iMac accused of attempting to gain access to another computer
in [Mac Systems]
|
Prev: Adding print drivers in OSX Server (10.6)
Next: 618038 Reserch anything, nerw content up to date all sites 62
From: Brian Crawford on 23 Mar 2010 17:22 In article <1jft0nx.1wev4r31mivo1qN%nospam(a)see.signature>, nospam(a)see.signature (Richard Maine) wrote: > Jeffrey Goldberg <nobody(a)goldmark.org> wrote: > > > This is getting peculiar. There is no way that your iMac could have > > been infected with Sinowal (unless there is a Mac version that nobody > > knows about). > > Or unless he was running Windows in one of the several ways that can be > done on that Mac. Windows running via BootCamp or one of the virtual > machine emulators definitely *CAN* get infected. I might have missed it, > but I don't recall mention of whether the OP might have been running > such a thing. There is a misunderstanding among some people that just > because WIndows is running on a Mac, that somehow means it is > invulnerable to Windows viruses. Tain't so. > > A possibility I'm less sure of is Wine (in any of its variants). That's > something that can be installed as part of some apps in a way that might > not be quite as memorable to the user. That is, I can imagine a user > thinking Wine had never been installed, not realizing it came as part of > some app. I don't recall whether Wine's emulation is "good enough" to > make it vulnerable. Seems to me that last time I read up on it, Wine > wasn't yet good enough at emulating Windows to pick up most malware, but > that was long enough ago that things might have changed. > > I'm not at all sure what is really going on here. Jeffrey mentioned > several possibilities. But I didn't notice the ones above as being > brought up. Richard, no, I have no no emulator installed. Strictly OS X. Thanks though for your help. Brian
From: Jolly Roger on 23 Mar 2010 19:00 In article <crawford.bd-64EEF7.10241023032010@[74.223.185.199.nw.nuvox.net]>, Brian Crawford <crawford.bd(a)geemale.com> wrote: > In article <80s74cF9jlU1(a)mid.individual.net>, > Jeffrey Goldberg <nobody(a)goldmark.org> wrote: > > > On 2010-03-23 10:46 AM, Brian Crawford wrote: > > > > > I just read the Telus email again, and there is more info that I > > > probably should have mentioned. > > > > > They said that the "unique physical address" identifies the network > > > adapter or router connected to my ADSL modem. I have no "network > > > adapter" or router connected to my modem. Indeed the unique identifier > > > (MAC no.?) is not the MAC of my modem. > > > Correction here. While checking my computer's MAC address I noticed my > Hardware (MAC) address, and it is indeed the same as the MAC address > they identified me with (yikes!). For some reason the number on the back > of my modem is different from the number in (About this Mac -> Network > -> Locations -> Ethernet). Not sure whether this changes anything. Every Ethernet device has a unique MAC address. This is normal. They should be different. -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
From: Jolly Roger on 23 Mar 2010 19:01 In article <crawford.bd-B209B6.15220423032010@[74.223.185.199.nw.nuvox.net]>, Brian Crawford <crawford.bd(a)geemale.com> wrote: > In article <1jft0nx.1wev4r31mivo1qN%nospam(a)see.signature>, > nospam(a)see.signature (Richard Maine) wrote: > > > Jeffrey Goldberg <nobody(a)goldmark.org> wrote: > > > > > This is getting peculiar. There is no way that your iMac could have > > > been infected with Sinowal (unless there is a Mac version that nobody > > > knows about). > > > > Or unless he was running Windows in one of the several ways that can be > > done on that Mac. Windows running via BootCamp or one of the virtual > > machine emulators definitely *CAN* get infected. I might have missed it, > > but I don't recall mention of whether the OP might have been running > > such a thing. There is a misunderstanding among some people that just > > because WIndows is running on a Mac, that somehow means it is > > invulnerable to Windows viruses. Tain't so. > > > > A possibility I'm less sure of is Wine (in any of its variants). That's > > something that can be installed as part of some apps in a way that might > > not be quite as memorable to the user. That is, I can imagine a user > > thinking Wine had never been installed, not realizing it came as part of > > some app. I don't recall whether Wine's emulation is "good enough" to > > make it vulnerable. Seems to me that last time I read up on it, Wine > > wasn't yet good enough at emulating Windows to pick up most malware, but > > that was long enough ago that things might have changed. > > > > I'm not at all sure what is really going on here. Jeffrey mentioned > > several possibilities. But I didn't notice the ones above as being > > brought up. > > Richard, no, I have no no emulator installed. Strictly OS X. Thanks > though for your help. > > Brian Then you are down to demanding proof, so that you can trace the problem. -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
From: Jeffrey Goldberg on 24 Mar 2010 00:51 On 2010-03-23 6:40 PM, Lewis wrote: > (and where did they get it from? They aren't transmitted > out) He isn't using a router, just a Ether/ADSL bridge. So his Mac's MAC address can get as far as the Telus CO. -- Jeffrey Goldberg http://goldmark.org/jeff/ I rarely read HTML or poorly quoting posts Reply-To address is valid
From: Warren Oates on 24 Mar 2010 07:35
In article <80tk2kFo9dU1(a)mid.individual.net>, Jeffrey Goldberg <nobody(a)goldmark.org> wrote: > He isn't using a router, just a Ether/ADSL bridge. So his Mac's MAC > address can get as far as the Telus CO. And Telus require their customers to "register" a MAC address to access the network. Apparently, the whole registration process is easily spoofable, and customers are allowed to register 2 addresses, and so on. The OP didn't mention if he had a wireless router behind his Telus modem, did he? I missed some of this thread. -- Very old woody beets will never cook tender. -- Fannie Farmer |