ML> JP>    I posted just now, that I D/L'd a new reader. I wonder if it is
ML> JP> also subject to invasions ?

ML>i don't know... i only know that adobe stuff has a lot of holes and has had
ML>some of them for years... flash and pdf are both used as infiltration
ML>mechanisms with pdf being much more common...

Mark,

I started using the FortKnox firewall and every hour at 42 minutes after
the hour FortKnox pops up with an Adobe Flash Update request.

Just after I started using FortKnox I used a 2nd pc to see who is
sending these requests to me by entering the IP in at https://ipdb.at
and it says Akamai Technologies is the owner of the 23.61.162.70 IP
address.

It isn't Adobe but Akamai, and I'm wondering if the request is for real
or not.

So I clicked on the Flash icon in XP Control Panel and used it to see
what version of Flash I have, and then I clicked on the link on that tab
to see what version Adobe Flash is offering currently and I see it is
the same version that is on my XP box.

So every hour when I get the alert I click No.
Yes, I know I could Check the Checkbox before clicking No but since
I'm still learning how to 'TRAIN' FortKnox I'm just clicking the No
button every hour when FortKnox asks me about it.

At least the pop up reminds me it has been another hour that I have been
using the computer.

ML>i know that in the IDS/IPS stuff i work with, we are always looking inside pd
ML>files for critters and their code... have you ever gotten a
surprising "spam"
ML>from fedex or ups in your email? many of those were carrying pdfs full of
ML>critters... what they do is carry the critter code that checks what adobe, ja
ML>and a few other packages you have installed... they already know what holes
ML>they are looking for so the critter then hits the 'net at their special site
ML>with a url that tells them what apps you have... they then serve up the
ML>critters that drive thru the holes in those apps and infect you with one or
ML>more of their own tools... once that's done, they have control over your
ML>machine and can update their tools or use your machine in their botnets or ev
ML>just wait in their tools to send them the info on your activities and the
ML>keylogger data they record as you log into your accounts and access your bank
ML>accounts...

I didn't know what IDS or IPS meant so I used a Search and decided to
use Webopedia.com to learn what Intrusion Detection System and Intrusion
Prevention System means.

Boy!, You have your work cut out for you!  Thanks for doing it!

ML>the above can also happen just by viewing an advertisement on some clean and
ML>legitimate site if they are lucky enough to get an ad campaign running on an
ML>advertising network without it being vetted or looked at too closely... this
ML>happened in the last months and sites like abc.com, nfl.com, nbc.com and othe
ML>really huge brand name sites were displaying these ads and infesting many of
ML>their users... i remember the huge flurry of activity as we moved to catch
ML>these attacks and get the ads pulled from the advertising network's servers..

Except by accident, I don't click on advertisment banners, I hate the
fact that I'm tracked by what I have recently looked at on the internet,
and get advertisements along the same line as what I've been viewing
online.

I'm using Firefox with Ad Blocker Plus and just a week ago added
No Script to all of the other Extensions I have in FF.

Any suggestions to lessen my Paranoia??????   Thanks!

Yes, You can laugh at all of the above.


 * SLMR 2.1a #T348 * You can always find what you're not looking for.
--- SBBSecho 2.12-Linux