Is autoget really so dangerous?
rob beattie
scripts and files without you knowing but as long as you specify a
download directory that is not within Mirc's working folder then there
should'nt be a problem should there? None of the files downloaded can
be run automatically so if you see a dodgy exe,vbs or ini etc then you
can safely delete it or am I missing something here?
Igor2
you are right if you can be sure that noone will run that file. Noone
means none of the users (imagine when your little sister sits down at your
comp and finds princess.exe) and none of the programs. Can you trust
windows programs? If so, good for you :>
The real danger is flooding your line and filling your hdd. If your line
is slow, people from faster lines would send you files while you are
sleeping, and your ISP is counting. When they ask "why did you have 5
gigabytes data transfer in the last week?" and you can't answer, thats
dangerous ;) If your line is fast, than anyone can write a program that
sends you random bytes, not a file. Again, when you sleep, they start to
send those, and when you wake up, your hdd is already full (a windows
nicely can crash due to hdd fill).
Summary: why do you let a program to think instead of yourself? :)
bye
Igor2
them
> Summary: why do you let a program to think instead of yourself? :)
If it were possibe I would have an iron lung breathing for me, IV's
feeding me and a computer thinking for me.
--
them@IRCnet
"You have no idea how much it costs to look this cheap." Steve Tyler,
Aerosmith
Elias_REC
"rob beattie" <rob@/remove/ghosh.co.uk> escreveu na mensagem
news:3cd33c20...@news.cable.ntlworld.com...
If you have some friend you trust and know that they will not send more
files than they should, you may use an options in mIRC 6.x to only accept
files from them ('File\Options\DCC' click the button Trust). I have never
tried, but I think it is the best way.
Accepting files from anyone has also a certain problem: it gives anyone your
IP. If one person knows that you are not online or wants your IP, they can
get it when you accept the file (of course they send their IP also, but who
is the normal user which is going to pay attention to that?). This also goes
for Fserve/DCC Chat.
Another note is that you can make mIRC accept txt, mpeg, mp3 and other media
type files. Even if someone tries to send you an *.exe, mIRC will not
accept. In some network, even if you don't have that set, the file will be
cancel by the Server. ('File\Options\DCC\Folder' On the DCC Ignore, I use
the options 'Ignore all except': *.gif, *.mpeg, *.mp3... and others).
Take Care,
Ricardo Elias
rob beattie
>
>
>On Sat, 4 May 2002, rob beattie wrote:
>
>> Why is everyone so afraid of the autoget function? So it can download
>> scripts and files without you knowing but as long as you specify a
>> download directory that is not within Mirc's working folder then there
>> should'nt be a problem should there? None of the files downloaded can
>> be run automatically so if you see a dodgy exe,vbs or ini etc then you
>> can safely delete it or am I missing something here?
>>
>you are right if you can be sure that noone will run that file. Noone
>means none of the users (imagine when your little sister sits down at your
>comp and finds princess.exe) and none of the programs. Can you trust
>windows programs? If so, good for you :>
>
I have made sure that my younger sister is paranoid about any file
that she has not seen before and told her to leave them well alone. I
have also told her to scan any file that she brings externally so that
at least the chance of any wrong doing is minimised.
>The real danger is flooding your line and filling your hdd. If your line
>is slow, people from faster lines would send you files while you are
>sleeping, and your ISP is counting. When they ask "why did you have 5
>gigabytes data transfer in the last week?" and you can't answer, thats
>dangerous ;) If your line is fast, than anyone can write a program that
>sends you random bytes, not a file. Again, when you sleep, they start to
>send those, and when you wake up, your hdd is already full (a windows
>nicely can crash due to hdd fill).
>
I am on cable which is currently capped at 128K (which gives downloads
of up to 16K as I can't afford the extra £10 to go for 512K(about
60-70K download speed) so it's not fast enough to fill up my hard
drive without me realising. In truth, I had'nt thought of that problem
but at least it is easily recoverable and as my PC is only a home
standalone computer it is not the end of the world if it does go tits
up for a little while(as long as I can empty all the crap put in the
hd by any malicious code)
>Summary: why do you let a program to think instead of yourself? :)
>
>bye
>
>Igor2
Thanks for replying.
poison_kitty
do when downloading a new version of mirc is edit out all the file ignore
thingies that are built in - and yet I've never ever had a problem. ok so
people can send you dodgy stuff - but thats your own fault if you advertise
the fact that you have autoget switched on. plus to successfully infect you
with a virus, the file must be executed first - If I'm not sure about
soemthing I always open in in notepad first and look for things that
shouldnt be there according to that file type or discription.
Poison_kitty
Marie Braden
On 9-May-2002, "poison_kitty" <poison...@neopets-guide.com> wrote:
> ok so
> people can send you dodgy stuff - but thats your own fault if you
> advertise
> the fact that you have autoget switched on. plus to successfully infect
> you
> with a virus, the file must be executed first
I doubt anyone advertises they have autoget on, really.
But someone who is infected with an autosend virus is still going to attempt
to send whether you've got it blocked or not. With autoget on, you just have
to be alert enough to notice and stop the send
DavidG17
"rob beattie" <rob@/remove/ghosh.co.uk> wrote in message
news:3cd33c20...@news.cable.ntlworld.com...
I've used autoget for a long time. It's fine.IF you discover a strange file,
either run it by a virus scanner or just delete. No problems. I haven't had
ANY issues with anyone trying to fill my HDD.Even thought it is only 10
gigs, I don't think anyone else wants to have to discuss to THEIR isp why
they sent 4+ gigs in one night. Don't be stupid and you'll be great.
DavidG17
delta5
infected mirc user. If you autoget that file when the infected user's client
trys to send it to you, BAM you have it now. These mirc worms work the same
way as the e-mail worms do.
--
Delta5
Founder
USAchat Network
irc.usachat.net
www.usachat.net
Kas
"delta5" <rbur...@usachat.net> wrote in message
news:ZuSG8.3186$FL3.3...@cletus.bright.net...
Yep, Don't keep auto get on when your jumping from one busy irc chat channel
to another or you will end up with these type of files in your mirc..... but
if your on a quiet network were you know the majority of users and only in
one or two channels that you know really well generally its not so bad...
and most of those worms have fixes..... if you do happen to get one just ask
around most people will know where to go in order to remove them... there
can be some really dangerous virus's floating around the net.... but in
general most are fairly harmless and easily enough removed... I wouldn't
leave auto get on unless I knew the channels i chatted and the users in
those channels very well though just to be on the safe side... If you do
then make sure you have a virus scan handy and do one regularly....
especially if you leave your PC for long periods of time whilst connected
without being monitored cause there's always lamers around who think its fun
to cause trouble for others :(
Kas
vIRCiated(tm)
"rob beattie" <rob@/remove/ghosh.co.uk> escreveu na mensagem
news:3cd33c20...@news.cable.ntlworld.com...
Yes, its very dangerous.
Just imagine when a friend find "freexxx.exe" and run!
And somebody can send many random data to fry your phone line(dial-up). If
you have cable, a user may flood you with file, and if they're renamed as
windows files, they're launched and boom. If you want to know about this
problem[happened on a BBS in 1995]
, try this link: http://www.inf.ufsc.br/barata/barata14.html [Brazilian]
section that says about "DIA DO..."
--
% make 'something awesome to impress ircops'
Make: Don't know how to make something awesome to impress ircops. Stop.
rob beattie
<ma...@zipmail.com.br> wrote:
>
>"rob beattie" <rob@/remove/ghosh.co.uk> escreveu na mensagem
>news:3cd33c20...@news.cable.ntlworld.com...
>> Why is everyone so afraid of the autoget function? So it can download
>> scripts and files without you knowing but as long as you specify a
>> download directory that is not within Mirc's working folder then there
>> should'nt be a problem should there? None of the files downloaded can
>> be run automatically so if you see a dodgy exe,vbs or ini etc then you
>> can safely delete it or am I missing something here?
>
>Yes, its very dangerous.
>Just imagine when a friend find "freexxx.exe" and run!
>
>And somebody can send many random data to fry your phone line(dial-up). If
>you have cable, a user may flood you with file, and if they're renamed as
>windows files, they're launched and boom. If you want to know about this
>problem[happened on a BBS in 1995]
>, try this link: http://www.inf.ufsc.br/barata/barata14.html [Brazilian]
>section that says about "DIA DO..."
There is a zero probability that any dodgy files would get executed as
the only other user of my comp(my sister) is well aware of the threat
of viruses etc and knows not to run any strange .exes or even
.jpg.exes .
I have a cable connection but it has been capped to only
50MB/hour(128K) and even if I leave autoget on overnight and someone
tried to fill my drive, they would only be able to upload about 250
MB before I found out(I never sleep more than 5 hours per night).
If I was able to afford the full speed 512K cable service then
admittedly this could be a bit more of a problem however.