewrite is turning out to be more involved than I thought.
I’m trying to control the scope-creep, and also juggle my time with work
and now, buying a house. I have been making inroads, but I’ve still got
some work before we can start testing.

Thanks for your patience, and for all the cycles!

:: 03-Apr-2000 20:44 (Monday) ::

It has come to our attention that a user has been using a derivative of
the back orifice VBScript/open windows share hole to install the
distributed.net client on unsuspecting machines. The basic hole is described
at http://vil.mcafee.com/vil/vbs98477.asp, where the user attaches to an
open share and places the VBScript on the users hard drive for execution
on the next reboot and installs the executable and configuration files.
After infection the trojan attempts to find other insecure machines to
install itself on.

Infections can be verified by looking for a network.vbs and a
microsoft_office.lnk in the Startup folder. The dnetc.exe and dnetc.ini
files will be present in the c:\windows\ directory, and a network.log is
frequently found in the root directory (c:\).

We are still working to track down the user responsible for this act.
Information is still being gathered at this time.

It is against distributed.net policy to install and run the distributed.net
client on machines where authorization has not been given. Please see
http://www.distributed.net/legal/policy.html for our policy concerning
usage of the distributed.net client.

Users should be aware that this attack is not specific to distributed.net.
This attack can be used to install any software on a users workstation,
such as Back Orifice or any other application. This attack depends on
finding machines that have open (no password is set) Windows Network
Neighborhood shares. Users should disable file and printer sharing if
possible, and if not, ensure that all of their shares are password
protected.

:: 01-Apr-2000 20:54 (Saturday) ::

“Ich bin drin.”

:: 31-Mar-2000 17:28 (Friday) ::

Hmm, it seems the planmailer still had a weird bug. Hopefully fixed now!
(for the ones not subscribed to plans@lists.distributed.net, this bug
caused all plans since the beginning of this system to be mailed out.
And in case I didn’t remove this bug completely, we now check for the
mailings not te be bigger than 10k in size, and if they are bigger, it
has to be approved by hand.

:: 31-Mar-2000 03:54 (Friday) ::

I’ve just been notified of and have verified a bug with the statsrun code
that deals with teams. The problem is that any participants who have been
‘removed’ from stats (this generally only happens when we find people who
have been installing the client without authorization) are still having
their blocks credited to their teams.

Due to the way we are processing the team ranking right now, it would add
a lot of time to the statsrun to fix this bug. There is a change planned
for the team ranking code that will both speed it up and fix this bug,
but it will be a little while before it’s implemented. I’m tired of breaking
the statsrun due to not being able to test changes, so this will wait
until we have a test database up and running. This is nearly done, so it
shouldn’t be a long wait.

Once this is fixed, I’m sure there’s several teams that will move around
in the ranking. I know it will be disappointing for the teams that will
suddenly lose a large number of blocks, but it isn’t fair to all the other
teams that these illegitimate blocks continue to be counted.

I will post another update before this change takes effect.

:: 30-Mar-2000 22:45 (Thursday) ::

Hi all,

Just a short line or two to tell you we just released another public source
package. This time we included MacOS-specific code as well as Dan Oetting’s
Altivec RC5 core. Happy compiling! :)

http://www.distributed.net/source/

:: 30-Mar-2000 03:09 (Thursday) ::

Errrr…. Uhmmmm….

Seems I made one tiny error in the change I made last night… }:8)

The insert to _master is running right now. Assuming my fix works as it
should, we’ll be good to go. I’ll know either way in a few minutes.

Assuming everything works, I’ll run the ranking for Mar 28 by hand, then
set the box loose on Mar 29. The Mar 29 run should be done about 8 hours
from now.

Hopefully, this is the last we’ll see of this problem! *crossing hooves*

Thanks for your patience.

:: 30-Mar-2000 02:47 (Thursday) ::

Silly me, I should have knocked on wood in my last .plan. The bug *is*
fixed as far as I can tell, but the box ran out of disk space last night.
In a comedy of errors, email on n0 was also down, so I didn’t get an email
informing me that the box was out of space. *and* our irc system monitor
was MIA. What’s that they say about things always coming in threes? :)

Stats are running again (just finished importing Mar 28)

nuts… just filled up a database device. This ain’t my week…

I’ll post an ETA once I have one. }:8(