going out for chinese food - - the hard way

[Zachariah Mully]

Hey all- Over the past 5 days I have received over 1.5 GB of mail traffic to my domain from one person with the invalid email address, res088oc@... who has been infected with the SirCam virus. I contacted Verizon in the hope that they'd be able to find this person and shut them down, but they were unhelpful to say the least. The email address is invalid (something the abuse department at Verizon didn't understand, hello? spam sound familiar?) so abuse@... couldn't help me ("no sir, we need a valid email address.." "I've got their IP address, you just use that" "NO"), so I have had to take this into my own hands. I opened up several of the documents that the virus emails off of this persons drive and found that I must have had contact with this person on about a KLR.... Here's what I've found so far: His name is Jeff Kopanke and he works for Dual-Star. And he has no fucking clue what he's doing. You can be sure that the only ordering that I'll do in the future with Dual-Star is to have them get FUCKING sysadmin who doesn't have their head up their ass. I have a nice spreadsheet with plenty of names, shipping information and other information I won't reveal here from Dual-Star that the virus so nicely emailed me. Anyone want a copy? This is the lack of respect and knowledge that continually pisses me off about people in the e-commerce/internet world. If you don't know how to secure it, then goddamn it HIRE someone to do it. It is everyones worst nightmare to have their information stolen. I have no problem with Dual-Star's business, but now I have a huge problem with how they carry out their business. Fuck 'em... I am certainely glad that I never ordered anything from them and that my information isn't being emailed around the world to unknowns. Sorry I am so grouchy, but I hate having to deal with *other people's* stupidity especially when it takes up 3 days of my time. Zack P.S. for all now concerned about their information, please be assured that all copies of said documents sent to the domain smartbrief.com have been and will be destroyed. I can't speak though for ever other place they were sent.

[Martin Fletchall]

Ahhh yesss... The Micr*s*ft approach... Don't fix it ahead of time... Let someone else fix, test and secure it.... I know it well! Fletch This is the lack of respect and knowledge that continually pisses me off about people in the e-commerce/internet world. If you don't know how to secure it, then goddamn it HIRE someone to do it. It is everyone's worst nightmare to have their information stolen.

[squidwannabe@hotmail.com]

Hey Zack, Don't be stupid man. He has a virus and he probably didn't know it. I also got thousands of emails from him. Don't blame him, blame the person who invented the virus. It happens all the time. Chill out.

--- In DSN_klr650@y..., Zachariah Mully wrote: > Hey all- > Over the past 5 days I have received over 1.5 GB of mail traffic > to my domain from one person with the invalid email address, > res088oc@v... who has been infected with the SirCam virus. I > contacted Verizon in the hope that they'd be able to find this person and > shut them down, but they were unhelpful to say the least. The email > address is invalid (something the abuse department at Verizon didn't > understand, hello? spam sound familiar?) so abuse@v... couldn't > help me ("no sir, we need a valid email address.." "I've got their IP > address, you just use that" "NO"), so I have had to take this into my own > hands. I opened up several of the documents that the virus emails off of > this persons drive and found that I must have had contact with this person > on about a KLR.... Here's what I've found so far: > > His name is Jeff Kopanke and he works for Dual-Star. > And he has no fucking clue what he's doing. > > You can be sure that the only ordering that I'll do in the future > with Dual-Star is to have them get FUCKING sysadmin who doesn't have their > head up their ass. I have a nice spreadsheet with plenty of names, > shipping information and other information I won't reveal here from > Dual-Star that the virus so nicely emailed me. Anyone want a copy? > This is the lack of respect and knowledge that continually pisses > me off about people in the e-commerce/internet world. If you don't know > how to secure it, then goddamn it HIRE someone to do it. It is everyones > worst nightmare to have their information stolen. > I have no problem with Dual-Star's business, but now I have a huge > problem with how they carry out their business. Fuck 'em... I am > certainely glad that I never ordered anything from them and that my > information isn't being emailed around the world to unknowns. > > Sorry I am so grouchy, but I hate having to deal with *other people's* > stupidity especially when it takes up 3 days of my time. > > Zack > > P.S. for all now concerned about their information, please be assured that > all copies of said documents sent to the domain smartbrief.com have been > and will be destroyed. I can't speak though for ever other place they were > sent.

[squidwannabe@hotmail.com]

--- In DSN_klr650@y..., "Martin Fletchall" wrote:

> Ahhh yesss... The Micr*s*ft approach... Don't fix it ahead of

time... Let

> someone else fix, test and secure it.... I know it well! > > Fletch > > > This is the lack of respect and knowledge that continually pisses > me off about people in the e-commerce/internet world. If you don't

know

> how to secure it, then goddamn it HIRE someone to do it. It is

everyone's

> worst nightmare to have their information stolen.

The virus has nothing to do with E-commerce. It is email driven. He probably sent a list to his home address,the virus found it in his sent box, sent it out wuth the virus attached. I'm not defending Dual Star, I'm just stating the facts.

[Zachariah Mully]

Squid-

> > The virus has nothing to do with E-commerce. It is email driven. He > probably sent a list to his home address,the virus found it in his > sent box, sent it out wuth the virus attached. > I'm not defending Dual Star, I'm just stating the facts. >

Ah, how misguided are your intentions.... Yes, I know it is an email virus! Yes, I know that most people who have it are not aware of it and when they do find out are horrified and try quickly to correct it! Yes, it might have been sent from his home computer! BUT! Are you a business? Do you have sensitive information stored on your computer(s)? Have you taken the necessary precautions to make sure that access to that information is properly controlled? Do you email home sensitive information? When you deal with a business online you are putting you trust in them that they'll protect your sensitive and private data with any and all means availible. That means proper virus protection, proper ACL's, proper data backup and retrival methods. When a business has none of these in place, or poorly implemented, it can be devastating to both the customer and the business. I am abhorred at your laissez-faire attitude to this, it is attitudes such as yours which let businesses buy and sell our personal, confidental information like so much cattle... You may not care, but I certainely do, and I do not tolerate this type of behavior from any business, even MY own. If I had recieved your personal medical history in an email sent by the virus, I am sure that you'd be singing a different tune about security right about now... Do you get the jist of why I am so ticked of with the irresponisible behavior of Dual-star (or better Jeff@DS)? Perhaps I spend too much time everyday protecting all my subscribers personal, private information, so that they don't end up in someone's email inbox. I dunno, am I doing a disservice to my subscribers? ------------------ Zack Banana Republic of Washington, DC KLR650A5 "Buster" | KLR650A2 | ZG1000A1 | KZ440A2 | KX125G1 | 1966 Vespa 125 COG #4664

[Zachariah Mully]

Hell no... I won't even touch that M$ shite. My security starts with 1) Not running Microsoft servers 2) Keeping all my linux servers patched 3) Making sure that *I* am running exactly what I need to and nothing more 4) Having testing everything before deploying *anything* 5) Having good IDS software 6) Knowing how to write firewall rules 7) Knowing how to use snort, nmap, netcat, nessus, tcpdump, and all those good network tools... So yeah, I guess if I didn't know any better, I would try and hire someone like myself Unfortunately people use Microsoft cause they don't know any better (or Cisco for that matter, but that's an argument for another time and another place). ------------------ Zack Banana Republic of Washington, DC KLR650A5 "Buster" | KLR650A2 | ZG1000A1 | KZ440A2 | KX125G1 | 1966 Vespa 125 COG #4664

> -----Original Message----- > From: Martin Fletchall [mailto:pfsrep1@...] > Sent: Tuesday, July 31, 2001 5:10 PM > To: Zachariah Mully; dsn_klr650@yahoogroups.com > Subject: RE: [DSN_klr650] NKLR: F*** DUAL-STAR > > > Ahhh yesss... The Micr*s*ft approach... Don't fix it ahead of > time... Let > someone else fix, test and secure it.... I know it well! > > Fletch >

[squidwannabe@hotmail.com]

Zach, I agree with you, but new viruses evolve everyday which one cannot prepare fully for. Not everyone has an mind like a computer whiz. Maybe dual star outsourced there network setup in hopes it would be secure ? and some ego driven MCSE know it all came in a hook everything up for him. Even on a unix box a virus via email is still a threat. Adam Davis

--- In DSN_klr650@y..., "Zachariah Mully" wrote: > Squid- > > > > The virus has nothing to do with E-commerce. It is email driven. He > > probably sent a list to his home address,the virus found it in his > > sent box, sent it out wuth the virus attached. > > I'm not defending Dual Star, I'm just stating the facts. > > > > Ah, how misguided are your intentions.... Yes, I know it is an email > virus! Yes, I know that most people who have it are not aware of it and > when they do find out are horrified and try quickly to correct it! Yes, > it might have been sent from his home computer! > > BUT! > > Are you a business? Do you have sensitive information stored on your > computer(s)? Have you taken the necessary precautions to make sure that > access to that information is properly controlled? Do you email home > sensitive information? > > When you deal with a business online you are putting you trust in them > that they'll protect your sensitive and private data with any and all > means availible. That means proper virus protection, proper ACL's, > proper data backup and retrival methods. When a business has none of > these in place, or poorly implemented, it can be devastating to both the > customer and the business. > > I am abhorred at your laissez-faire attitude to this, it is attitudes > such as yours which let businesses buy and sell our personal, > confidental information like so much cattle... You may not care, but I > certainely do, and I do not tolerate this type of behavior from any > business, even MY own. If I had recieved your personal medical history > in an email sent by the virus, I am sure that you'd be singing a > different tune about security right about now... > > Do you get the jist of why I am so ticked of with the irresponisible > behavior of Dual-star (or better Jeff@DS)? > > Perhaps I spend too much time everyday protecting all my subscribers > personal, private information, so that they don't end up in someone's > email inbox. I dunno, am I doing a disservice to my subscribers? > > ------------------ > Zack > Banana Republic of Washington, DC > KLR650A5 "Buster" | KLR650A2 | ZG1000A1 | KZ440A2 | KX125G1 | 1966 Vespa > 125 > COG #4664

[Zachariah Mully]

Adam- Still missing the point here... Are you not worried about your own personal information that these companies have? That is my sole concern. Why accept their excuse for sending your information to unknown parties? Perhaps I am a little too wound up about this, but this is a place that I was going to order from and a place that a lot of the listers *have* ordered from. Privacy violations are only going to get worse and as it would seem no one gives a flying f*** through a rolling donut about it here. Just wait for the personal barcode to be tattoo to you forehead then tell me what you think ------------------ Zack Banana Republic of Washington, DC KLR650A5 "Buster" | KLR650A2 | ZG1000A1 | KZ440A2 | KX125G1 | 1966 Vespa 125 COG #4664

> -----Original Message----- > From: squidwannabe@... [mailto:squidwannabe@...] > Sent: Tuesday, July 31, 2001 7:27 PM > To: DSN_klr650@yahoogroups.com > Subject: [DSN_klr650] Re: NKLR: F*** DUAL-STAR > > > Zach, > > I agree with you, but new viruses evolve everyday which one cannot > prepare fully for. > Not everyone has an mind like a computer whiz. Maybe dual star > outsourced there network setup in hopes it would be secure ? and some > ego driven MCSE know it all came in a hook everything up for him. > Even on a unix box a virus via email is still a threat. > > Adam Davis > > >

[squidwannabe@hotmail.com]

I phoned in my order, so If my VISA / personal info is on their email client, shit will hit the fan..... Ok I see your point. But on the other hand, you can now approach DS with a security solution So this is what we learned , email clients are not secure databases , virues are bad and French is cool. Francais pour tous ! Adam the Frenchie from Canada.

--- In DSN_klr650@y..., "Zachariah Mully" wrote: > Adam- > Still missing the point here... Are you not worried about your own > personal information that these companies have? That is my sole concern. > Why accept their excuse for sending your information to unknown parties? > Perhaps I am a little too wound up about this, but this is a place that > I was going to order from and a place that a lot of the listers *have* > ordered from. Privacy violations are only going to get worse and as it > would seem no one gives a flying f*** through a rolling donut about it > here. > > Just wait for the personal barcode to be tattoo to you forehead then > tell me what you think > > ------------------ > Zack > Banana Republic of Washington, DC > KLR650A5 "Buster" | KLR650A2 | ZG1000A1 | KZ440A2 | KX125G1 | 1966 Vespa > 125 > COG #4664 > > > -----Original Message----- > > From: squidwannabe@h... [mailto:squidwannabe@h...] > > Sent: Tuesday, July 31, 2001 7:27 PM > > To: DSN_klr650@y... > > Subject: [DSN_klr650] Re: NKLR: F*** DUAL-STAR > > > > > > Zach, > > > > I agree with you, but new viruses evolve everyday which one cannot > > prepare fully for. > > Not everyone has an mind like a computer whiz. Maybe dual star > > outsourced there network setup in hopes it would be secure ? and some > > ego driven MCSE know it all came in a hook everything up for him. > > Even on a unix box a virus via email is still a threat. > > > > Adam Davis > > > > > >

[Fred Hink]

Anyone that has ordered from me in the past can rest assured that their credit information is safe. I don't store any credit card numbers or other information like that on my computer just for this reason. Since my shop is a small one and not sophisticated like some other larger business's, your credit info is stored on index cards and about as safe as Smith & Wesson and Ruger can make them. Fred www.arrowheadmotorsports.com

----- Original Message ----- From: To: DSN_klr650@yahoogroups.com> Sent: Tuesday, July 31, 2001 4:54 PM Subject: [DSN_klr650] Re: NKLR: F*** DUAL-STAR > > I phoned in my order, so If my VISA / personal info is on their email > client, shit will hit the fan..... Ok I see your point. > > But on the other hand, you can now approach DS with a security > solution > > So this is what we learned , email clients are not secure > databases , virues are bad and French is cool. > > Francais pour tous ! > > Adam the Frenchie from Canada. >