Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Worm and Virus Wars- the August Edition
various FR links & posts | 08-23-03 | The Heavy Equipment Guy

Posted on 08/23/2003 4:55:11 PM PDT by backhoe

 
http://www.freerepublic.com/focus/f-news/969301/posts
Beware of Hacker and Cracker Attacks!
Vanity ^ | 8/23/2002 | Myself
 
Go HERE and let ShieldsUp do a scan of your ports. It will determine if you are "in stealth mode" or vulnerable.


TOPICS: Extended News; News/Current Events
KEYWORDS: techindex; worm
Navigation: use the links below to view more comments.
first 1-5051-84 next last
Here's most of what we have on the recent attacks.

Be sure to read through each post for valuable links and information.

1 posted on 08/23/2003 4:55:12 PM PDT by backhoe
[ Post Reply | Private Reply | View Replies]

To: backhoe; *tech_index; Salo; MizSterious; shadowman99; Sparta; freedom9; martin_fierro; ...
Thank you!

OFFICIAL BUMP(TOPIC)LIST

2 posted on 08/23/2003 5:02:46 PM PDT by Ernest_at_the_Beach (All we need from a Governor is a VETO PEN!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
Thank you!
3 posted on 08/23/2003 5:08:57 PM PDT by backhoe
[ Post Reply | Private Reply | To 2 | View Replies]

To: backhoe; ~Kim4VRWC's~
Great information. I use most of this, but it's nice to have it all on one site.

FYI, Kim!

4 posted on 08/23/2003 5:16:46 PM PDT by GummyIII (I'll try being nicer if you'll try being smarter.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GummyIII
Appreciate it- thanks!
5 posted on 08/23/2003 5:17:59 PM PDT by backhoe
[ Post Reply | Private Reply | To 4 | View Replies]

To: backhoe
Very good list!

Here's some notes from a radio show
on the virus...

1) Use a good Anti-Virus program
-Norton 2003 is the best, Free download or buy the better versionfor 49.95 online

McAffee is good too. (per the radio host)

2)Keep the Virus Program updated. Weekly or daily.
(this is something I haven't done)

3) You need a firewall to keep the worms out, they
try to attack vulnerable ports.

Good firewalls: Black Ice and Zone Alarm

Go to http://www.zonelabs.com for a free download or
upgrade to zone alarm pro.

6 posted on 08/23/2003 5:20:37 PM PDT by Joy Angela (Open Hillary's Thesis on Saul Alinsky! We have a RIGHT to know!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Thank you backhoe for doing all the hard work for those of us that are computer challenged!
7 posted on 08/23/2003 5:22:12 PM PDT by Reb Raider
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Bump for more great links.

I've done two different scans and came up clean each time, yet my emails begin with a tag that I can't figure out. At the beginning of any email is a tag that my recipients recieve. Guess I'll have to uninstall mie6 and re-install it to try to get rid of this nuisance.

8 posted on 08/23/2003 5:24:35 PM PDT by budwiesest (Gladly: The cross-eyed bear.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Joy Angela
Tips & link are welcome- thank you!
9 posted on 08/23/2003 5:24:42 PM PDT by backhoe
[ Post Reply | Private Reply | To 6 | View Replies]

To: Reb Raider
Thanks!
10 posted on 08/23/2003 5:25:30 PM PDT by backhoe
[ Post Reply | Private Reply | To 7 | View Replies]

To: backhoe
bump
11 posted on 08/23/2003 5:26:41 PM PDT by expatguy
[ Post Reply | Private Reply | To 1 | View Replies]

To: budwiesest
"I've done two different scans and came up clean each time..."

Just for the "H" of it, try some online scanners- they are usually the most current with virus signatures:

http://housecall.antivirus.com/housecall/start_corp.asp
Housecall

http://www.rav.ro/scan/indexie.php
RAV

http://security.symantec.com/ssc/home.asp?j=1&langid=us&venid=sym&plfid=20&pkj=CCIVBXUQIZQVMUYTACD
Symantec
12 posted on 08/23/2003 5:29:17 PM PDT by backhoe
[ Post Reply | Private Reply | To 8 | View Replies]

To: backhoe
Thanks, I tried housecall (trend micro) first-came up clean- then bought/updated and installed McAfee and ran it-clean also. I'll try the others (takes about an hour I suppose). Thanks again.
13 posted on 08/23/2003 5:33:49 PM PDT by budwiesest (Gladly: The cross-eyed bear.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: backhoe
The Shields Up link is FANTASTIC!!

Wow, what a relief to know that my
computer is safe!

Thank You so much!

More info is also here!!

http://www.grc.com

14 posted on 08/23/2003 5:37:07 PM PDT by Joy Angela (Open Hillary's Thesis on Saul Alinsky! We have a RIGHT to know!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Bookmarking.

Thank you for the information!
15 posted on 08/23/2003 5:41:13 PM PDT by Right_in_Virginia
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Question: I want to stop all those spam e-mails, most of which now contain the Sobig worm. I would like to stop them even if they were not infected. My Norton is catching them, but it's driving me crazy quarantineing them. 151 today so far. I started to down load the Mailwasher, but it told me that it could harm my computer, so I'm leery of it. I have MSXP. Is it safe to download that free Mailwasher?
16 posted on 08/23/2003 5:57:57 PM PDT by WVNan
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
We haven't mentioned the Trojans and the Keyloggers!
17 posted on 08/23/2003 6:03:22 PM PDT by Ernest_at_the_Beach (All we need from a Governor is a VETO PEN!!!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: backhoe
bttt
18 posted on 08/23/2003 6:24:57 PM PDT by chaosagent
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Just got this from my ISP:

____________________________________________________________________

Dear Adelphia High-Speed Internet Customer,
As you may be aware, Adelphia is currently taking steps to minimize the spread of two new viruses: the Nachi/Welchia Worm, a new version of the recent Blaster Worm virus that has been attacking Microsoft operating systems, and the Sobig.f virus, a mass-mailing type of virus that arrives as an e-mail attachment.
Nachi/Welchia Worm
 Special tools for removing the Nachi/Welchia worm from your PC can be found at the following links:
http://us.mcafee.com/virusInfo/default.asp?id=nachi#removal_instructions
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html#removalinstructions
http://www.sophos.com/virusinfo/analyses/w32nachia.html
To prevent re-infection of your PC, we recommend our customers take the following actions:
1. Install the patches released by Microsoft to repair the vulnerability. These patches can be found at:
 http://windowsupdate.microsoft.com
2. Install anti-virus software on your PC or, if you have already done so, update the software to the most up-to-date virus definitions
3. Install a firewall to help prevent unauthorized access to your PC
Sobig.f Virus
 When activated, the Sobig.f virus infects a PC and then further spreads by sending emails to all email addresses found within the email address book on this infected PC . The virus does this using its own mail server that is part of the virus. When the virus sends an e-mail it falsifies the #8220;from:#8221; field using one of the addresses harvested from the address book. This makes it appear that the virus was sent from someone else rather than the infected machine.
Further information on this virus can be found at the following links:
http://us.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=sobig
http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
http://www.sophos.com/virusinfo/analyses/w32sobigf.html

These viruses have impacted Adelphia#8217;s network as well as the networks of other internet service providers. You may be noticing slow speeds, frequent disconnections or no connection at all. We are working to stabilize our network quickly and appreciate your patience and understanding throughout this process.
In order to continue stabilizing our network, Adelphia will be taking additional measures that will impact a small percentage of Power Link customers that use ping commands. Low-level pings will be blocked for an undetermined amount of time. If you use pings, you may not be able to ping anything outside the Adelphia network while this block is in place. This will only affect the small percentage of Power Link customers who use pings. As soon as the spread of the worm is under control and our network is stabilized, we will remove this block. We regret to have to put this block into effect, but it is crucial to stabilize the network and reduce the number of requests currently flooding our system due to the virus.

Further information regarding viruses and online security can be found on Adelphia#8217;s eSafety page at http://www.adelphia.com/esafety
Please be assured that Adelphia is taking all possible measures to prevent the virus from impacting the Power Link network.
 
Thank you,
 
Adelphia Communications

19 posted on 08/23/2003 6:27:20 PM PDT by Ernest_at_the_Beach (All we need from a Governor is a VETO PEN!!!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: WVNan
I just downloaded MailWasher and Installed it.

What damage is it suppose to do?
20 posted on 08/23/2003 6:29:09 PM PDT by Ernest_at_the_Beach (All we need from a Governor is a VETO PEN!!!)
[ Post Reply | Private Reply | To 16 | View Replies]

To: WVNan; Ernest_at_the_Beach
I've been using MailWasher for several months without incident--this from a complete computer klutz. It's very good for intercepting spam and viruses before they can even get to your computer. You just zap 'em off the server. It doesn't, however, seem to stem the flow of spam--it just keeps your own computer from being contaminated by any of it that might be virus-ridden.

21 posted on 08/23/2003 6:46:53 PM PDT by MizSterious (Support whirled peas!)
[ Post Reply | Private Reply | To 16 | View Replies]

To: backhoe
Backhoe, love Shields Up, and it said I was in stealth mode. I'll check it again tomorrow, cause it sure beats me how I got in stealth mode. I don't run any special software, just what came on the computer. If it's true, that's great though.

22 posted on 08/23/2003 6:52:02 PM PDT by MizSterious (Support whirled peas!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: backhoe
ShieldsUp said I failed the ping test.

Anyone know how I can turn PING off on my machine?
23 posted on 08/23/2003 6:54:37 PM PDT by gitmo (Press any key to continue ... NOT THAT KEY YOU FOOL!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MizSterious
Well, I'm pretty dumb about computers so bear with me. When I hit the download on the mailwasher the file popped up, but it says ...."if the file information below looks suspicious, or you do not fully trust the source, do not open or save this file.......and, This type of file could harm your computer if it contains milicious code." So I was afraid to download it.
24 posted on 08/23/2003 6:55:16 PM PDT by WVNan
[ Post Reply | Private Reply | To 22 | View Replies]

To: MizSterious
In that case, it would be no different from my Norton. Norton captures the virus but the stuff still keeps coming through. I want to stop the spam from getting to my computer in the first place. I do not have a penis, therefore I have no need to enlarge it.
25 posted on 08/23/2003 6:58:11 PM PDT by WVNan
[ Post Reply | Private Reply | To 21 | View Replies]

To: Joy Angela
In addition to your 1, 2 & 3

4) Run spyware zapping software weekly. The best approach is to run both Spybot Search & Destroy and Lavasoft Ad-Aware weekly. This zaps tracking cookies, as well as spyware like Gator.

Ad-Aware
http://www.lavasoft.de/software/adaware/

Spybot Search & Destroy
http://www.safer-networking.org/

5) If you have a high speed connection, buy a hardware router/NAT appliance (Linksys, Netgear, D-Link). This shields your PC from a lot of direct attacks coming across the Internet. These devices are now in the $20-$40 range.
26 posted on 08/23/2003 7:00:51 PM PDT by FreedomPoster (this space intentionally blank)
[ Post Reply | Private Reply | To 6 | View Replies]

To: backhoe
Thank you! Yesterday I rec'd 17, today I've rec'd over 65 spam mail trying to send me the Sobig Worm. What's scary is that if I'm sending email I've got to do it ASAP because while I have my email program running here comes in one of those Sobig Worm email. It's been a fretful day. Mailwasher program has been working overtime bouncing and deleting.
27 posted on 08/23/2003 7:03:23 PM PDT by lilylangtree
[ Post Reply | Private Reply | To 1 | View Replies]

To: WVNan
What it does: it checks your isp's server for mail. You mark the mail you don't want, then you "process" your email: it deletes the stuff you don't want and bounces it back to the senders. None of that ever gets to your computer. You view it ONLY, no graphics, etc. It never even touches your computer. That's what I like about it.

Then you collect the mail you do want. This email DOES come to your computer.

The MailWasher download site: The message you are getting is standard for downloads. If you are running Norton's, Nortons should scan it for viruses. If not, scan it once it's downloaded. I think the MailWasher site is safe, but I don't mind a few extra steps if it means I won't get some crummy virus.
28 posted on 08/23/2003 7:03:37 PM PDT by MizSterious (Support whirled peas!)
[ Post Reply | Private Reply | To 25 | View Replies]

To: backhoe
THANK YOU sooo much for sharing this great info and for having it consolidated. You're a dear, considerate man. We Owe you dearly. He He. Thanks XOXOXO

However, my major problem is that I just upgraded to Windows XP from 98 2nd edition. My Outlook Express mail did not upgrade.
29 posted on 08/23/2003 7:12:19 PM PDT by Gracey ( All your base are belong to the Terminator)
[ Post Reply | Private Reply | To 12 | View Replies]

To: MizSterious
Okay. Thank you very much. I think I will give it a try. If I mess up I'll just call... SON!
30 posted on 08/23/2003 7:25:13 PM PDT by WVNan
[ Post Reply | Private Reply | To 28 | View Replies]

To: WVNan
My concern is that the Chicoms are carrying out their threat to mess up US computers and that they have the expertise to do it. Could this be true?
31 posted on 08/23/2003 7:33:29 PM PDT by Paulus Invictus (RATS are scum)
[ Post Reply | Private Reply | To 30 | View Replies]

To: backhoe
Hey, I recognize some of those links. <|:)~
32 posted on 08/23/2003 8:09:01 PM PDT by martin_fierro (A v v n c v l v s M a x i m v s)
[ Post Reply | Private Reply | To 1 | View Replies]

To: martin_fierro
Hey, I recognize some of those links...

Yeah, I know-- I copied your links without picking up your name at the bottom-- but I did mention this to Just_Piper on another post. I do try to give credit where it is due!

I have used most of those at one time or another, and can vouch for them.

33 posted on 08/23/2003 11:41:51 PM PDT by backhoe (Earth First! ( We'll strip-mine the other planets later...))
[ Post Reply | Private Reply | To 32 | View Replies]

To: Gracey
However, my major problem is that I just upgraded to Windows XP from 98 2nd edition. My Outlook Express mail did not upgrade.

Humm... not sure if it will help, but have you tried logging on to Microsoft's upgrade webpage? They do a scan of your PC and will install updates. I use Win98, and went there yesterday- to my surprise, it upgraded IE from 5.5 to 6, and OE from 5 to 6.

34 posted on 08/24/2003 12:34:12 AM PDT by backhoe
[ Post Reply | Private Reply | To 29 | View Replies]

To: backhoe
Sorry... To be more accurate my old downloaded mail did not show up.... Apologies for my poor explanation.

Do you know if it's completely lost? The address book is still intact but the mail went "adios."
35 posted on 08/24/2003 12:42:16 AM PDT by Gracey ( All your base are belong to the Terminator)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Gracey
Try running a "find files" search for *.mbx, which is the generic group of fileneames for the OE databases of various email groups... like inbox.mbx, where your incoming mail is stored. This will at least reveal if your old email is still on the drive somewhere. To tell the truth, I'm not sure what you do with that if you find them- I'm more of a DOS than Windows guy!
36 posted on 08/24/2003 1:12:43 AM PDT by backhoe
[ Post Reply | Private Reply | To 35 | View Replies]

To: All
An Interesting Discussion on FREEREPUBLIC.com regarding an ABCnews.go.com article by Alexandra Salomon: "Terrorists' Twin Tower Images, Secret Porn Messages" (May 8, 2003)

37 posted on 08/24/2003 1:53:32 AM PDT by Cindy
[ Post Reply | Private Reply | To 36 | View Replies]

To: Cindy
Link's appreciated- I recall that story.
38 posted on 08/24/2003 2:02:31 AM PDT by backhoe
[ Post Reply | Private Reply | To 37 | View Replies]

To: backhoe
You're welcome, backhoe.
39 posted on 08/24/2003 2:07:19 AM PDT by Cindy
[ Post Reply | Private Reply | To 38 | View Replies]

To: All
http://www.freerepublic.com/focus/f-news/970240/posts
Yet another virus alert
University of Pennsylvania | 08-25-03 | Jeff Douthett
40 posted on 08/25/2003 3:22:15 PM PDT by backhoe
[ Post Reply | Private Reply | To 1 | View Replies]

To: All
http://www.freerepublic.com/focus/f-news/970282/posts
Experts Say New Sobig Virus Could Strike Any Day
Yahoo! News ^ | August 25, 2K3 | Reuters
41 posted on 08/25/2003 4:54:50 PM PDT by backhoe
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
bump
42 posted on 08/25/2003 5:52:08 PM PDT by JamminJAY (This space for rent)
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
bttt and thanks
43 posted on 08/25/2003 5:54:58 PM PDT by freeangel (freeangel)
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Tracking, and thanks.
44 posted on 08/26/2003 2:52:50 AM PDT by yhwhsman ("Never give in--never, never, never, never, in nothing great or small..." -Sir Winston Churchill)
[ Post Reply | Private Reply | To 1 | View Replies]

To: yhwhsman; freeangel
Thanks for the bumps^
45 posted on 08/26/2003 4:40:24 AM PDT by backhoe (Just an old Keyboard Cowboy, ridin' the trackball into the Sunset...)
[ Post Reply | Private Reply | To 44 | View Replies]

To: All
http://www.freerepublic.com/focus/f-news/970889/posts
Why computer virus writers are useful and we should thank them.
zone-h.org ^ | 08/25/2003 | Samuel D. Forrester
46 posted on 08/26/2003 3:38:27 PM PDT by backhoe
[ Post Reply | Private Reply | To 1 | View Replies]

To: All
SoBig.F Packs Few Design Surprises
      Posted by budwiesest to AppyPappy

47 posted on 08/27/2003 7:09:17 AM PDT by backhoe
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
BTTT & thanks
48 posted on 08/27/2003 7:23:03 AM PDT by orlop9
[ Post Reply | Private Reply | To 1 | View Replies]

To: orlop9
Thanks for looking!
49 posted on 08/27/2003 12:05:07 PM PDT by backhoe
[ Post Reply | Private Reply | To 48 | View Replies]

To: backhoe
http://www.freerepublic.com/focus/f-news/972462/posts
FBI TO ARREST TEEN IN INTERNET ATTACK
DrudgeReport ^
50 posted on 08/29/2003 3:05:17 AM PDT by backhoe (The 1990's will be forever known as "the Decade of Frauds" [ Clintons, dot-bombs, Oslo Accords...])
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-84 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson