Why is everyone so afraid of the autoget function? So it can download scripts and files without you knowing but as long as you specify a download directory that is not within Mirc's working folder then there should'nt be a problem should there? None of the files downloaded can be run automatically so if you see a dodgy exe,vbs or ini etc then you can safely delete it or am I missing something here?
On Sat, 4 May 2002, rob beattie wrote: > Why is everyone so afraid of the autoget function? So it can download > scripts and files without you knowing but as long as you specify a > download directory that is not within Mirc's working folder then there > should'nt be a problem should there? None of the files downloaded can > be run automatically so if you see a dodgy exe,vbs or ini etc then you > can safely delete it or am I missing something here?
you are right if you can be sure that noone will run that file. Noone means none of the users (imagine when your little sister sits down at your comp and finds princess.exe) and none of the programs. Can you trust windows programs? If so, good for you :>
The real danger is flooding your line and filling your hdd. If your line is slow, people from faster lines would send you files while you are sleeping, and your ISP is counting. When they ask "why did you have 5 gigabytes data transfer in the last week?" and you can't answer, thats dangerous ;) If your line is fast, than anyone can write a program that sends you random bytes, not a file. Again, when you sleep, they start to send those, and when you wake up, your hdd is already full (a windows nicely can crash due to hdd fill).
Summary: why do you let a program to think instead of yourself? :)
> Summary: why do you let a program to think instead of yourself? :)
I am VERY lazy. If it were possibe I would have an iron lung breathing for me, IV's feeding me and a computer thinking for me. -- them@IRCnet "You have no idea how much it costs to look this cheap." Steve Tyler, Aerosmith
> Why is everyone so afraid of the autoget function? So it can download > scripts and files without you knowing but as long as you specify a > download directory that is not within Mirc's working folder then there > should'nt be a problem should there? None of the files downloaded can > be run automatically so if you see a dodgy exe,vbs or ini etc then you > can safely delete it or am I missing something here?
If you have some friend you trust and know that they will not send more files than they should, you may use an options in mIRC 6.x to only accept files from them ('File\Options\DCC' click the button Trust). I have never tried, but I think it is the best way.
Accepting files from anyone has also a certain problem: it gives anyone your IP. If one person knows that you are not online or wants your IP, they can get it when you accept the file (of course they send their IP also, but who is the normal user which is going to pay attention to that?). This also goes for Fserve/DCC Chat.
Another note is that you can make mIRC accept txt, mpeg, mp3 and other media type files. Even if someone tries to send you an *.exe, mIRC will not accept. In some network, even if you don't have that set, the file will be cancel by the Server. ('File\Options\DCC\Folder' On the DCC Ignore, I use the options 'Ignore all except': *.gif, *.mpeg, *.mp3... and others).
On Sat, 4 May 2002 06:43:24 +0200, Igor2 <pt...@hszk.bme.hu> wrote:
>On Sat, 4 May 2002, rob beattie wrote:
>> Why is everyone so afraid of the autoget function? So it can download >> scripts and files without you knowing but as long as you specify a >> download directory that is not within Mirc's working folder then there >> should'nt be a problem should there? None of the files downloaded can >> be run automatically so if you see a dodgy exe,vbs or ini etc then you >> can safely delete it or am I missing something here?
>you are right if you can be sure that noone will run that file. Noone >means none of the users (imagine when your little sister sits down at your >comp and finds princess.exe) and none of the programs. Can you trust >windows programs? If so, good for you :>
I have made sure that my younger sister is paranoid about any file that she has not seen before and told her to leave them well alone. I have also told her to scan any file that she brings externally so that at least the chance of any wrong doing is minimised.
>The real danger is flooding your line and filling your hdd. If your line >is slow, people from faster lines would send you files while you are >sleeping, and your ISP is counting. When they ask "why did you have 5 >gigabytes data transfer in the last week?" and you can't answer, thats >dangerous ;) If your line is fast, than anyone can write a program that >sends you random bytes, not a file. Again, when you sleep, they start to >send those, and when you wake up, your hdd is already full (a windows >nicely can crash due to hdd fill).
I am on cable which is currently capped at 128K (which gives downloads of up to 16K as I can't afford the extra £10 to go for 512K(about 60-70K download speed) so it's not fast enough to fill up my hard drive without me realising. In truth, I had'nt thought of that problem but at least it is easily recoverable and as my PC is only a home standalone computer it is not the end of the world if it does go tits up for a little while(as long as I can empty all the crap put in the hd by any malicious code)
>Summary: why do you let a program to think instead of yourself? :)
I've got to admit I've always had autoget switched on and the first thing I do when downloading a new version of mirc is edit out all the file ignore thingies that are built in - and yet I've never ever had a problem. ok so people can send you dodgy stuff - but thats your own fault if you advertise the fact that you have autoget switched on. plus to successfully infect you with a virus, the file must be executed first - If I'm not sure about soemthing I always open in in notepad first and look for things that shouldnt be there according to that file type or discription.
On 9-May-2002, "poison_kitty" <poison_ki...@neopets-guide.com> wrote:
> ok so > people can send you dodgy stuff - but thats your own fault if you > advertise > the fact that you have autoget switched on. plus to successfully infect > you > with a virus, the file must be executed first
I doubt anyone advertises they have autoget on, really. But someone who is infected with an autosend virus is still going to attempt to send whether you've got it blocked or not. With autoget on, you just have to be alert enough to notice and stop the send
> Why is everyone so afraid of the autoget function? So it can download > scripts and files without you knowing but as long as you specify a > download directory that is not within Mirc's working folder then there > should'nt be a problem should there? None of the files downloaded can > be run automatically so if you see a dodgy exe,vbs or ini etc then you > can safely delete it or am I missing something here?
I've used autoget for a long time. It's fine.IF you discover a strange file, either run it by a virus scanner or just delete. No problems. I haven't had ANY issues with anyone trying to fill my HDD.Even thought it is only 10 gigs, I don't think anyone else wants to have to discuss to THEIR isp why they sent 4+ gigs in one night. Don't be stupid and you'll be great.
There is also a problem of worm virus's being sent automatically from an infected mirc user. If you autoget that file when the infected user's client trys to send it to you, BAM you have it now. These mirc worms work the same way as the e-mail worms do.
> There is also a problem of worm virus's being sent automatically from an > infected mirc user. If you autoget that file when the infected user's client > trys to send it to you, BAM you have it now. These mirc worms work the same > way as the e-mail worms do.
Yep, Don't keep auto get on when your jumping from one busy irc chat channel to another or you will end up with these type of files in your mirc..... but if your on a quiet network were you know the majority of users and only in one or two channels that you know really well generally its not so bad... and most of those worms have fixes..... if you do happen to get one just ask around most people will know where to go in order to remove them... there can be some really dangerous virus's floating around the net.... but in general most are fairly harmless and easily enough removed... I wouldn't leave auto get on unless I knew the channels i chatted and the users in those channels very well though just to be on the safe side... If you do then make sure you have a virus scan handy and do one regularly.... especially if you leave your PC for long periods of time whilst connected without being monitored cause there's always lamers around who think its fun to cause trouble for others :(
> Why is everyone so afraid of the autoget function? So it can download > scripts and files without you knowing but as long as you specify a > download directory that is not within Mirc's working folder then there > should'nt be a problem should there? None of the files downloaded can > be run automatically so if you see a dodgy exe,vbs or ini etc then you > can safely delete it or am I missing something here?
Yes, its very dangerous. Just imagine when a friend find "freexxx.exe" and run!
And somebody can send many random data to fry your phone line(dial-up). If you have cable, a user may flood you with file, and if they're renamed as windows files, they're launched and boom. If you want to know about this problem[happened on a BBS in 1995] , try this link: http://www.inf.ufsc.br/barata/barata14.html [Brazilian] section that says about "DIA DO..."
-- % make 'something awesome to impress ircops' Make: Don't know how to make something awesome to impress ircops. Stop.
>"rob beattie" <rob@/remove/ghosh.co.uk> escreveu na mensagem >news:3cd33c20.41807172@news.cable.ntlworld.com... >> Why is everyone so afraid of the autoget function? So it can download >> scripts and files without you knowing but as long as you specify a >> download directory that is not within Mirc's working folder then there >> should'nt be a problem should there? None of the files downloaded can >> be run automatically so if you see a dodgy exe,vbs or ini etc then you >> can safely delete it or am I missing something here?
>Yes, its very dangerous. >Just imagine when a friend find "freexxx.exe" and run!
>And somebody can send many random data to fry your phone line(dial-up). If >you have cable, a user may flood you with file, and if they're renamed as >windows files, they're launched and boom. If you want to know about this >problem[happened on a BBS in 1995] >, try this link: http://www.inf.ufsc.br/barata/barata14.html [Brazilian] >section that says about "DIA DO..."
There is a zero probability that any dodgy files would get executed as the only other user of my comp(my sister) is well aware of the threat of viruses etc and knows not to run any strange .exes or even .jpg.exes . I have a cable connection but it has been capped to only 50MB/hour(128K) and even if I leave autoget on overnight and someone tried to fill my drive, they would only be able to upload about 250 MB before I found out(I never sleep more than 5 hours per night). If I was able to afford the full speed 512K cable service then admittedly this could be a bit more of a problem however.
