Let me clarify...
I am as certain as I can be that the Codeflood Trojan originated from your IRC channel (If you check back in this thread, it would seem that I am not alone in the receipt of malware from this channel).
I request once again, that if you maintain any logs that you inspect them. It's a simple enough request.
"Prove it" is the mantra of the guilty or the idle - you already are aware of the fact that my logs do not extend back as far as 28/07/03. Also worth considering, is the fact that this trojan gives COMPLETE system control - thus any logs present are effectivley rendered useless unless I submit my PC for expensive and costly forensic examination.
As I've already stated - this is my home system - used for leisure only. Although it is due for a reinstall and lockdown when it's placed behind a router when my 2nd PC arrives next week. At present, it's only protection is a software firewall with certain services restricted or disabled.
Fact is, you have some fool on your IRC channel who thinks this is funny. Whoever that is will continue to see this kind of thing as good fun as long as you ALLOW them to.
As per your comments, I'm surprised that you do not appreciate the chronology of this thread. My FIRST suspicion was directed to this site. This has been subsequently revised as I have investigated this issue.
I'll state now, I categorically RETRACT any accusation pertaining to this site being involved in the distribution of malware (if thats what it takes for you to understand). Someone is having fun on your IRC channel at your expense - obviously it is too much to ask for you to look into this.
I have investigated as well as I can do given the truncated nature of my logs. I ask now that you at least extend the same courtesy instead of attempting to discredit any legitimate concerns of your user base.
If you would rather ignore this issue, than allay the concerns of your users then so be it. Delete my account and pretend none of this happened. I'm sure this would suit you better.
Consider this possibility.
Someone is infecting visitors to your IRC channel with malware for conducting DDoS attacks. If such an attack is executed on a large scale, are you confident that you won't attract attention from the authorities? If you do, how will you convince them that it was a user, not an Op who had abused your resource? I would imagine that you maintain server side logs of all IRC activity. Or perhaps you don't? You tell me.
Lets just hope that the above scenario is hypothetical only and that the distributor of this trojan is only doing so out of bordeom and not to orchestrate any kind of large scale action.
At this juncture I'm disappointed with the attitude to what is clearly an abuse of your resources. The positive feedback I was hoping for isn't here.
|