[aclug-L] Re: WeatherLab virus

[Anne McCadden <ironrose@xxxxxxx>]

Your birthday isn't very secure because someone could easily find out 
what your birthdate is.  You also shouldn't use your nickname, pet's 
name, a standard dictionary word, etc.  Crackers normally attack with a 
script that runs a dictionary check and in different languages, then 
various configurations of your name, address, nickname, spouse's name, 
birthdate, address, SS#, abcd, xyz, and anything else that would be easy 
for you to remember.  5-6 character passwords can be cracked in about 30 
minutes.  Passwords need to be atleast 8 characters, a mixture of upper 
and lower case letters, numbers and special characters in order to be 
secure.  Most of my passwords are 12-15 characters long and need to be 
changed atleast every 3 months.

Do I sound paranoid?  Yes, a little.  I know some former(?) hackers and 
I also know that there are people out on the internet with more time on 
their hands than they know what to do with.  It is a puzzle game and a 
challange to them to crack your password, some even leave text files 
that let you know that they have been in your system.  ~Anne

Robert Bottorff wrote:

>what do security minded types think
>of using your birthday as an email address?
>
>how about a password?
>
>robert bottorff
>robotto@xxxxxxxxxxxx
>
>p.s.
>wow, was that pgp key signing 4 years ago already?
>i think only 4 folks traded keys that night.
>clint, jon hall, me and another guy.
>
>David Carmichael wrote:
>
>>Reply to:
>>
>>>On FYI-2:
>>>I "really" use abcjr@xxxxxxxxx, and have since December of 1999.  I do
>>>have to say that I find your "logic" behind placing e-mail addresses in
>>>your "spammers" filter quite "amazing".
>>>
>>
>>Not if you had any idea the amount of spam / virus infected emails that I
>>get!
>>
>>It seems that every time I post a message in any 'Newsgroup" I receive about
>>50 to 100 junk/spam/virus mails the next day.
>>
>>And since many of the messages come from the same servers I just found it
>>easier to trap the "@xyz.com" of any email address in the related message
>>and add it to my filter... which sends back a nice little message asking to
>>have my email address removed from their address book listing... and if they
>>got the anti-spam message by mistake how to reach me.
>>
>>--David
>>
>>
>>
>>----- Original Message -----
>>From: "Arnold Cavazos Jr." <abcjr@xxxxxxxxx>
>>To: <discussion@xxxxxxxxx>
>>Sent: Thursday, November 14, 2002 3:20 PM
>>Subject: [aclug-L] Re: WeatherLab virus
>>
>>
>>
>>>David,
>>>
>>>On FYI-1:
>>>It is reall easy to track down what EarthLink customer that
>>>e-mail came from if one had access to EarthLink's radius logs.  But
>>>it appears that you have mistaken me as an EarthLink employee, and I
>>>haven't been one of those since Feb 2 2001.
>>>
>>>On FYI-2:
>>>I "really" use abcjr@xxxxxxxxx, and have since December of 1999.  I do
>>>have to say that I find your "logic" behind placing e-mail addresses in
>>>your "spammers" filter quite "amazing".
>>>
>>>--
>>>abcjr
>>>
>>>
>>
>>
>>-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
>>visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
>>
>>
>
>
>-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
>visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
>
>


-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi