A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Florida city reportedly fires IT director after being forced to pay$460G in ransomware attack



 
 
Thread Tools Rate Thread Display Modes
  #16  
Old July 29th 19, 12:12 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Shadow
external usenet poster
 
Posts: 1,638
Default Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack

On Mon, 29 Jul 2019 11:58:32 +0100, "J. P. Gilliver (John)"
wrote:

Yes, but that doesn't answer my question "How would you know which IP
addresses are any given country" - being able to look up which country a
given IP is in (even assuming the whois return includes that datum)
doesn't tell you which IP addresses are in a given country; it tells you
(or might) which country a given IP address is in, which isn't the same
thing!


Geolite keeps its databases updated.
Can be used with some hacking programs:

https://dev.maxmind.com/geoip/geoip2/geolite2/

They +- recently changed the database format, which fsckd up a
lot of old programs ...

As you say, anyone can rent space on a US server, so even if
the IP is American, the content could be from anywhere.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Ads
  #17  
Old July 29th 19, 12:27 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Carlos E.R.[_3_]
external usenet poster
 
Posts: 1,356
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

On 29/07/2019 12.58, J. P. Gilliver (John) wrote:
In message , The Natural Philosopher
writes:
On 29/07/2019 03:01, J. P. Gilliver (John) wrote:
In message , The Natural Philosopher
writes:
On 28/07/2019 23:50, J. P. Gilliver (John) wrote:
In message , Carlos E.R.
writes:
On 28/07/2019 15.50, Anonymous wrote:
[]
(Someone else wrote - attribution snipped before this point
This is why I installed ipset on my server and block all of China,
Russia, North Korea and Slavic countries.Â* This is something that
most all servers should.Â* It is not like you are going to miss out
on any business from these corrupt, commie countries.

Â* You need to include all of Africa too.


And all of USA. That's the worst one, but you will not see it in
theÂ* logs.

Difficult, as very few use the .us TLD. I guess since (more or
less)Â* theÂ* internet was invented/developed in USA, the .com, etc.
TLDsÂ* predominate,Â* but I do continue to be surprised that people
aren'tÂ* _proud_ to use aÂ* .us address.

Am I intuiting that you think ipset works on domain names rather
thanÂ* IP addresses?

Sorry, I hadn't noticed you said you were using ipset (of which I
knowÂ* nothing). I was thinking of host file and similar filtering.


Not me. Someone lese.

[I never said it was you - if you count ""s, you'll see I was replying
to the person posting as "Carlos E.R.Â* ".]


And you misunderstood me completely. The USA government is possibly the
worst "intruder" in your computers, and you will not see it coming,
because it is done by the FBI and the CIA, and they don't show in your
logs. You can do nothing against them. :-P

Better you disconnect your computers and cultivate turnips instead :-P

--
Cheers, Carlos.
  #18  
Old July 29th 19, 12:57 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Anonymous
external usenet poster
 
Posts: 10
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack


And all of USA. That's the worst one, but you will not see it in

the logs.

Difficult, as very few use the .us TLD. I guess since (more or

less) the internet was invented/developed in USA, the .com, etc.
TLDs predominate, but I do continue to be surprised that people
aren't _proud_ to use a .us address.

Part of the problem is because the .us TLD cannot be used with
WhoisGuard. I only use .com and .net because of this.

  #19  
Old July 29th 19, 12:58 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack

In article , Anonymous wrote:

Part of the problem is because the .us TLD cannot be used with
WhoisGuard. I only use .com and .net because of this.


then whoisguard is broken.
  #20  
Old July 29th 19, 12:59 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Anonymous
external usenet poster
 
Posts: 10
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack



How would you know which IP addresses are any given country

anyway?


https://www.countryipblocks.net/acl.php

  #21  
Old July 29th 19, 01:04 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
anonymous
external usenet poster
 
Posts: 1
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack


And you misunderstood me completely. The USA government is

possibly the
worst "intruder" in your computers, and you will not see it

coming,
because it is done by the FBI and the CIA, and they don't show in

your
logs. You can do nothing against them. :-P

Better you disconnect your computers and cultivate turnips instead


Use an external pfSense firewall.

  #22  
Old July 29th 19, 01:08 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Anonymous
external usenet poster
 
Posts: 10
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack


In article , Anonymous

wrote:


Part of the problem is because the .us TLD cannot be used with
WhoisGuard. I only use .com and .net because of this.


then whoisguard is broken.


No, that is what the commies in the government and ICAN decided to
do when the new TDLs were introduced. They couldn't stand to see
people having the freedom to keep themselves anonymous.

  #23  
Old July 29th 19, 01:13 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack

In article , Anonymous wrote:


Part of the problem is because the .us TLD cannot be used with
WhoisGuard. I only use .com and .net because of this.


then whoisguard is broken.


No, that is what the commies in the government and ICAN decided to
do when the new TDLs were introduced. They couldn't stand to see
people having the freedom to keep themselves anonymous.


one has nothing to do with the other,

any service that doesn't recognize all valid tlds is broken. simple as
that.
  #24  
Old July 29th 19, 01:21 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Mayayana
external usenet poster
 
Posts: 6,438
Default Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack

"J. P. Gilliver (John)" wrote

| Now that's a closer answer. I see https://lite.ip2location.com/ has
| (bottom right of page) a list of countries, though I didn't investigate
| it.
|

I use the MaxMind free database when processing my server
logs, though it's got some limitations, it's work intensive, and
addresses constantly change. I'm only using it after the fact,
out of curiosity. I've also seen people sharing numeric lists online,
especially to block China.

But at some point this becomes unrealistic. Your front door
now opens to the world. The way to make it secure is not to
have logins, SQL backends, shopping carts components, etc,
on a website directly connected to data. That's nothing new.
But no one wants to accept that you can't have an internet
connected network and still have security, in spite of the fact
that it's been proved over and over again. So people wiseacre
about best security practices.

People talk about blocking China, Russia, Eastern Europe,
Africa, yuppies, commies, rednecks.... What's left? White,
1st-world moms shopping for jumpers? Is there some reason
to trust Brazil and New Zealand?

Many of the attack probes on my site are coming from Amazon
web services, which I am tempted to block, if only to block the
world-wide infection of the decency-eating bacteria known as
Bezos. But all of those filters hurt innocent people. Small
businesses are on Amazon web services. Shouild I block them
because they don't know how to manage security? Should I
block the millions of Chinese and Russians who need software
and can't afford to buy it, just to block the hundreds with
criminal motives? Someone suggested, "Who cares about them?
They don't buy product." But that's a petty, primitive, racist
approach. More to the point, you can't block them all. The
Internet doesn't fit into the "move-to-the-suburbs" approach
to crime prevention.


  #25  
Old July 29th 19, 02:34 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
The Doctor[_2_]
external usenet poster
 
Posts: 53
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

In article , anonymous wrote:

And you misunderstood me completely. The USA government is

possibly the
worst "intruder" in your computers, and you will not see it

coming,
because it is done by the FBI and the CIA, and they don't show in

your
logs. You can do nothing against them. :-P

Better you disconnect your computers and cultivate turnips instead


Use an external pfSense firewall.


Or build a BSD firewall.
--
Member - Liberal International This is Ici
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
The only cure for grief is action. -George Henry Lewes
  #26  
Old July 29th 19, 02:45 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Carlos E.R.[_3_]
external usenet poster
 
Posts: 1,356
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

On 29/07/2019 15.34, The Doctor wrote:
In article , anonymous wrote:

And you misunderstood me completely. The USA government is

possibly the
worst "intruder" in your computers, and you will not see it

coming,
because it is done by the FBI and the CIA, and they don't show in

your
logs. You can do nothing against them. :-P

Better you disconnect your computers and cultivate turnips instead


Use an external pfSense firewall.


Or build a BSD firewall.


Neither will help you. Nothing will, except strong encryption in *all*
your communications.

--
Cheers, Carlos.
  #27  
Old July 29th 19, 02:47 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Carlos E.R.[_3_]
external usenet poster
 
Posts: 1,356
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

On 29/07/2019 14.21, Mayayana wrote:
"J. P. Gilliver (John)" wrote

| Now that's a closer answer. I see https://lite.ip2location.com/ has
| (bottom right of page) a list of countries, though I didn't investigate
| it.
|

I use the MaxMind free database when processing my server
logs, though it's got some limitations, it's work intensive, and
addresses constantly change. I'm only using it after the fact,
out of curiosity. I've also seen people sharing numeric lists online,
especially to block China.

But at some point this becomes unrealistic. Your front door
now opens to the world. The way to make it secure is not to
have logins, SQL backends, shopping carts components, etc,
on a website directly connected to data. That's nothing new.
But no one wants to accept that you can't have an internet
connected network and still have security, in spite of the fact
that it's been proved over and over again. So people wiseacre
about best security practices.

People talk about blocking China, Russia, Eastern Europe,
Africa, yuppies, commies, rednecks.... What's left? White,
1st-world moms shopping for jumpers? Is there some reason
to trust Brazil and New Zealand?

Many of the attack probes on my site are coming from Amazon
web services, which I am tempted to block, if only to block the
world-wide infection of the decency-eating bacteria known as
Bezos. But all of those filters hurt innocent people. Small
businesses are on Amazon web services. Shouild I block them
because they don't know how to manage security? Should I
block the millions of Chinese and Russians who need software
and can't afford to buy it, just to block the hundreds with
criminal motives? Someone suggested, "Who cares about them?
They don't buy product." But that's a petty, primitive, racist
approach. More to the point, you can't block them all. The
Internet doesn't fit into the "move-to-the-suburbs" approach
to crime prevention.



Indeed...


--
Cheers, Carlos.
  #28  
Old July 29th 19, 02:48 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Carlos E.R.[_3_]
external usenet poster
 
Posts: 1,356
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

On 29/07/2019 14.13, nospam wrote:
In article , Anonymous wrote:


Part of the problem is because the .us TLD cannot be used with
WhoisGuard. I only use .com and .net because of this.

then whoisguard is broken.


No, that is what the commies in the government and ICAN decided to
do when the new TDLs were introduced. They couldn't stand to see
people having the freedom to keep themselves anonymous.


one has nothing to do with the other,

any service that doesn't recognize all valid tlds is broken. simple as
that.


Absolutely.

--
Cheers, Carlos.
  #29  
Old July 29th 19, 03:03 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
The Natural Philosopher[_2_]
external usenet poster
 
Posts: 133
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack

On 29/07/2019 11:58, J. P. Gilliver (John) wrote:
Just looking at the russian-federation list linked to above, it's a very
long and bitty list; your "ipset" must work hard blocking all those,
plus the other countries you mention. (By "your" I mean whichever poster
said they were doing that.)


yes.

I would probably set upa mysql database and reconstitute an ipset file
from it at boot or summat


--
In a Time of Universal Deceit, Telling the Truth Is a Revolutionary Act.

- George Orwell
  #30  
Old July 29th 19, 03:31 PM posted to alt.privacy.anon-server,comp.os.linux.misc,comp.os.linux.advocacy,alt.windows7.general,alt.comp.os.windows-10
Anonymous
external usenet poster
 
Posts: 10
Default Florida city reportedly fires IT director after being forced topay $460G in ransomware attack


On 29/07/2019 15.34, The Doctor wrote:

In article , anonymous

wrote:

And you misunderstood me completely. The USA government is

possibly the
worst "intruder" in your computers, and you will not see it

coming,
because it is done by the FBI and the CIA, and they don't show

in your
logs. You can do nothing against them. :-P

Better you disconnect your computers and cultivate turnips

instead

Use an external pfSense firewall.


Or build a BSD firewall.


Neither will help you. Nothing will, except strong encryption in

*all*
your communications.


HA! So says who? pfSense is a BSD firewall.

 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 05:16 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.