homepage Welcome to WebmasterWorld Guest from 23.20.19.131
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
New Focus: Triple worm attack
Bropia offshoot, death photo and funny face distract from dangers.
pendanticist




msg:351617
 10:06 pm on Feb 3, 2005 (gmt 0)

[news.zdnet.com...]

Great. Just great.

The latest variant of the Bropia worm was discovered on Wednesday evening, Trend Micro said. It infects systems belonging to users of MSN Messenger by sending itself as a picture of a roast chicken with tan lines to all available or online contacts. It also releases a second more dangerous worm, called Agabot.ajc, on the infected computer.

This worm, dubbed Wurmark-F, travels as an e-mail attachment and affects systems running Microsoft Windows. When opened, it displays a photo of a man "gurning"--a British tradition of pulling silly faces.

The worm can spread via e-mail and by using the Microsoft LSASS vulnerability, the same flaw used by the Sasser worm to spread in record time. The vulnerability was reported 10 months ago, and a patch is available.

[edited by: Brett_Tabke at 10:11 pm (utc) on Feb. 3, 2005]
[edit reason] added some quotes [/edit]

 

limitup




msg:351618
 1:43 am on Feb 4, 2005 (gmt 0)

Just out of curiosity, what's the big deal? I've been online since before 99% of people in the world had even heard of Yahoo, I work online full-time, and "use" the Internet more than 99.5% of people in the world - and my computer has *never* been infected with a virus. Use good anti-virus software, a firewall, a good backup program, some common sense, and don't worry about it.

pendanticist




msg:351619
 2:09 am on Feb 4, 2005 (gmt 0)

To adequately answer that question, you'd have to ask those who are not like you, since obviously that is what this thread is about.

dom86




msg:351620
 2:10 am on Feb 4, 2005 (gmt 0)

Great!

Hopefully McAfee Internet Security 2005 will keep my work machine virus free

Virus Info for: W32/Bropia.worm.g
[uk.mcafee.com ]

----

Tested out AVG Free 2day, and it blew winXP up. Had to reinstall my test machine. Thank god it was my test machine! Do NOT USE AVG Free

Get AntiVir and ZoneAlarm
ZoneAlarm does Email Scanning
Your going to need protection with all these viruses around

Hollywood




msg:351621
 3:43 am on Feb 4, 2005 (gmt 0)

The problem is many people do not wear protection!

Plan ahead folks! This will go away much faster if you do.

-Hollyweird

donb01




msg:351622
 4:59 am on Feb 4, 2005 (gmt 0)

I have been using AVG Free for years, both version 6, and now version 7, and have never had any problems. In fact the first machine I ever installed it on had a currently updated version of NAV on it, and the first scan found 2 trojans and 1 virus that NAV didn't even know was there. I have been sold on it ever since, and have even registered my own copy.

Automan Empire




msg:351623
 6:33 am on Feb 4, 2005 (gmt 0)

Suddenly that roast chicken picture I downloaded months ago isn't as funny. Fortunately no ill effects have surfaced... don't know whether to attribute it to my smattering of antivurus software or it just being a plain ol' picture.

Next, do I start having to worry about the bunny with a pancake on its head? LOL

Zaphod Beeblebrox




msg:351624
 8:30 am on Feb 4, 2005 (gmt 0)

The problem is many people do not wear protection!

I've been online without a virusscanner since 1995 and have never been infected. Don't allow a virusscanner to lull into a false sense of security and discard common sense...

Reflect




msg:351625
 1:53 pm on Feb 4, 2005 (gmt 0)

As an aside...

I do lead AV administrator for our sector. I was charged with SPAM reduction. I just got a solution in place. An unsuspected benifit....if the e-mail header of the e-mail does not conform to RFC standards it gets tossed. In talking with Symantec they state over 90% of e-mail distributed viruses have....invalid headers. So before SOPHOS, which we use at the SMTP gateway, or Symantec, which we use at the desktop, have DATs/DEFs for a new strain the SPAM solution stops the new strain from even getting in our front door.

We used to get hammered with Beagle/Bagle and Sober when new variants came out. Since we put this up we had not one report of infestation.

I was very pleased.

Take care,

Brian

dom86




msg:351626
 2:26 pm on Feb 4, 2005 (gmt 0)

Tested out AVG Free 2day, and it blew winXP up. Had to reinstall my test machine.

I just remembered that I had F-Secure on that machine and it doesn't like other AntiVirus software maybe that was the problem.

I have just put AVG back on the test machine and its fine, but its on winXP SP1. Need to test it on SP2.

The new AVG UI is great. (very clean design). But its not the UI I'm interested in. Can it do what its meant to do detect and remove viruses.

----

Proctection Tools for Windows

AntiVirus Software:
AntiVir [free-av.com]
AVG [free.grisoft.com]

Firewalls:
winSP2 Firewall (XP ONLY) [microsoft.com]
Sygate [smb.sygate.com]
ZoneAlarm [zonelabs.com]

elektrodish




msg:351627
 2:38 pm on Feb 4, 2005 (gmt 0)

I have a great protection tool:

[apple.com...]

:)

Namaste




msg:351628
 2:47 pm on Feb 4, 2005 (gmt 0)

I've had it with MS.
I'm just going through replacing one of my webservers because they were infected by 2 worms, despite having Firewalls & AVs.
The same thing had happened to me a year back.
We took a tech decision yesterday to switch everything to PHP & Linux from IIS & ASP. It's going to be a huge investment for us and will involve many HR changes, but it's worth it.

supermanjnk




msg:351629
 3:29 pm on Feb 4, 2005 (gmt 0)

ubuntu... my antivirus.

pendanticist




msg:351630
 5:25 pm on Feb 4, 2005 (gmt 0)

don't know whether to attribute it to my smattering of antivurus software or it just being a plain ol' picture.

Well, Automan Empire, maybe you need to look at this:

[ebcvg.com...]

The latest variant was discovered late Wednesday, according to TrendMicro. The virus spreads by sending itself as a picture of a roast chicken with tan lines to all available or online contacts. It also releases the Agabot.ajc virus on the infected PC.
<Emphasis added by me.>

StupidScript




msg:351631
 10:32 pm on Feb 4, 2005 (gmt 0)

We were sick of disinfecting or rebuilding infected machines, so about a year ago I installed Sophos MMSMTP AV on our corporate (Linux) mail server.

Zero virus infections since then.

No matter how you train people, and no matter how much they want to comply with policy, human nature/curiosity is simply too powerful to overcome, in some people. They can't help themselves! They ARE a winner, dammit! They DO wonder about horny people in their area! They DESERVE a lot of money from some guy in Nigeria!

I also installed both Black Ice and Zone Alarm Pro on all of our workstations ... and have had no successful attacks of any kind since then.

These two protections save me over 20 hours per month, personally, as the machines (even though they are Win boxes) don't need checking or cleaning nearly as often, and I can limit my maintenance activities to cleaning up Win's virtual memory and defragging.

(Please note that my home Linux boxes have never had any problems of any kind for over 8 years of continuous operation, despite having no AV or trojan blockers installed.)

Automan Empire




msg:351632
 4:59 am on Feb 5, 2005 (gmt 0)

Pedanticist wrote:
Well, Automan Empire, maybe you need to look at this:

Well, it didn't appear unsolicited... I DL'd it months ago to no ill effect. It's an amusing picture; perhaps (hopefully) the worm writer later chose that image to help spread his creation, if people voluntarily sending it around does indeed spread it.

So here we have... viral virus marketing! What next under the sun?

pendanticist




msg:351633
 5:16 am on Feb 5, 2005 (gmt 0)

Hey, that's cool. Glad to hear you were there, uh, early. :)

Luddite




msg:351634
 2:08 am on Feb 6, 2005 (gmt 0)

>> I've been online without a virusscanner since 1995 and have never been infected.

never infected that you know of

No offense Zaphod, but common sense involves using antivirus software.

rise2it




msg:351635
 5:44 pm on Feb 8, 2005 (gmt 0)

I've installed AVG on a machine upgraded to XP service pack 2 with no worries.

I've probably installed this on 50 machines for various people - everytime I work on one, I usually talk them out of whatever they are using (if anything) and into this.

I've also, like the poster above, installed this on machines that already had 'name brand' antivirus software, and it caught several things that they missed.

I think a few of these viruses can 'undo' Norton, etc. - just like IE gets more viruses written for it because of market share, I think the same thing happens to the major antivirus companies...

rocknbil




msg:351636
 5:58 pm on Feb 8, 2005 (gmt 0)

The new AVG UI is great. (very clean design). But its not the UI I'm interested in. Can it do what its meant to do detect and remove viruses.

Yes dom, it does, my sys admins have been using it for years and have converted me. Even if they start charging for updates at some point, I would prefer it over Sporton or MacAfee. I've worked with both of those products on Mac and PC platforms for over 10 years and have always had problems with them, their installations work their way down into your system and when something goes wrong, it's a mess.

Your XP-losion was probably most likely due to something like that, as you said.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved