Forum - View topic[ATTN] Please, patch your computers...
|
|
| Author | Message | ||
|---|---|---|---|
|
cookie
Former ANN Editor in Chief
 Posts: 2460 Location: Do not contact me for support. |
|
||
|
In the past 12 hours I've received somewhere between 40 and 50 messages with the MyDoom virus, plus more with some of the others out there...
So, as a public announcement: If you're going to surf the net, surf wisely. Given that 95% of you are using Windows 98, 98SE, 2000, or XP (and most of those are using IE5 or IE6 for browsers): 1) Download some form of Antivirus Software. Stinger is a free program provided by Network Associates that checks your system for common worms and viruses. If it finds anything, it deletes it. It is highly recommended that you buy the full package, or at least use their free web-scanning tool. Either way, MAKE SURE you aren't infected. 2) Patch your system. Go to http://windowsupdate.microsoft.com and download all the security patches that your OS allows. 3) (optional) Use a less popular client, one that won't be attacked as often -- thus rendering you safer simply by being away from Outlook exploits and attacks. If you use Outlook or Outlook Express, change to Eudora or some other client. If you use IE as your default browser, consider switching to Mozilla (or Firebird) (or Opera). 4) (required) Surf smart. Don't hunt for warez; you're almost ASKING to be infected by an ActiveX exploit or Webbug if you do. Don't click on attachments you don't expect. Don't allow attachments to be displayed automatically. Don't allow attachments to be decompressed automatically. Delete attachments when you delete the messages.. and finally, run Anti-Virus software. Keep it running all the time. If you see something unusual, check it out, don't just ignore it. It's better to be paranoid than ignorant, when it comes to computer security. I suggest all these steps, even if you are a technical expert with Windows -- it only takes one mistake to let a virus through. For Mac/Linux/BSD/AtariDOS 3.0 users, follow the intent of the above steps, adapting where necessary. i.e. Don't run an ancient version of Apache. Don't run a version of SSH with the SSHv1 exploit from last year... Basic things like that. Last edited by cookie on Mon Feb 02, 2004 8:14 pm; edited 1 time in total |
|||
|
|||
|
Nagisa
Moderator
 Posts: 6128 Location: Atlanta-ish, Jawjuh |
|
||
|
How is the virus spreading? Is it going through e-mail or are we under fire for just logging onto ANN?
|
|||
|
|||
Legato 2057
 Posts: 437 Location: Soon to be Japan |
|
||
|
From what I heard on the radio, it is an attachment (.exe) to an e-mail that automatically sends the virus out to 50 other e-mail addresses within 30 seconds.
|
|||
|
|||
|
Nagisa
Moderator
Posts: 6128 Location: Atlanta-ish, Jawjuh |
|
||
|
So, if you just don't open unfamiliar e-mails, you should be fine?
|
|||
|
|||
king_micah
 Posts: 994 Location: OSU |
|
||
|
Don't open attachments.
Or Use a mac like me. 
I still get a few auto messages saying I might be infected, but I don't open attachments, and use a type of browser that is not IE, nor email that is. |
|||
|
|||
|
cookie
Former ANN Editor in Chief
Posts: 2460 Location: Do not contact me for support. |
|
||
Well, yes. In theory. But in some cases it's possible to have attachments auto-execute (which was the cause of several worms last year), even when they're in the preview pane. I don't know if this specific worm is doing that or not, but frankly, it's annoying and I wish it would stop. And: No, you are not at risk by surfing to, or logging into ANN. However, as some people have already reported, some people are receiving e-mails from @animenewsnetwork.com addresses with the virus. This isn't actually coming from us: This virus steals user-id's and bounces them elsewhere.. so if you get a copy of the virus from [out of date email address], it's not actually coming from Tempest or I. Instead, it's someone who mutually has your e-mail address AND our e-mail address on their system. Thus, if you're infected, you won't be sending e-mail from your own e-mail address -- instead, it'll be sending out e-mail with someone ELSE'S e-mail address instead. |
|||
|
|||
Dilandau
 Posts: 525 Location: Tea House |
|
||
|
Sounds fun.
I was wondering what was happening to my unfortunate j-fan email account. Sigh What a pain. |
|||
|
|||
|
Dilandau
Posts: 525 Location: Tea House |
|
||
|
Here is a link to other information on the MyDoom virus, also known as w32.novarg.a@mm:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected] |
|||
|
|||
|
ultrabot
Posts: 130 |
|
||
It puzzles me why the creator of MyDoom would even bother with making it, a DDoS attack on the SCO's website is hardly worth it... no matter how big of a group of jackasses/idiots the SCO is 
Last edited by ultrabot on Wed Jan 28, 2004 4:41 am; edited 1 time in total |
|||
|
|||
|
Dilandau
Posts: 525 Location: Tea House |
|
||
|
Anyway, thanks for the post Cookie! I never woulda figured out what was going on with my mail
|
|||
|
|||
|
RantingOtaku
Posts: 219 Location: Sudbury, Ontario, Canada |
|
||
|
even easier.. for every person I have to fix this problem for, I'm charging them more than the avg. service call, and may even be tempted enough to smack them around a bit... it was the same with nimda, lovebug etc.
Either I'm a really lucky guy, or just security paranoid... I spend my off hours camping mirc channels, and the occasional warez stuff, never had a problem yet (though system security is pretty tight) |
|||
|
|||
|
space clam
Posts: 636 |
|
||
|
Finally, this horrible browser has done something of use! Although I kind of wish my computer would die... Netscape Navigator 4, if you ever want to fly under the radar, so to speak.
|
|||
|
|||
Ataru
 Posts: 2350 Location: Missouri (Strikeman) |
|
||
|
Make sure you turn off the preview plane on Outlook/Outlook Express. The newwer virus lately have been auto uploading themselfs that way (Unless Mircosoft fixed it.) But on that note, if you get an e-mail from your buddy or someone you don't know trying to send you something that looks odd, don't open it.
|
|||
|
|||
Tempest
 I Run this place.ANN Publisher  Posts: 10539 Location: Do not message me for support. |
|
||
M$ fixed that a long time ago, but many people have not installed the appropriate patches. |
|||
|
|||
 |
All times are GMT - 5 Hours |
|
|
|
Powered by phpBB © 2001, 2005 phpBB Group