legal Free Legal Advice

[matsutsu]

Linux question:

Newbie ako sa linux.

 

Got a pc/lcd from a friend.

Tried to install WinXP pero it always fail to install.

I decided to install Fedora instead.

 

All went well so far.

I tried to check the network.

I use DHCP to get ip address (ADSL ako) pero it always fail.

If I assign static ip, ok lng but if I restart network service, eth0 always fails.

 

Anything I should do to track this problem?

 

Ty!

[freelicker]

The BIR now have this ONETT procedure which will supposedly give you the CAR (tax clearance) five days from submission of all required documents. Haven't had any luck yet since almost invariably, the examiners will ask for additional documents or explanations.

Yup. Most of the times, the period provided for by the law in resolving issues are not followed. While they may tell you that it should come out within 5 days or 5 weeks, it does not because of one reason or another.

[umbertoeklat]

Is it true that the released Barton 2500+ is only an FSB 333?

If dats d case, then mas sigurado ka dito?

[-=extreme=-]

Specifications:

AMD Athlon XP 2500PR Socket A CPU, 1.833GHz, QuantiSpeedTM Architecture: Yes; Operations per clock cycle: 9; Integer pipelines: 3; Floating point pipelines: 3; Full x86 decoders: 3; L2 cache size: 512KB (on-chip); Total on-chip full-speed cache: 384KB; Total effective on-chip full-speed cache: 384KB (exclusive); System bus speed: 333MHz; 3D Enhancement instructions: 3DNow!TM Professional.

[-=extreme=-]

Latest Mydoom variant deletes files

 

The latest variant of the Mydoom virus, discovered Friday, is still spreading and actively deleting files from victims' computers, security researchers warned Wednesday. 

The variant, dubbed Mydoom.F, not only tries to perform a distributed denial-of-service attack on the Web sites of Microsoft Corp. and the Recording Industry Association of America, but has a destructive payload that deletes document and picture files, according to researchers at Helsinki's F-Secure Corp. 

While Mydoom.F is not as widespread as previous variants, it is more destructive to users, said Mikko Hyppönen, director of antivirus research at F-Secure. 

"Mydoom.F gradually goes through your system again and again, deleting files," Hyppönen said.

The worm targets mostly image and Microsoft document files, with extensions such as .jpg, .doc and .xls.

Computer users are advised to update their antivirus software, as most antivirus companies updated their products to address the new variant when it was discovered, Hyppönen said. 

If users haven't updated their antivirus software, they should turn off their systems until they are ready to update so the virus does not continue deleting files on infected computers, he added. 

Mydoom.F is just the latest threat spawned from the original Mydoom.A virus that began circulating last month.

Mydoom.F is thought to be by authors who picked up the Mydoom source code off the Internet, Hyppönen said, and not from the original Mydoom authors.The Mydoom.B variant was designed to drop the source code, Hyppönen said, presumably so it would be more difficult to track Mydoom code's authors. 

"The original Mydoom is the work of spammers and these spammers have nothing to gain from deleting files," Hyppönen said. "They want to lay low and have computers work."

[CyberRay]

-RE: MyDoom.F.mm

 

 

----- Virus Outbreak Alert! Threatcon Level: 3 -----

 

This Alert Has Been Issued By C.S.A 2-24-2004

http://groups.yahoo.com/group/CyberSecurityAlerts

 

 

Virus Name: W32.Mydoom.F@mm

 

The W32.Mydoom.F@mm worm:

• Is a mass-mailing worm that opens a backdoor on TCP port 1080

• Can download and execute arbitrary files

• Will perform a Denial of Service (DoS) against

www.microsoft.com and

www.riaa.com, if the computer's local system date is between 17th and

22nd of any month.

• Sets up a backdoor in an infected system, by opening TCP port

1080.

This could allow an attacker to connect to a computer and use it as a

proxy to gain access to its network resources.

 

------------------------------------------------------------

 

-Also Known As: W32/Mydoom.f@MM [McAfee], WORM_MYDOOM.F [Trend Micro],

W32/MyDoom-F[sophos]

 

-Type: Worm

 

-Infection Length: 34,568

 

-Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me,

Windows NT, Windows Server 2003, Windows XP

 

-Systems Not Affected: DOS, Linux, Macintosh, OS/2, UNIX

------------------------------------------------------------

 

-Technical Details: When W32.Mydoom.F@mm is executed, it does the

following:

1. Creates a mutex, "jmydoat<the infected computer name>Xmtx," which

allows only one instance of the worm to execute in memory.

2. May display a fake message:

 

Title: Error

Text: (One of the following)

• File is corrupted

• File cannot be opened

• Unable to open specified file

3. May create a file in the %Temp% folder that contains randomly

generated data if it does not display the above message. The worm

opens the file with notepad.exe.

 

Note: %Temp% is a variable. The worm locates the temporary folder and

copies itself to that location. By default, this is C:\Windows\TEMP

(Windows 95/98/Me), or C:\WINNT\Temp (Windows NT/2000), or C:\Document

and Settings\<UserName>\Local Settings\Temp (Windows XP).

 

 

4. Copies itself to %System% folder using a randomly generated file

name, made up of four to 13 lower case letters with an .exe extension.

 

Note: %System% is a variable: The worm locates the System folder and

copies itself to that location. By default, this is C:\Windows\System

(Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or

C:\Windows\System32 (Windows XP).

 

 

5. Creates a .dll file in the %System% folder using a randomly

generated file name, made up of four to eight lower case letters, with

randomly generated data appended to the end of the .dll file.

6. Opens a backdoor listening on TCP port 1080, using the .dll

component, which acts as a proxy server and can also download and

execute arbitrary files.

7. Terminates any processes whose name contains one of the following

strings:

• reged

• taskmo

• taskmg

• avp.

• avp32

• norton

• navapw

• navw3

• intrena

• mcafe

8. Creates .zip archive files in the root or %Windir% folder and its

subfolders, using randomly generated file names.

 

Notes:

• %Windir% is a variable. The worm locates the Windows

installation

folder (by default, this is C:\Windows or C:\Winnt) and may copy its

archive to that location.

• The size of the .zip file is 34K.

 

 

9. Adds the value:

 

"<four to eight random, lowercase letters>" = "%System%\<the filename

of the worm>"

 

to one of the registry keys:

• HKEY_CURRENT_USER\Software\Microsft\Windows\CurrentVersion\Run

• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

 

so that the worm runs when you restart Windows.

10. Creates the following registry keys:

• HKEY_LOCAL_MACHINE\Software\Microsoft\Window

s\CurrentVersion\Shell

• HKEY_CURRENT_USER\Software\Microsoft\Windows

\CurrentVersion\Shell

11. Checks the local system date. If the date is between the 17th and

22nd of any month, there is a 68% chance the worm will perform a DoS

attack against www.microsoft.com, and a 32% chance of a DoS attack

against www.riaa.com. The DoS is performed by creating random numbers

of new threads that send GET requests and use a direct connection to

port 80.

12. Searches the %System% folder on drives C to Z for the files with

the following extensions:

• .mdb

• .doc

• .xls

• .sav

• .jpg

• .avi

• .bmp

13. If the drive is a hard drive, remote drive, or RAM drive, the worm

randomly deletes the files it finds.

14. Searches the %System% folder on drives C to Z for the files with

the following extensions and for any files whose names contain

"Inbox."

• .wab

• .mbx

• .nch

• .mmf

• .ods

• .rtf

• .uin

• .oft

• .mht

• .vbs

• .msg

• .pl

• .eml

• .adb

• .tbb

• .dbx

• .asp

• .php

• .sht

• .htm

• .txt

15. If the drive is a hard drive, remote drive, or RAM drive, the worm

retrieves the email addresses from the files it finds.

16. Retrieves email addresses from the %TemporaryInternetFiles% folder

and the Windows address book.

 

Note: %TemporaryInternetFiles% is a variable. The worm locates the

Temporary Internet Files folder and copies itself to that location. By

default, this is C:\Windows\Temporary Internet Files (Windows

95/98/Me), or C:\Document and Settings\<UserName>\Local

Settings\Temporary Internet Files (Windows NT/2000/XP).

 

 

17. The worm avoids the email addresses that contain the following

strings:

• mozilla

• utgers.ed

• tanford.e

• fsf.

• gnu

• mit.e

• bsd

• math

• unix

• berkeley

• ripe.

• arin.

• sendmail

• rfc-ed

• ietf

• iana

• irix

• solaris

• sgi.com

• sun.com

• slashdot

• sourcef

• usenet

• fido

• linux

• kernel

• google

• ibm.com

• pgp

• acketst

• secur

• isc.o

• isi.e

• nai.co

• essagela

• suppo

• foo.

• .mil

• gov.

• .gov

• ruslis

• nodoma

• mydoma

• example

• inpris

• borlan

• sopho

• panda

• hotmail

• msn.

• icrosof

• syma

18. Uses its own engine to send itself, or its .zip archive, to the

email addresses it finds. The email has the following characteristics:

 

From:

The senders name may be one of the following:

• jerry

• bill

• smith

• jim

• sam

• james

• alex

• <random characters>

 

with one of the following domains:

• aol.com

• msn.com

• yahoo.com

• hotmail.com

• <random characters.edu>

 

Note: The worm may also use the email addresses it finds from the

local files.

 

 

 

Subject: (One of the following)

• <blank>

• Announcement

• Re: Thank you

• Thank you

• Re: Details

• Details

• Re: Approved

• Approved

• hi, it's me

• Thank You very very much

• You use illegal File Sharing...

• Your IP was logged

• Your account is about to be expired

• Love is

• Love is...

• Undeliverable message

• Re: <censored>

• Your order was registered

• Your request was registered

• Your order is being processed

• Your request is being processed

• Current Status

• read now!

• forget

• bug

• unknown

• fake

• Wanted

• recent news

• news

• stolen

• Attention

• Accident

• Schedule

• Your credit card

• Read it immediately!

• Read this

• Read it immediately

• Something for you

• For you

• For your information

• Information

• Warning

• You have 1 day left

• automatic notification

• automatic responder

• Notification

• Expired account

• Your account has expired

• Important

• Readme

• Read this message

• please read

• please reply

• Registration confirmation

• Confirmation

• Confirmation Required

• Returned Mail

• hello

• hi

 

 

Message: (One of the following)

• You are bad

• Take it

• Reply

• Please, reply

• Information about you

• Greetings

• See you

• Here it is

• We have received this document from your e-mail.

• k*ll the writer of this document!

• Something about you

• I have your password

• You are a bad writer

• Is that yours?

• Is that from you?

• I wait for your reply.

• Here is the document.

• Read the details.

• I'm waiting

• Okay

• OK

• Everything ok?

• Check the attached document.

• The document was sent in compressed format.

• Please see the attached file for details

• See the attached file for details

• Details are in the attached document. You need Microsoft Office

to

open it.

 

 

Attachment: (One of the following)

• photo

• resume

• image

• your_document

• approved

• paypal

• disc

• misc

• part3

• part2

• part4

• part1

• mail2

• object

• website

• friend

• jokes

• joke

• list

• mail

• story

• about

• money

• check

• product

• notes

• note

• information

• textfile

• posting

• post

• stuff

• attachment

• creditcard

• details

• body

• message

• test

• data

• file

• text

• readme

• document

• doc

• msg

• <some randomly letters>

 

with one of the following extensions:

• .exe

• .scr

• .com

• .pif

• .bat

• .cmd

 

 

The attached file may have two extensions. If it does have two, the

first extension will be one of the following:

• .doc

• .htm

• .rtf

• .xls

• .jpg

• .gif

• .png

• .txt

 

followed by 40 to 159 spaces.

 

The second extension, will be one of the following:

• .exe

• .pif

• .scr

 

Notes:

• There is a 40% chance that the worm may send a .zip file as an

attachment. This is an actual .zip file that contains a copy of the

worm, sharing the same file name as the .zip. (For example,

details.zip can contain detail.exe.)

• If the worm has an extension of .exe or .scr, the file will be

displayed with the following icon:

 

 

 

For all the other file extensions, it will use the icon for that file

type.

 

 

-Additional Information:

This worm is another variant if the W32.Mydoom virus.

 

Please Download And Update The Latest Virus Definitions/Signatures For

Your Anti-Virus Program A.S.A.P!

 

------------------------------------------------------------

 

Please Forward This Email To Your Friends And Colleagues To Notify

Them Of The Current Outbreak Situation And Help Them Secure Their

Computers. Thank You!

 

To Receive Instant Email Alerts Like This, Please Visit And Sign Up

With Our Group!

 

C.S.A

http://groups.yahoo.com/group/CyberSecurityAlerts

[jackowel04]

tanong ko lang po...anu po ba ang pwedeng solution kapag ang isang credit card holder and user ay di nakabayad sa maraming kadahilanan na dala na din ng pagkawala ng trabaho? Ngayon nagfile sa isang law firm ang creditor pero nanghingi ka naman ng paumanhin o sumulat lang para ipaalam sa nagyari, maari ba nilang gamiting batayan na ikaw ay nangloloko o tinatakasan mo ang creditor? ito po kasi ang kasalukuyang problema ng kaibigan ko, pinadalan siya ng law firm ungkol sa reklamo ng creditor niya. intayin ko po sago nyo...

[bonito99]

jackowel: based on your story, magiging simpleng civil case yan for collection of money. Kumbaga, ang habol nila sa inyo ay magbayad lang ng utang. Hindi ata papasok yan na estafa o panloloko.

Ang solusiyon diyan ay dapat din bayaran ng utang, maski pa-konti konti.

[freelicker]

Note that you cannot be imprisoned for non-payment of a debt. Mere default on the payment of the loan does not consitute estafa. The worse the collection agency can do to you is to harrass you or try to "destroy" your credit image (thereby making it more difficult to apply for a loan daw). But I agree, the only solution is to settle the amount so that you don't have to be bothered by the hounding collection agency. Sorry.

[jopoc]

tanong ko lang po...anu po ba ang pwedeng solution kapag ang isang credit card holder and user ay di nakabayad sa maraming kadahilanan na dala na din ng pagkawala ng trabaho? Ngayon nagfile sa isang law firm ang creditor pero nanghingi ka naman ng paumanhin o sumulat lang para ipaalam sa nagyari, maari ba nilang gamiting batayan na ikaw ay nangloloko o tinatakasan mo ang creditor? ito po kasi ang kasalukuyang problema ng kaibigan ko, pinadalan siya ng law firm ungkol sa reklamo ng creditor niya. intayin ko po sago nyo...

someone here had the same prob, i hope you can just find the advices already given to him.

[TeeUp]

someone here had the same prob, i hope you can just find the advices already given to him.

page 97 bro.........

 

re: vvv

[xcalibr]

Hi! I need your help. Everytime I launch outlook express, this error appears:

 

msimn.exe has generated errors and will be closed by Windows. You will need to restart the program.

 

How can i resolve this.

 

Thanks

[xcalibr]

hi!

 

my grandfather has been a municipal trial court judge. he passed away 2 years ago, are their benefits that the heirs can claim like from gsis? i have heard that there are benefits from supreme court or ibp? is this true? any information about this?

 

thanks

[strutbar]

question lang po ng friend ko sa kabilang site....

 

" Ano bang policy sa company nyo for resignations with notice less than the allowed number of days? nasa labor code ba ito? meron ba silang pwedeng gawing legal action against me kung magresign ako with my notice less than the number of days required? Policy kase dito is 1 month pero kelangan ko nang magresign agad kase for immediate requirement yung lilipatan ko. 10 days notice lang ang nabigay ko e. salamat po "

 

then...

 

"concerned lang kase ako baka nasa labor code sya tapos the employer might decide to take some legal action against me....

 

Ang sabi ng HR, ibabawas nalang daw nila yung kulang na number of days sa final pay ko. Can they do that? Ayaw nilang pagamit yung mga natitirang mga Vacation and sick leaves ko (By the way, automatic convertible to Vacation leaves and sick leaves namin pag hindi nagamit after the year) para ma-compensate yung remaining number of days prior to my resignation date. Im willing to train the new ones naman, even on saturdays and sundays. Ewan ko nga kung bakit nila ako iniipit ng ganito.... "

 

and......

 

" ayaw nila ako bigyan ng terminal leave e... Actually, ok naman ako sa HR, its my boss (the president) who doesnt even acknowledged my resignation. Yung kasama ko 1 week earlier nagfile ng resignation, the same day nag-reply yung boss ko ng acknowledgement nya for the resignation. Naka hold na nga salary ko for february kahit March 10 pa ang resignation ko as per order by my boss daw. E yung iba namang kasama ko naibigay naman yung salary nila for the first payweek. Normally yung March 1 to 10 lang dapat ang nakahold. Di ko alam e, kasi tuwing ino-open ko sa boss ko yung tungkol sa resignation ko e iniiba nya ang topic..... Ang gulo e... Ayoko naman magkaroon ng bad record since this is my first job. Wish ko lang ma clear na ito.... "

 

 

ano po ba ang say nyo dito mga LAW gurus....

[xcalibr]

hi!

 

my grandfather has been a municipal trial court judge. he passed away 2 years ago, are their benefits that the heirs can claim like from gsis? i have heard that there are benefits from supreme court or ibp? is this true? any information about this?

 

thanks