Security vendors have reported several new variants of the worm infecting PCs running Microsoft’s Windows 2000 operating system. Groups of virus writers are competing to cause the most damage, according to one security company, although the worm appears less severe than some first feared.
Experts See New Variants of Windows 2000 Worm
115 Comments
2005-08-17 7:18 pm
Anonymous
I work for the federal government and we have been down all day! They had to cut off our network link so we would not get infected!
This is crazy! Ms should be sued for this mess! People are loosing Millions and Millions of dollars a month spending money on things of the nature. I mean we had 3000 users off line (No internet, no email) all day long!
When will people get tired of this and demand better quality!
I mean I hate virus writers but they didn’t put the holes in Windows, they just took advantage of it. It’s like someone robbing a bank if the door was left open. Yea the bank robber should go to jail for stealing, but the bank employees should be fired etc for leaving the door open!
The sad part is that people can even compare things like Linux to Windows. When Microsoft has 40 Billion in the bank and makes more a quarter then all Linux companies combined make in a year! Oh yea that is right, Microsoft focuses on bells and whistles and not security. And we accept that just like people accepted Bush saying there were weapons of mass destruction and now that none have been found, no one is even mad.
Sad, sad.
-
2005-08-18 6:19 am
jayson.knightPoor poor poor network architecture on your part then. Seeing as you’re gov’t, I’m not surprised.
2005-08-17 7:20 pm
Anonymous
A lot of CNN video stuff is done on Powerbooks and in house on PowerMacs, the question was raised if the remaining computers were all Mac’s would the company have suffered like they did.
IT’s response was, if Mac’s were the majority then hackers would target it.
Of course if anyone really familiar with operating systems knows Mac OS X is built on the worlds most secure operating system with a track record of decades of reliability and security.
Even earlier versions of Mac OS were remarkably secure, but M$? 21 years of insecurity, almost 100,000 viruses, worms and trojans.
Again IT is defending shoddy Microsoft instead of recommending a solution that prevents this sort of disaster from ever occurring again. But people are not believing the lies anymore. They see Mac OS X with no viruses and they question why?
Lets face it guys, Windows and Microsoft are obsolete.
Mac OS X for the rank and file, Linux for customization and the hardcore geeks.
It’s the only way!
-
Anonymous
OS X is hardly “the most secure OS in the world”. I would say probably OpenBSD is near the top — but OS X? Hardly. My “disclaimer” is that I use OS X and love it, but it’s nowhere near being a temple of security.
@Anonymous: Thousands of Linux boxes are hacked every day. Take a look at any of the high-traffic web site defacement sites, and you’ll see that the majority of web servers broken into are running Linux. Linux is also not a temple of security. Don’t pretend that it is. If you’re still not convinced, take a look at the number of kernel vulnerabilities in 2005 alone — they far surpass OS X or Windows vulnerabilities for this year. And that’s just a kernel vs. a whole OS.
@Other Anonymous: Right, they had to shut down your network link … and that’s why you’re posting on OSNews?
-
Anonymous
The majority of websites run on Linux so it’s hardly surprising that the majority of hacked sites are running Linux. Besides, it’s rather likely that the vector is the web stack rather than Linux itself, especially the accident-prone PHP, in the form of the one of many insecure and half-baked forum or content management systems out there.
-
2005-08-17 11:24 pm
Moulinneuf“OS X is hardly “the most secure OS in the world” ”
Your right the most secure is GNU/Linux , thats why its on super computer in defense dep , and BSD’s are being replaced by it in other field.
The point is ANYTHING is more secure by gazillion of miles over Microsoft products.
“Thousands of Linux boxes are hacked every day.”
No. Feel free to give your examples. Clearly only 10 will suffice.
“Take a look at any of the high-traffic web site defacement sites,”
The thing is they dont hack the GNU/Linux server for defacement they attack the utilisty Server beeing runned on it ( PHP , ZOPE , etc … )
“and you’ll see that the majority of web servers broken into are running Linux. Linux is also not a temple of security. ”
Actually the majority of webserver beeing broken into everyday are Microsoft by 10 000 to 1 everyday.
” take a look at the number of kernel vulnerabilities in 2005 alone”
Ha ok , the overall vulnerabilities on all GNU/Linux systems , its not the same thing as exploited vulnerabilities , GNU/Linux have people who find flaws and patch them because the code is open , the actual number of threat is less then 10.
“they far surpass OS X or Windows vulnerabilities for this year.”
Exploited no , found and fixed due to access of the code and befor ethey can be used and exploited yes.
“And that’s just a kernel vs. a whole OS.”
No thats all of GNU/Linux vs what some people on NDA found.
“Right, they had to shut down your network link … and that’s why you’re posting on OSNews?”
All day for some people is 9 to 5 …
Now to make it clear for you and your little friend , there is less exploited vulnerabilities in GNU/Linux and more are found or patched because more eyes and developper can test it and look at it , how many people can say here that they worked on Microsoft code directly …
So far when GNU/Linux is discussed its one website , when its Microsoft its 1000 + and yet its suppose to be exactly the same …
-
Anonymous
“The thing is they dont hack the GNU/Linux server for defacement they attack the utilisty Server beeing runned on it ( PHP , ZOPE , etc … )”
Technically that’s exactly the same as exploiting ASP (or other language/application server) programming flaws in an IIS site.
“Actually the majority of webserver beeing broken into everyday are Microsoft by 10 000 to 1 everyday.”
As much as I dislike Microsoft that figure is entirely fictious. Just check any defacement archive, like zone-h, for more accurate figures.
“Ha ok , the overall vulnerabilities on all GNU/Linux systems , its not the same thing as exploited vulnerabilities , GNU/Linux have people who find flaws and patch them because the code is open , the actual number of threat is less then 10.”
And you arrived at the number “10” exactly how?
“Now to make it clear for you and your little friend , there is less exploited vulnerabilities in GNU/Linux and more are found or patched because more eyes and developper can test it and look at it”
There are less exploitable vulnerabilities but more are found? Huh? Are there less or more?
-
2005-08-18 11:55 am
Ronald VosYour right the most secure is GNU/Linux , thats why its on super computer in defense dep , and BSD’s are being replaced by it in other field.
As far as I know, agencies like the NSA run several operating systems, but the Linux version they use is Security-Enhanced Linux. SELinux is Linux with a completely different security model put in place of the old. So..is Linux secure enough by default?
-
2005-08-18 2:29 pm
raver31yes it is secure enough by default… in a way..
SELinux has security enhancements indeed…. but they are mostly that LOCAL users cannot make changes to system files in the policies.. even root cannot inadvertantly make changes.
-
Ronald Vos
MS might have 21 years of insecurity, but don’t forget the first computervirus out in the open was an Apple II virus
2005-08-17 7:24 pm
Anonymous
First off MS had 40 Billion in the bank and should be using that to make their products better (Not happening)
On top of that I am still waiting for the day that 1000’s of linux machines are taken down in one swoop. Has not happened yet. (Oh but there are soooo many more Windows machines then linux machines) 80% or more of the web sites on the net are hosted on Linux. If you wanted to make a big show then you would target those and take them down! People would notice!
But that does not happen cause it’s not as easy.
Yes MS has auto update, and you would be a FOOL to have that running on your servers (Or even your desktop to be honest) lets look at the 2000 rollup that just came out. People who auto installed it now have to remove it and reinstall an update cause the rollup could mess up your machine! So auto update at your own risk. Ether the worm will get you or the patch. LOL! Ether way you will be down.
Any smart sys admin would test first then patch. That is standard practice.
2005-08-17 8:04 pm
seratne
Anyone ever think that since Microsoft is probably not happy that most users are still on Windows2000 and 98, that they might have had an influence on this?
Yes, they issued a patch, but how many mom and pops actually patch their computers? Maybe they made it a little too easy for the worm writers to create this?
2005-08-17 8:24 pm
2005-08-17 8:28 pm
Anonymous
“@Anonymous: Thousands of Linux boxes are hacked every day.”
Yeah, just like thousands of Windows boxes are hacked every day. But hackers isn’t the issue. It’s malware, and MS with its 10,000 man Windows division can’t seem to stop the leaks. They can’t even inform people of the dangers of running as Administrator, and they ensure that the anti-virus companies get richer. As for their being more Linux kernel vulnerabilities, that would be that they know of. Not even MS knows how many holes are in Windows and they sure as hell don’t let anybody else look.
-
Anonymous
As I’ve stated before, all it takes to prevent a worm infection is a firewall. It doesn’t even have to be a good firewall — just anything that blocks incoming connections. That’s it.
Mind telling me how I’ve never had a virus, spyware, or worm infection on my XP system for as long as I’ve been using it? (Since before XP went gold)
-
Moulinneuf
1) You have almost no clients.
2) No one communicate with you, or your websites.
3) your not that interesting with your one computer online.
etc …
“As I’ve stated before”
And whas proven wrong , those financial and Media site have complete 10k + hardware Firewall. Not talking about the Linksys or other small brand at best buy here …
“all it takes to prevent a worm infection is a firewall. ”
I wonder why Microsoft is not hiring you in there Technical division … they must like you too much in that other division 😉
“It doesn’t even have to be a good firewall”
Your refering to the one Microsoft just added to there OS ? 😉
“just anything that blocks incoming connections. That’s it. ”
Ok , genius , provide your solution in detail ( hardware and software and peripherics in details ) , no seriously you could have found the way , no one millions of time more smart then you havent but hey your the Genius right …
“Mind telling me how I’ve never had a virus”
Would be fun to have a security expert do a check on your hardware.
“on my XP system for as long as I’ve been using it? (Since before XP went gold)”
My take is your really infested and full of everything you just dont know you do.
I have asked that you provide :
CPUZ and now adding PC Wizard , output of your hardware and complete system.
http://www.cpuid.org/software.php
Belarc advisor :
http://www.belarc.com/free_download.html
Everest :
http://www.lavalys.com/products/overview.php?pid=1&lang=en
Just for fun also run :
and
Adaware and or spybot search and destroy.
Or just provide your adress I will send an UPS guy to pick up that magical machine of yours for testing.
2005-08-17 8:30 pm
Anonymous
Is to miss one patch, to be away when MS releases it and you’re screwed. Far too easy to take down Windows.
2005-08-17 8:40 pm
Anonymous
Weren’t they focused on security? Enterprise ready operating system my ass. A Vax running an unpatched 4.3BSD from the early ’90s is way more secure than the proprietary Microseft Windows 2000/XP piece of shit system.
2005-08-17 8:47 pm
Anonymous
I agree. All it takes is to download free firewall (1mb). If you are on the broadband then $15 hardware router is good solution too.
-
2005-08-17 8:53 pm
cajunman4lifeI’ll second the notion of having a hardware firewall. I’ve never had problems since I installed it years ago.
2005-08-17 9:29 pm
Anonymous
you know the drill: patching, patching, patching… thanks to Microsoft spending their money on hyping their crappy Windows OS rather than hiring more developers and testers. thank God i use Linux.
2005-08-17 9:45 pm
ricsip
Firewall wont protect you, if some people connect their laptop to the local network behind the router/firewall (which assumes that local network can be “trusted”)
-
2005-08-17 10:10 pm
Anonymous
“Mind telling me how I’ve never had a virus, spyware, or worm infection on my XP system for as long as I’ve been using it?”
Well, I guess I’d have to just take your word for it on that, since almost any Windows user who spends any amount of time on the internet is just about guaranteed to get some malware. Guess you’re special. For our own part, we have the firewall on, keep the machine patched religiously and have Norton Corporate Edition running and we still get spyware. If running as an ordinary user is the only way to prevent malware, then MS should require people to set up user accounts when booting up Windows the first time.
But more to the point while you can claim it’s your smarts that you keep you free of malware, that doesn’t really address the problem that a large percentage of the Windows using population is having. Afterall, if you have to be a computer wizard like yourself to keep Windows clean, then it’s certainly no better than Linux which already has the “experts only” label.
-
Anonymous
It requires 5 minutes of education, and a proper setup. That means an alternative browser and hardware/software firewall. I spent 5 minutes explaining to my brother never to run anything he received in e-mail or over MSN, and never to download anything but MP3 and movie files off Kazaa.
He’s been spyware-free for a year, and he uses his computer for hours every day. It doesn’t take genius.
-
Moulinneuf
“It requires 5 minutes of education”
Its a known fact that Microsoft security experts are given full creditation after 5 minutes.
“and a proper setup.”
To bad your not sharing that proper ** Magical ** setup.
“That means an alternative browser and hardware/software firewall. ”
All of those dont come included with Microsoft products by default … sadly. In most case its not enough either.
“I spent 5 minutes explaining to my brother never to run anything he received in e-mail or over MSN, and never to download anything but MP3 and movie files off Kazaa. ”
So this guy dont have anti-virus , no anti spyware , and as not upgraded is XP machine in a year ? Sorry to say he is infected …
“spyware-free for a year,”
According to you … Bu what can I say he has the ** Magical ** setup , with the Decent brand name hardware …
-
2005-08-18 12:35 am
MegaManXcalibur“and never to download anything but MP3 and movie files off Kazaa.
He’s been spyware-free for a year, and he uses his computer for hours every day. It doesn’t take genius”
Don’t get me wrong here but doesn’t Kazaa come with a whole load of spyware? So your statement that he’s spyware free while using Kazaa seems rather hard to believe.
2005-08-17 10:39 pm
Anonymous
I do actively browse every day on my w2k box and i’ve never got any malware. I only have firewall running, no antivirus, no antispyware. What I’m doing wrong?
2005-08-18 12:03 am
-
2005-08-18 12:18 am
-
2005-08-18 5:28 am
re_relinux is secure
More secure than free BSD…. Heh…. i think not
It all comes down to the administrator, i think BSD is ever so slightly more secure than linux…… but more secure none the less.
-
-
2005-08-18 12:26 am
Anonymous
Hey man are you serious in your posts? Any pc assembled with brand name parts will run windows xp absolutely stable, there is no need to get the LiP pc configuration to say that 
2005-08-18 2:00 am
Anonymous
I spent 5 minutes explaining to my brother never to run anything he received in e-mail or over MSN, and never to download anything but MP3 and movie files off Kazaa.
He’s been spyware-free for a year, and he uses his computer for hours every day. It doesn’t take genius.
———————————————————————- ———————————-
Now here is an interesting link:
http://www.aunty-spam.com/archives/2004/12/31/mpaa-contractor-infec…
“Overpeer, a division of Loudeye, Inc., has been caught putting infected files on peer-to-peer filesharing networks, and putting attractive and likely sounding names on the files in order to induce users to download the files.
Thinking that they are downloading their favourite songs or other media files, the users only too late discover that the files actually contain pop-up ads, install spyware, open multiple pre-populated Internet Explorer windows, or some combination of the three.”
So not only do you encourage piracy, but your family members system can already be infected with spyware.
“It doesn’t take genius.”
No it doesn’t; but staying upon information takes time and persistance. Now how about scanning your family members machine. Sounds like your going to be a tad bit busy.
-
Anonymous
My brother is smart enough to differentiate between Some_Song.mp3.exe and a real MP3. You have to be a real effing idiot to download a file with a .EXE extension and think it’s a song. So no, he doesn’t get fooled by the RIAA crap.
As for Kazaa … have you people ever heard of Kazaa Lite? Geez.
@Anonymous: I was pointing out that using Linux does not automatically make you invulnerable to hacking. Who cares if you’re running the Linux kernel underneath it all if you’ve got 5 vulnerable services/applications running on top of it? Your box is going to get owned regardless.
2005-08-18 2:11 am
Anonymous
“@Anonymous: Thousands of Linux boxes are hacked every day. Take a look at any of the high-traffic web site defacement sites, and you’ll see that the majority of web servers broken into are running Linux. Linux is also not a temple of security. Don’t pretend that it is. If you’re still not convinced, take a look at the number of kernel vulnerabilities in 2005 alone — they far surpass OS X or Windows vulnerabilities for this year. And that’s just a kernel vs. a whole OS.”
Ummmm, and how many times were peoples networks taken down. yea sites get defaced on linux servers, and on BSD servers and on Windows servers. Most of the time those are PHP (Which is not Linux) And Apache issues. I could say the same for Windows Web Servers running iis and ASP also. The difference here is HOW many Linux webservers get taken down totally? Hummmm. If it was such a BIG problem then people would use something other then Linux!
“@Other Anonymous: Right, they had to shut down your network link … and that’s why you’re posting on OSNews?”
Ummmm duh, I used my TMobile Blackberry to post on the site. What does the link being down have to do with me posting on the site?
I mean no matter how you look at it. No matter if Windows is better then Linux or not! MS has 40 Billion in the bank, Windows is SUPPOSED to be better! There is no excuse! That is like saying that a Rolls is better then a Ole School Volkswagon bug! It’s supposed to be! A Rolls costs 350,000! Yet in day to day use the VW will outlast the Rolls no problem! Yea if you BABY SIT your Windows (Like you pamper a Rolls) machine and have a firewall so tight you can’t even look at videos, and 2 or 3 spyware apps and Virusscan here and there! Yea it better work!
While the Linux machine is more like the VW, if you baby it, it will last MUCH longer, much better! But if all you do is change the oil! It will still last and last and last! It won’t let you down!
MS should be ashamed of themselves putting out JUNK!
2005-08-18 2:46 am
Anonymous
“Don’t get me wrong here but doesn’t Kazaa come with a whole load of spyware? So your statement that he’s spyware free while using Kazaa seems rather hard to believe.”
Yes, Kazaa does come with a bunch of spyware/adware.
http://www.tech-faq.com/remove-kazaa-spyware.shtml
“Spyware and AdWare applications that KaZaA installs include Cydoor, GAIN, Gator, eUniverse, MyBar, SaveNow, and WhenU”
More on Kazaa:
http://www.imilly.com/kazaa.htm
http://www.iamnotageek.com/a/187-p1.php
So, I guess that he hasn’t been spyware free for a year. I guess it does take a genius or someone with average intelligence. Who knows??
2005-08-18 3:12 am
Anonymous
OK, I work for a large corporation. Begins with ‘H’, ends with ‘well’. This worm shut down our entire building today. We had to send first shift production home. Most / all of the engineering staff was useless. Now my real point. 99% of virus problems are ordinary users doing stupid things with email/attachments. This one infected everyone who simply was connected to the building net, (which was everyone). If this virus had one minor mod where is propogated itself, say 5 times, then scrubbed the hard disk, then this would be a HUGE issue. Everyone’s computer would be toast. No one did anything wrong. This virus was merely annoying in the grand scheme of things. If this virus had wiped the harddrives of all users and building servers, then maybe this insecure M$ crap would finally get the attention it deserves at the top level IS departments. This is simply unacceptable….
2005-08-18 3:41 am
Anonymous
This is simply unacceptable….
Amen bro. I feel the same way. This thing messed up my work something fierce too. We had half the machines in the building rebooting this morning when we came in. It was a mess.
The real question is what do we do about it ?
Move to another platform ?
What other platform ?
We run a ton of custom database software, we have inhouse Outlook addins that we use for automating all sorts of company functions.
I mean there is not another viable platform for us unless we want to spend more time/money then losing a day once in awhile to an exploit that we have to patch.
The company did a pilot program with linux 6 months ago and in the end they decided it was not ready and/or worth it for us. Sure we run UNIX on the backend and have for years but the computers everyone interacts with daily are windows machines and will remain that way even with stuff like this happening.
2005-08-18 5:27 am
Anonymous
I mean, don’t use Internet Explorer and run either a hardware or software firewall (preferably both) – what is so damn hard about that? I mean, software firewalls are free for God’s sake. Who are the dumbasses that are leaving their Windows machines online wide open?
2005-08-18 11:24 am
Anonymous
Why? So people want/have to use Linux … it’s just an annoying ploy by those idiots to make people feel forced to using Linux. Windows 2000 is a perfectly good OS, it’s one of the best OS’s I’ve ever used to tell you the truth and no amount of viruses is going to make me switch OS because some 12 year old feels like no one should be using Windows because it is “t3h suX0rz”.
PS: I’m by no means accusing the Linux community, just to clear things out.
2005-08-18 11:27 am
Anonymous
Hey, think about it. Many of you, SysAdmin are having a job only because it’s SO EASY to have server farm with Microsoft Windows.
If Windows was SO EASY, 100% SECURE and 100% STABLE, you would not be working 40+ hours a week and getting good money to do so.
I KNOW it’s not a good way to see this problem, Worm, Virus and malware/spyware are the real JUNK of the Net and Windows should be more secure. Linux is, Mac OS is so why not Windows?
But then again, I look at my paycheck and i’m happy that because of Microsoft, i’m having a job…
2005-08-18 11:40 am
Anonymous
Win2k being my favourite Windows Os I am not that pleased it got hit by this thing.
At the same time admist the negativity about virus writing,I say kudos to them.If they weren’t around who knows under which rock modern computing would have been stuck under.
Face facts these things push for improvements in the industry.And if you want to argue they are just nefarious despots which the world dont need to indulge us all in a utopic experience then you should think again.
Utopia means we wont have needed computers in the first place.
-
2005-08-18 12:43 pm
Soulbender“Face facts these things push for improvements in the industry.”
That’s absurd. What improvements? They’re not exactly finding new bugs or anything, just exploiting well-known flaws and/or people’s ignorance.
That’s like saying murder is good for the society as a whole if it causes advances in forensic science.
-
Anonymous
“That’s like saying murder is good for the society as a whole if it causes advances in forensic science.”
Apples and oranges and you know it.In principle your argument sounds good but pragmatically its not.Similarly I could debate why drive cars when they just muss up the environment.Why do this, why do that.
Which do you prefer?Incremental advances of society in response to INEVITABLE REALITIES or fallacied ignorance leading to TOTAL CATASTROPHE?
Its not a desire but reality of life.Thats like a promise of some mumbo jumbo healer of a stress free existence.When its proven small amounts of stress are actually a stimulant for better overall health.
-
Anonymous
One more thing.What I am talking about is in the science of heuristics.Thats where the improvments are.
2005-08-18 12:31 pm
2005-08-18 12:50 pm
Anonymous
> As far as I know, agencies like the NSA run several
> operating systems,
Which seems like a good strategy to me, as it prevents any single bug form affecting the whole lot to much. On the other hand this maybe harder to manage, although things like GNU Cfengine exist: http://www.cfengine.org/
> but the Linux version they use is Security-Enhanced
> Linux. SELinux is Linux with a completely different
> security model put in place of the old.
Which is part of the mainline Linux 2.6.x kernel series and even distros like Fedora Core.
> So..is Linux secure enough by default?
This is an unanswerable question: “secure enough by default” in what configuration, and to be used for which purpose … ?
IMO however is _it_ generally preferable over MS-Windows.
-
Ronald Vos
> but the Linux version they use is Security-Enhanced
> Linux. SELinux is Linux with a completely different
> security model put in place of the old.
Which is part of the mainline Linux 2.6.x kernel series and even distros like Fedora Core.
That SELinux is derived from 2.6 doesn’t take away that the NSA deems Linux’ normal security model insufficient for their needs; hence my objection to claiming Linux is the most secure because the NSA is using it. Linux ‘on average’ isn’t.
Anyway, for further info for others:
http://www.seifried.org/security/os/20011107-linux-openbsd.html
http://www.seifried.org/security/os/20011107-openbsd-linux.html
-
Moulinneuf
“That SELinux is derived from 2.6 doesn’t take away that the NSA deems Linux’ normal security model insufficient for their needs”
No , its just means that they whant specific info reported and specific things more secure , and since they asked for it those improvments have gone in the main kernel branch.
“hence my objection to claiming Linux is the most secure because the NSA is using it”
Actually they are replacing all there other OS with it , not entirely because it dont make sense to rely only on one platform. so does banks , defense systems , utility systems , communication systems , even NASA , they are all group that have all the money they need to spend on what is the best , market share for them is irrelevant , security and reliance is there priority.
“Anyway, for further info for others: ”
Last updated 8/11/2001
Last updated 8/11/2001
It whas innacurate then , its even more today.
2005-08-18 1:06 pm
Anonymous
But I have enough to do just making user accounts, mail lists, setting up new users etc. I had a job when my agency was using Banyan vines as the network OS! (And Banyan almost never crashed, and never got hacked) so the notion that if Windows was better that I would not have a job is silly!
The thing here that is a fact is that MS has never put out an OS or application that was not full of holes! I mean there have been virus removing applications for MS OS’s since the DOS days! It’s just how MS is!
2005-08-18 1:11 pm
MadDwarf
OK Guys, we’ve had a nice “my box is more secure than your box” discussion, but can we get down to some details please?
According to some here, it takes 5 minutes to learn how to secure a Windwos box. Can they please take that 5 minutes to inform us so that our boxes can be secured.
Others are saying at is a bigger job. Is it possible that they can link to some articles explaining their way of securing?
Also, looking at the bigger picture, what can the average person do to help in the fight against this constant assault on our systems? There are many here saying “This is unacceptable”. If nothing is done, then it has been accepted, no matter what you say.
What can we do?
-
Anonymous
Sure.
1. Visit Windows Update, get all of the latest critical updates, including Service Pack 2 if you don’t already have it.
2. Install Firefox/Opera/whatever. Avoid using IE for general browsing (it’s required for Windows Update).
3. Double check to make sure the Windows Firewall is enabled.
4. Use some common sense and do not run the nice .PIF attachments you get, and don’t fall for BritneySpearsNude.gif.jpg.png.exe.
Step 3 is optional if you already have a hardware firewall (like a router).
I would say common sense is the #1 factor, though.
-
MadDwarf
4. Use some common sense
Oh Dear.
If we are going to have to rely on “common” “sense” then we are doomed.
I heard this one today:
“I got an email from my bank letting me know that there was a security problem. I have heard about the hackers and viruss and iID theft, so I thought I had better go and update my details”. Yes, the “Common sense” thing to do is make sure all your details are up to date, and the security people (I.E. the bank) have all the info they need.
YOUR common sense may differ, and I imagine is far-from-common.
Its not a .pif. it says quite clearly (even though I told it to hide file-extensions – this must be important to show me) it is a .jpg. They are safe yes?
And yes, I did my updates. I did them ages ago, when you first asked. Why do you keep asking ??
This email was from my friend, and I know he would not send me infected files – his 15yr old son keeps thier PCs clean.
Any more I have missed?
-
Anonymous
Yeah, I understand your points … but my comments were generally about how *I* keep my Windows systems secure, and what I tell my family. I’ve told them enough about fake e-mails and extensions that they know when something looks suspicious.
@Moul: I fail to see what the point of that entire list was. Were you showing me how Windows could be exploited, or how my computer is infected? In either case, get real … unless you are deliberately doing the equivalent of running down the street naked shouting “SOMEONE CALL THE POLICE”, the average PC is not going to be plagued by most of those problems.
I could disqualify any number of those points right now, but I, unlike you, have a real job, and am at it as we speak.
-
Moulinneuf
” I understand your points ..”
No , you dont …
“but my comments … something looks suspicious. ”
Your System is insecure and your method are known to be hackable easily , not that its not a start , but its not enough this days, I dont think it ever whas enough anyway , what will you do when there computer is overruned because your incompetent ? Sorry …
” I fail to see what the point of that entire list was.”
I know , your to incompetent to figure out that one.
“Were you showing me how Windows could be exploited,”
No , what your not protecting and is known to be taken advantage of this days , its all automatic.
“or how my computer is infected?”
No , I suspect you have some more tools your not discussing because then it would proove you where lying and that one actually need more software to be secure on a windows platform , I dont buy your arguments that your hardware is perfect , I offered a list of software that make list of whats on your *magical perfect system* , but you refuse to run them and make availaible there output here so that everyone can see easily that your full of yourself.
“In either case, get real …”
In either case your a DANGEROUS idiot , the #1 cause of penetration on a window system is Outlook , your not even discussing it. Good job …
“unless you are deliberately doing the equivalent of running down the street naked shouting “SOMEONE CALL THE POLICE” ”
Actually , what I am prooving is that your a thief , a liar and that your an incompetent too.
“the average PC is not going to be plagued by most of those problems. ”
ALL THE PC ARE AFFECTED BY THOSE PROBLEMS , its not an if anymore its a when.
“I could disqualify any number of those points right now”
No , you cant , I am sure your going to write something false to try and discredit me and what I offer which is accurate , the truth and the reality today.
” but I, unlike you, have a real job”
Please , precise what that “real job” is.
“and am at it as we speak.”
Your one of the OSnews employee or owner , thats good to know …
-
Anonymous
Shuuuuuuut uuuuuuuup already. “Thief, liar, incompetent …”. Yep. Everyone is all of those things and more to you, aren’t they, Frenchman?
Get on the clue train. I’m sorry that you can’t spend the 5 minutes educating yourself in how to maintain a Windows system.
-
Moulinneuf
“Get on the clue train”
I dont play board game with real life and I dont follow like a sheep.
“I’m sorry that you can’t spend the 5 minutes educating yourself”
I guess thats the difference between a dangerous idiot who is also a thief and a liar and someone who is a certified expert like me :
your training is 5 minute. Mine is over 10 years of certified class on 5 OS officially and 5 more un-officially and I aint done yet because new technology and new management and new teaching technique come out everyday.
“in how to maintain a Windows system.”
We are talking about your lack of comepetnce at securing Windows systems , you dont even cover 1% of whats needed for securing a windows system and now your going to claim you can maintain a complete windows system.
BTW , not everyone is a thief , a liar and incompetent. I whas refering to you L I P in this thread.
“Frenchman”
I am a real American From CANADA , I speak English and French and a litlle bit of spanish too , I can write and understand more language. I dont feel that beeing called a Frenchman by you is an insult , it just means your too stupid to learn a language that I can use.
– Moulinneuf
-
Moulinneuf
After following L I P incompetent and stupid advice , The following where found to be exploited and your machine is now hosed :
1. Outlook ( all version ) virii , spyware and trojan and adware are all installed.
2. IE Home page/main webpage as been hacked
3. Your system is infected by spyware without your knowledge ( since you dont have a spyware software
3. Your system is infected of trojan since you dont have a trojan remover.
4. You have a remote viewer and trojan which allow a hacker to see exactly what your doing.
5. IE hackers addons where installed since nothing is blocking there instalation.
6. Buffer Overflow takeover is still availaible
7. Microsoft Messenger remote service is used in the background
8. All the server system are activated and running in the background
9. Your kids or any child can go see porn as its not protected
10. You have a warez ftp on your hard drive on a hidden partition.
11. rootkit is installed and allow total control of all your computer to install and do what anyone whant with the pc ( exept yourself )
12. Since your data is not encrypted most of your information are already passed into the identity theft software.
13. The Email in your adress book as been taken and included in the spam database.
14. Forget about backing up your data , Windows dont offer real backing up tools.
15. etc … etc … etc …
Its not paranoia or FUD , its todays reality , its not if or its possible , its just a question of when.
– Moulinneuf
-
Anonymous
Do you read the stuff you write? What are you, some Jr. High student, maybe Freshman in high school at the most who was able to finally install a Linux distro since they’ve dumbed down the installs over the past few years and now think you’re all 1337 or something? I enjoyed Linux in the past when it was a freakin’ pain to install and use, so that every geek wanna be wasn’t using it and becoming the loud mouth Linux zealots that troll every story dealing with Microsoft.
2005-08-18 1:41 pm
Anonymous
Like it or not, the virus writer is seeding the evolution of computing technology. Similar to organic ecosystems, environmental change and disease eliminates or forces the evolution of species. It is pointless to blame vendors. Company’s will evolve or die based on you’re checkbook. There will never be an immune system. The future holds a better computing experience thanks to the virus writer.
2005-08-18 3:28 pm
Anonymous
I agree – stop complaining about it, and do something. The ONLY thing microsoft knows is $, so hit them where it counts – in the wallet. Stop buying their products, stop using their products. Use an alternative OS – tons of them out there, you pick. Dont’ buy a machine with windows on it (I usually call support before buying and make SURE no windows is on it, and they’re not charging me for any ms product). Complaining about it and being complacent will not change a thing. Act NOW!
2005-08-18 8:06 pm
Anonymous
MadDwarf PIF is short for Program InFormation file, a type of file that holds information about how Windows should run a non-Windows application. For example, a PIF file can contain instructions for executing a DOS application in the Windows environment. These instructions can include the amount of memory to use, the path to the executable file, and what type of window to use. PIF files have a .pif extension. Also never send any valuable information through e-mail. Or click on a link inside the e-mail to send valuable information. Just go to the offical web site to update the information if you have to.
-
MadDwarf
My sarcasm must have fallen off the post before it crossed the pond.
I was trying to show what “common” “sense” can come up with, and that it will in no way protect you.
“[never] click on a link inside the e-mail to send valuable information. Just go to the offical web site to update the information if you have to.”
Isn’t it convenient that the email i recieved has a link to the Official website! http://www.m1cr0s0ft.com .
2005-08-18 10:39 pm
Anonymous
Where do you get Outlook causing a lot of problems if you have Preview Pane turn off? In the past it was always turn on that was why virus was so easy to have but now MS has fixed that problem. Also if you have antivirus it should scan each email like mine does which is AVG and it’s free.
-
Moulinneuf
“Where do you get Outlook causing a lot of problems”
There is a reason why Outlook is banned from use on network in many company and that they are using Netscape/mozilla/firefox , eudora, Just ask a certified security expert ( beside me ) to give you a list of how insecure Outlook is.
“if you have Preview Pane turn off?”
Thats only 1 problem with outlook.
“In the past it was always turn on that was why virus was so easy to have but now MS has fixed that problem.”
No , simply put they made you believe *that* whas the only problem , Outlook as problem with messenger integration , as problem with hidden file , as problem with remote take-over hacking code , as problem with tml exploit , with adress book and mailing list protection , with automatic sending , with outlook sending server , etc …
“Also if you have antivirus it should scan each email like mine does which is AVG and it’s free.”
Antivirus dont catch everything and they dont fix the Outlook softwares flaw. How is your anti-virus going to protect you from trojan its not even looking for them.
-
Anonymous
Antivirus dont catch everything and they dont fix the Outlook softwares flaw. How is your anti-virus going to protect you from trojan its not even looking for them.
That’s why you used a firewall. Microsoft is not going anywhere. People still used Windows and not get any viruses and or worms or trojans. I havn’t had a virus in seven years or a trojan for that matter. You’re being a little too causiously. Why stop there, why don’t we stop using cars or airplanes because we might get killed using these transportation.
-
Moulinneuf
“That’s why you used a firewall.”
Firewall dont block trojan.
“Microsoft is not going anywhere.”
Actually its going the way of Apple and of IBM before them.
” People still used Windows and not get any viruses and or worms or trojans. ”
Only in there dreams.
“I havn’t had a virus in seven years or a trojan for that matter.”
How would you know ? Seriously all you have is Windows + firewall + antivirus if thats all you got and are using , then I can make a bet with you just provide your computer and will run some Trojan remover , adaware remover , and pest remover, if nothing is found I give you a 1 000$ USD ( one thousand USD ) check , since your machine is clear and without it its an easy bet right but the odds are in my favor for every malicious cookie ( one you dont know about ) , for every trojan or virus or pest or adware the software find you give me 1000$ USD ( one thousand USD ).
“You’re being a little too causiously.”
No I just know way more then you do on the subject.
“Why stop there, why don’t we stop using cars or airplanes because we might get killed using these transportation.”
Cars and Airplanes , dont crash all the time , are not infested by terrorist or bomber by design , you need a license to drive both. Both are reglemented for security ( that seat-belt in your car whas forced on the automakers ).
-
Anonymous
Moulenfool, I refuse to believe that someone can be as stupid as you. I REFUSE to believe it. This is all a joke … right?
Please say yes, or else I will lose all hope in humanity.
-
Anonymous
Don’t let him bother you. I use what’s best for me and Windows does what I need without any problems. If he thinks that everybody going to Linux or Apple, virus writers or hackers will just dried up and disappear he’s got another thought coming.
-
Moulinneuf
“Moulenfool”
Again your having trouble with copy paste , your going on personnal insult again too.
“I refuse to believe that someone can be as stupid as you.”
I aint stupid , people who disagree with you are not stupid either.
“I REFUSE to believe it.”
You believe in something , thats good to know.
“This is all a joke … right? ”
No , actually , maybe it is for you.
“Please say yes”
No
“or else I will lose all hope in humanity.”
Im stupid ( among many of your insults ) yet the faith of all humanity is in my hands , thankfully your irrelevant , there is no consequence for anyone you qualify of stupid or that you judge based on your incompetence. There are consequence for those dumb enough to follow you and your advice.
2005-08-18 11:46 pm
2005-08-19 5:36 am
Anonymous
That’s why you use antivirus and firewall combine and don’t open any attachments. Trojans can’t be execute until you let it. If I had a virus wouldn’t you think my pc would slow down have a mind of it’s own? How do know that Macs and Linux don’t have holes inside their os? Good job scaring everybody away from Windows. A good firewall would close all the ports so that worms like the one that CNN got hit wouldn’t got burn.
-
Moulinneuf
“That’s why you use antivirus and firewall combine and don’t open any attachments.”
Anti-virus and Firewall are not made to remove or block trojan.
“Trojans can’t be execute until you let it.”
Sorry , your tottaly wrong on that one.
” If I had a virus wouldn’t you think my pc would slow down have a mind of it’s own?”
No …
“How do know that Macs and Linux don’t have holes inside their os?”
Macs cant say there the same as Windows ( closed sources) , GNU/Linux anyone can look at the code and test there theory.Thats why many vulnerabilities are found , but very few are actually in use or exploited , which is the opposite of Windows and Macs. It does not mean its full proof or that no exploit will be made for it.
“Good job scaring everybody away from Windows.”
I am not scary , I am informative. If the information scares you thats not my fault.
” A good firewall would close all the ports so that worms like the one that CNN got hit wouldn’t got burn.”
CNN firewall are of the 10k + kind. Do you think that sys admins from CNN are amateurs , there probably on the top list of site to hack to get some notoriety , they have the best sys admins in the world.
– Moulinneuf
-
Soulbender
“Anti-virus and Firewall are not made to remove or block trojan.”
“Personal” Firewalls are designed to stop trojans and other malware from executing, opening outbound connections etc.
“Sorry , your tottaly wrong on that one.”
No, he’s totally right. Trojans will not execute until you do so manually. Worms and viruses is an entirely different matter though.
“CNN firewall are of the 10k + kind.”
You mean the sucky but expensive kind?
Expensive != good.
Btw, are you endorsing closed source operating systems? I doubt those “10k+” systems are OSS ones…
-
Moulinneuf
“Personnal Firewalls are designed to stop trojans and other malware from executing”
No , there designed to close the numerous open ports by default from the OS , and to allow only certain ports to be used by certain software , inbound or outbounds , a firewall will not stop the execution of malware on your PC or the execution of a trojan.
” No, he’s totally right. Trojans will not execute until you do so manually. ”
No , Trojan will execute upon reboot , some when the screen saver come active and some are on timer after they are sent.
“Worms and viruses is an entirely different matter though. ”
No.
“You mean the sucky but expensive kind?”
No , I mean the expensive and very good one.
“Expensive != good.”
No , but I trust the one on CNN can take a lot and are really good too. I read a report about some of them a while back and whas impressed.
“Btw, are you endorsing closed source operating systems?”
No , not at all. It dont means I dont know them very well or how to fix some of them or to work some of them.
“I doubt those “10k+” systems are OSS ones…”
Many of the high end good Firewall are OSS not free Software but thats another subject.
2005-08-19 5:47 am
Anonymous
By the way I just ran Spy Sweeper, Microsoft Anti-spyware, AVG antivirus and Trojan Hunter all came out zero. Nice try.
-
Moulinneuf
Yes , nice try from you , seems to me :
– Spy Sweeper
– Trojan Hunter
– Microsoft Anti-spyware
are more then only :
– Windows Patches
– Firewal
– Anti-virus
Tried those :
http://www.lavasoftusa.com/software/adaware/
http://www.f-secure.com/blacklight/cure.shtml
http://personal.inet.fi/business/toniarts/ecleane.htm
http://www.analogx.com/contents/download/system/dllarch.htm
http://www.nod32.com/download/trial.htm
2005-08-19 7:41 am
Anonymous
Yes , nice try from you , seems to me :
– Spy Sweeper
– Trojan Hunter
– Microsoft Anti-spyware
are more then only :
– Windows Patches
– Firewal
– Anti-virus
No you said to go and use antispyware and trojan remover to see if I had any so nice try. By the way no rootkits. I don’t think you know more than you’re spewing out. Go back and study on how computers work.
-
Moulinneuf
“No you said to go and use antispyware and trojan remover to see if I had any”
No :
http://www.osnews.com/permalink.php?news_id=11595&comment_id=19915
I said :
“How would you know ? Seriously all you have is Windows + firewall + antivirus if thats all you got and are using , then I can make a bet with you
***just provide your computer and will run ***
some Trojan remover , adaware remover , and pest remover, if nothing is found I give you a 1 000$ USD ( one thousand USD ) check , since your machine is clear and without it its an easy bet right but the odds are in my favor for every malicious cookie ( one you dont know about ) , for every trojan or virus or pest or adware the software find you give me 1000$ USD ( one thousand USD ).”
Sorry , But I dont trust you , that *nothing* whas found.
“By the way no rootkits.”
According to you and your friend you dont need it , all you need is :
– Windows updates
– Firewal
– Anti-virus
Now you got :
– Spy Sweeper
– Trojan Hunter
– Microsoft Anti-spyware
– rootkit remover
What else , you got and use , your not telling about ?
care to run :
http://www.belarc.com/free_download.html
and copy paste the software ouput here ?
“I don’t think you know more than you’re spewing out.”
I think your lying and forgetting some details.
“Go back and study on how computers work.”
If my computer did not work , how am I suppose to write here ?
-
2005-08-19 8:13 am
Anonymous
OK, I work for a large corporation. Begins with ‘H’, ends with ‘well’. This worm shut down our entire building today. We had to send first shift production home. Most / all of the engineering staff was useless. Now my real point. 99% of virus problems are ordinary users doing stupid things with email/attachments. This one infected everyone who simply was connected to the building net, (which was everyone). If this virus had one minor mod where is propogated itself, say 5 times, then scrubbed the hard disk, then this would be a HUGE issue. Everyone’s computer would be toast. No one did anything wrong. This virus was merely annoying in the grand scheme of things. If this virus had wiped the harddrives of all users and building servers, then maybe this insecure M$ crap would finally get the attention it deserves at the top level IS departments. This is simply unacceptable….
And Ford is a piece of junk because I shouldn’t have to change the oil period. You have nothing to blame but your Admin. If they would of patch their system they wouldn’t have to send first shift home. They’re getting paid to do their jobs not be a bunch of clowns.
2005-08-19 8:36 am
2005-08-19 9:18 am
Anonymous
“If my computer did not work , how am I suppose to write here ?”
Let me see umm library, friends, parents, cafe.
Sorry , but I dont trust you either.
-
Moulinneuf
“Let me see umm library, friends, parents, cafe.”
So thats what you use , so you think I do the same , ok …
“Sorry , but I dont trust you either.”
Thats why you feel the need to hide the fact that your using more software for your computer security , security true obscurity , nice excuse.
– Moulinneuf
-
2005-08-19 4:04 pm
ralph_wiggumYou are a lyer , I know , because you are glue and i am rubber … expert at telling honest people about lyers and theves like you
Many people respct my opinon but i dont need to give examples … you havent earned them. Becuase you are a theve and a lyer.
Have a good day
– Ralphie
2005-08-19 9:18 am
Anonymous
“If my computer did not work , how am I suppose to write here ?”
Let me see umm library, friends, parents, cafe.
Sorry , but I dont trust you either.
2005-08-19 9:24 am
Anonymous
> And Ford is a piece of junk because I shouldn’t have
> to change the oil period.
No, you get it serviced by the dealer/garage for maintenance (be that oil changes, or whatever else) periodically as part of the sale/contract.
> You have nothing to blame but your Admin.
No. You have only Microsoft and your decision making executives to blame.
> If they would of patch their system they wouldn’t
> have to send first shift home.
Well, maybe thier /systems/ work only with an older service-pack (as mandated by some 3th party providers) and the patch is against a newer pack …
> They’re getting paid to do their jobs not be a bunch
> of clowns.
Wasn’t the sale talk for MS-Windows NT that you need _not_ be any kind of expert to run it? Isn’t MS-Windows 2000 supposed to be “turn key”?
Hell i seem to remember some ‘save money by firing expensive Unix sysops’ phrase …
2005-08-19 10:48 am
Anonymous
I cannot give you my home pc because I live in europe, but I can provide you the full VNC access, so if you’ll not find any trojans or other malware you gonna give me $1000?
2005-08-19 12:39 pm
Anonymous
>>” People still used Windows and not get any viruses and or worms or trojans. ”
>Only in there dreams.
Well, only in your dreams everyone using Windows is infected by viruses, worms, or trojans.
People like you (a very small but very vocal minority) make the job of promoting OSS very hard for all of us.
Look, IT people say, these are clowns claiming that every Windows computer is always infected. How can we trust anything else they are saying?
I tend to believe, Moulinneuf, that you are paid Microsoft shill.
People before you used to just bash Linux and OpenSource as the cultish movement of geeks from the basement, that was level 1 on the game.
Then they started to claim that Linux is just as good as Windows but offers nothing more- why switch? That was level 2.
Now, apprently as an act of desperation, Microsoft decided to escalate to level 3: just fill Windows newsgroups and discussions with M’s annoying like hell, making Windows users *hate* those clowns and asking themselves: do I want to switch to OSS to be in the company of that dumb-ass?
It works. How much big “M” pays you, mini-M? They should double your fees- you are doing very good job.
2005-08-19 5:51 pm
Anonymous
I’m glad you live in a perfect world where patches are thing of the past. I’m glad linux doing a great job for. But it’s called you use what gets the job done.
Am I the only one that thinks these people need to grow up?? I mean, I’m sure that the groups of people writing these worms and virii have good programming skills…. wouldn’t they just be better off going a getting a decent job as a programmer, and actually make a living ?
Sorry, I just needed to finally voice my opinon about all the worms and virii programmers out there
PS: I’m anon because I don’t have an account yet
I totally agree. And if programming for a living isn’t what they want to do, work on OSS or something, but honestly, why waste their time with viruses? It’s pathetic really.
Some people in this world really disgust me.
I guess that most of this virus kids looks at sites like securityfocus.com and similar, and just uses the examples to create new variant of already know worms/virus’, no rocket science in that, just change some literals, and call you self a m4an 3v1l h4x0r.
Soo what is wrong with these people, they are grown up kids, that are not able to get laid.
Maybe they’re zealouts too
. They’re virus zealouts! They want everyone to use virii!
Ok, seriously no one get offended I’m just kidding…
Sorry to disapoint your notion that those people mostly do it for free , most of those writing and making virus and trojan and spyware have a financial interest in doing so and gain an income from it , The Security industry is bigger in size then the film industry in income , there is a couple of virii writer who got caught who where making virii so that they could be the only one able to repare the infected machine and make a profit from it.
There is also the information gathered by some of those spyware and trojan , credit card personnal info , identity , etc … in the underworld those are things that have value.
All in all at the start it whas mostly kids , but these days those are just tools left in the open in order for someone to make a financial gain somewhere.
Why do you think its place like Yahoo , Hotmail and banks who are the one targetted , sometime the infected people dont figure it out the same day as the rest because they have not the trained staff or department to see that there is a problem. Most of those running windows will call Microsoft and there Anti virus software to ask if they are a possible target and will get told that its not the same virus and that they got the patch for that one exept that many time the virii are variants of a previous one , the Anti virus know how to detect them but is unable too because its looking for something else.
Make no mistake the majority of those writting virii are making a very good income from it.
wouldn’t they just be better off going a getting a decent job as a programmer, and actually make a living ?
I don’t know if this has been mentioned yet (because I haven’t read all of the comments), but some of these guys ARE making a living writing viruses.
Think of it, what could you do with hundreds, perhaps hundreds of thousands of zombie machines? That’s a beowulf cluster with a low-speed interconnect. Batch processing, spam bots, distributed web servers, …
There was an article about this a while back on arstechnica.com with actual proof that spammers were hiring virus writers, but I can’t find the link at the moment.
The reason kids make worms and virusses (as opposed to the adult ones who do it for a living) is because worms/virusses are fascinating and exciting. Some people will never understand, just like some people will never understand the point of putting a different OS on a game-console.
The reason these programs are so fascinating is because they represent artificial life. A piece of programming that grows beyond what you make it. These 13-18 year olds do it for the same reason 3-8 year olds pull legs out of an insect: not because they are cruel, but because they can. They want to see what kind of an impact/influence (on the world) they can have. To be 14 and seeing something you made travel around the world on it’s own, is too much of a temptation for those who are capable and not held back by their conscience for fear of the consequences. Some are content to see their creations out in the wild and gain notoriety (world-wide notoriety for a pubescent boy, can you imagine?), some go for more notoriety by adding a payload.
Sure, they need to grow up. But I’m not surprised they do what they do while they’re not.
So much in terms of Windows security and the basis of those Microsoft-sponsored “independent studies”. When is the next worm coming? Next week? Tomorrow? I am sick and tired of patching all the time and having to deal with this.
I think you should reframe from administratoring your computer. Hire someone to do the patching for you!
MS shouldnt have gone off saying they wouldnt release any more win2k patches. Thats my opinion.
Try Linux, as you know you should.
They should be executed.
Do not whine about virus writers – do you seriously think that computers would be safer if viruswriters would go away? I’d say their ‘job’ is more than valuable.
“I’d say their ‘job’ is more than valuable.”
That’s like saying it’s a good thing that there are thieves and robbers so that your burglar alarm has a purpose.
Being a virus/worm writer has no merit and isn’t quite as technically advanced as some people would like you to think.
“appears less severe than some first feared”
Didn’t MS come out right away and say it’s “low impact”? And people didn’t understand that?
Well the new ZOTAB worm has reduced CNN to using typewriters. Thats not really “low impact” imo
Well i guess something like that doesnt fall under a windows 2000 worm variant though. But it does affect win 200 and winXP.
Well the new ZOTAB worm has reduced CNN to using typewriters
Really??? Wierd, since I work at CNN and the most we’ve had to deal with is some of our servers had to be taken offline while an update was applied.
Really??? Wierd, since I work at CNN and the most we’ve had to deal with is some of our servers had to be taken offline while an update was applied
And you don’t think that’s bad enough?
Really??? Wierd, since I work at CNN and the most we’ve had to deal with is some of our servers had to be taken offline while an update was applied
And you don’t think that’s bad enough?
No, we have our Unix/Linux servers taken off line all the time too while updates are applied. That’s usually the procedure for updating I would think. Don’t know, since I’m a developer not a sysadmin. The original parent thread said we were reduced to using typewriters, I was just calling BS on this since me and all the developers around me worked through the day with no problem.
All it appears to be doing is rebooting their computers. If they had a sysadmin worth a damn, they’d let everyone know how to stop the reboot (shutdown /a from console) so you have enough time to go to Microsoft’s site to get the patch. Since it causes no actual damage to the system, and any sysadmin should know how to fix it, I would call it Low Impact.
And no where have I read that it affects WinXP as well, only Windows 2000. Where did you get this information?
Microsoft calls it low impact because according to them, everybody and his dog should have upgraded to XP by now.
That’s why it’s low impact. Gives MS also a perfect reason to say: “Hey, upgrade to XP now, you’ll be much safer.”
Patches for Windows 2000 and XP were released almost a week before this worm even started propagating. Not patching your system is your own fault, not Microsoft’s. Hell, both 2K and XP have an auto-update system in place that is *on by default*, so I don’t know what these people are doing.
The truth of the matter is that every single operating system on the planet requires security patches. I won’t bother listing the various local/remote vulnerabilities in OS X and the Linux kernel in this year alone, as that information is freely available at sites like securityfocus.com.
When Microsoft issues patches, it’s “OMG see how insecure Windows is! Use Linux!”
When a Linux kernel patch is released, it’s “OMG see how concerned about security they are? Linux is awesome!”
“Patches for Windows 2000 and XP were released almost a week before this worm even started propagating. ”
The patches where not adressing this worm , thats why Financial entity and media outlet where hit hard. Your lies might work for some if the target are popular site , it dont when it come to some of the most secure environments.
Its so important this time that it made the news :
http://news.google.ca/nwshp?hl=en&tab=wn&ncl=