A quick lesson in WORMS and things....!


A lot is talked about "Worms" - "Trojans" and other things similar!
Just to give you an insight, here is an article about one of the most serious threats in the last few years - alreadyover 9million PC's have been infected, and are merrily spreading further! The people who construct these things, I'm told, are often frustrated PC specialists..!
If you haven't blocked the hole in your system yet, go to "Start - All programmes - Windows update - run the search for quick critical updates and install preferably ALL the updates shown as recommended for your PC, but at least all the updates referring to "Malware" - Security" etc....
It may take quite some time, but reinstalling and retrieving lost material will take longer....!
(iwmpop)
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

TOP STORY

 Keep the latest worm infestation off your PC

Woody Leonhard By Woody Leonhard

It's been a hellacious week for security admins all over the world: the polymorphic worm known as Downadup, Conficker, and Kido has infected millions of computers.

Fortunately, you can scan, scour, and secure your systems by following four relatively simple steps.

Remember the patch that Microsoft released suddenly — "out of cycle" in the parlance — back in October 2008? Windows Secrets followed suit with an out-of-cycle news bulletin about the patch on Oct. 24. Susan Bradley recommended that readers immediately install the update described in MS08-067 (KB article 958644) to protect against "a remote-code attack that could spread wildly across the Internet."

Just as Susan predicted, the remote-code attacks started appearing shortly thereafter. On Oct. 26, Christopher Budd of the Microsoft Security Response Center posted the following in the MSRC blog:

"We are aware that people are working to develop reliable public exploit code for the vulnerability. We are aware of discussion about code posted on a public site, but our analysis has shown that code always results in a denial of service, to demonstrate the vulnerability. So far, we've not seen evidence of public, reliable exploit code showing code execution."

By mid-November, the Microsoft Malware Protection Center (MMPC) said in a blog posting that it had collected "over 50 distinct exploits of this vulnerability." However, MMPC said the instances were very limited: "We're getting a very small number of customer reports for these attacks."

Then Conficker.A hit the fan. (McAfee and Microsoft call the worm "Conficker," Sophos uses the name "Confick," and Symantec and F-Secure call it "Downadup"; but it's the same virus.) By Nov. 25, MMPC was raising the alarm on its blog in an attempt to get individuals and — especially — organizations to install the MS08-067 patch, which stops Conficker.A dead in its tracks.

At this point, the Conficker furor should've died down and the worm been relegated to the history books. Two inexorable forces, however, combined in early January 2009 to give the worm new life: system admins who weren't applying key patches and a ferociously fecund variant called Conficker.B.

How Conficker differs from other worms

In the not-so-good old days, Conficker.A arrived as a Trojan: in order to infect a PC, somebody had to run an infected program on the machine. It could also try to hit your machine directly, but any sort of firewall would thwart that attack. If the infected system was attached to a network, Conficker.A used the hole (that MS08-067 closes) to spread to other computers on the network. This modus operandi is kinda boring but moderately effective.

Conficker.B uses the Conficker.A approach, plus a whole lot more — as a "blended threat," it's an equal-opportunity infecter. The MMPC's TechNet blog offers an excellent, graphical overview of the ways that Conficker.B can get into your network. Here are the main attack vectors:
  • Conficker.B uses the old Conficker.A approach: simple Trojans that arrive via e-mail or by downloading an infected program.
  • Once a PC on a network is infected, Conficker.B reaches across the network to see whether any of its PCs have not yet patched the MS08-067 hole. After infecting these unprotected PCs, Conficker plugs the MS08-067 hole, presumably so other, similar worms can't get in. What a sneaky buzzard!
  • If Conficker.B finds that it can't get into a computer via the MS08-067 hole, it tries to break in by using the standard Windows admin account, entering each of 248 common passwords. This weak password list (which you'll find under the Analysis tab) includes such all-time favorites as admin, mypass, test, foo, 1111, and many others you may have seen before.
  • Once Conficker.B gains entry to a networked machine, it drops a copy of itself onto the target's hard drive and creates a scheduled job that runs the infected file. Conficker.B also loads itself onto all accessible shared folders. Ho-hum.
  • Finally, Conficker.B scans and infects all removable devices on the system, including USB drives and external hard drives.
A confirmed and adjured European.

Comments

Post a Comment

Popular posts from this blog

last chance for Christmas - today only....!

Image
If you've got no presents to play with, no Christmas turkey etc.. then click here, and play, read, watch, send and learn about ALL things "Christmassy"! Last chance - from tomorrow, mr le marquis passes to New Year things....! http://www.allthingschristmas.com/ **************** Hot Links Fun things to do: Send a Christmas Card Greetings around the world Christmas videos Discuss Xmas Best Christmas Recipes Christmas cards Fun things for kids: Dress up a Snowman Decorate a Xmas Tree Decorate a Dollhouse Online Coloring of Images Play Fun xmas Games Bookmark site    Instant Xmas music Play Xmas music while browsing this site Mailing list Join our popular mailing list and receive special Xmas offers and info for christmas freaks. No spam! Your email address:   . Other Gift / christmas sites: christmas   It's Christmas time! Thank you for visiting our site. Here is
Read more
Image
A Scotsman. Essentially   speaking, one of the 'foundling' countries of the 'Union of Great Britain',also known as the 'United Kingdom'or simply 'UK',Scotland is currently (2021) seriously reflecting the withdrawal from the 'Union of Great Britain'and reclaiming the statute of an Independent Nation. Scotland - Ecosse - Schottland. The aim of this is simple - it is wished, by the Scots, to rejoin the Union of European States, known as the EU, from which they were illegally forced to retire by the illegal Referendum, known as 'Brexit'-which forced British Union Citizens to vote on the subject of leaving the EU,or staying in it - Well over 50% of the Scots voted 'remain in Europe' An overwhelming result. The UK Government in Westminster,nonetheless,used the fact that marginally over 50% of ALL British voted to leave, hence 'Brexit', against the will of the Scottish people and the Scottish Government. In Scotland, the National
Read more

The Empire is dead...Long live the Empire...?

Image
Just what is going on over there in the old Empire land? Once upon a time... HP Sauce has moved to Holland...Dutch treat! Baked beans are leaving too...! Airfix kits bankrupt,but struggling on armed with plastic Spitfires...! The Queen being acted out (better than the original,I understand) by an ageing actress... QEII & Helen Mirren. PMs who can't decide where,when,how & why to disappear... May & Johnson - if they would just go. All in all, since Mr le Marquis' departure, it's been all downhill, which is why He's back, in text, to make you all aware of the damage you are doing. He's staying where He is, all the same - mr le Marquis du Galipot. You can't tell me that Europe isn't infinitely better than a small, lost island, full of arrogant people who insist that everybody else must bow to them, but who they don't really need. Pride & Arrogance, no Prejudice. That's English. The majority of Empire citizens nowadays have a skin colou
Read more