goodmorphing, no we are not all screwed...

we've yet to have one phone call about any of this and not one issue with network speed falling off or anyone unable to make use of their email at over 50 client sites.

Only apply MS updates that you read up on and choose to apply = turn off automatic updates

Active Virus monitoring and daily auto updates turned on.

Active Software Firewall and daily auto updates turned on.

Disable auto opening attachments in email program set to prompt, if it can't do it then get one that can.

Active registry scanner with daily auto updates turned on.

Active Register monitor with daily auto updates turned on.

Automatic running of scripts turned off, script filtering turned on.

Encrypted Secure Tunnel/Portal for your Internet connection. No one including your service provider needs to know what you do, buy, sell and where you go on the net it is not their business.

Drive and file transfer encryption, email encryption.

Hardware firewall with filtering enabled for Broadband AND/or Dialup is advisable also.

put an old computer together with two nicks in it and run it as a proxy server or NAT box and Gateway then secure the hell out of it.

There is no reason other than not knowing what to do for a system or a network to be open to such stuff beyond lack of user intervention.

Does this all mean 100% secure? No... does it mean that you can go years without any problem, without a doubt yes.

You know I laughed when MS presented IPv6 as an upgrade to IPv4. With the ability to bypass NAT security built into it. Talk about 1 step forward 10 back, give it time and a new storm will hit everyone who has jumped up to IPv6 that just installs it and doesn't do any security tweaking by leaving everything as a default.

Kind of like OS's and NOS's and leaving them set as default beyond creating extremely simple pass words.

No I am not saying anything about anyone who's been hit with this crap in the least. But if someone is in the business of Networking and IT Security and they got hit I feel bad for them because it really be very likely to happen if things are setup correctly, statistically.

Common home users and business users alike shouldn't be expected to just know how to avoid this kind of thing. But IT Professionals sure as hell should and if they don't learn when something like this happens they should consider some crash courses fast and CIO's FIO's CEO's should get off the money to send them to classes. On going education should be key to keeping IT Dept's level to or ahead of most issues. Also corporate subscriptions to various tech sites so they can interact with their peers and have brain storming chats and such, or just pass information on between each other, tricks, tweaks and past knowldge.

After all, business theses days IS the data on the network which includes email.

IPlural kicks soapbox back under the desk and slips back into wackybobo mode

anyway.. just my uneducated opinion



[Message Edited]

SourceForge.net is the world's largest
Open Source software development website,
with the largest repository of Open Source code and applications available on the Internet. SourceForge.net provides free services to Open Source developers.


http://sourceforge.net/


Browse by Operating System:

http://sourceforge.net/softwaremap/trove_list.php?form_cat=199



[Message Edited]

Nonsence?

Look this isn't the first worm to hit the net that attacks address books, or web sites or servers. Dealing with personal systems is all anyone can do unless they happen to be in IT and in control or connected to the administration of servers. That is what I addressed above, personal computers and what one can do to protect their systems and my thoughts on the IT end of things.

As far as not being able to do anything goes. Take a look at Spamkiller, you might be suprise just how much that alone can do to keep the crap out of your box. Not stop it from being sent but killing it when it shows up.

Mcafee
http://us.mcafee.com/default.asp


Get the email you want and nothing else. McAfee SpamKiller quickly and easily helps you stop spam from polluting your inbox with advanced rule-based and list based filtering.

SpamKiller is THE Leading Anti-Spam Product for Consumers and Small Businesses

Benefits

With fraudulent, inappropriate and offensive emails being delivered in vast quantities to adults, children and businesses every day, spam protection is an essential component of your PC's security strategy. Whether you want to eliminate spam as quickly and easily as possible, or crave the power to fight back, McAfee SpamKiller is for you. No other email filtering solution offers so many features, or is as easy to set up and use.


Block emails using both lists and preset filters
Update internal filters automatically
Filter MSN/Hotmail, POP3 and MAPI email
Create custom filters
Quarantine spam outside of your inbox
Import "friends" automatically into your safe list
Monitor and filter multiple email accounts
Fight back against spammers
Report spam to McAfee


Kill the crap as it hits...





[Message Edited]

nope not a thing you can do about it....

IPlural: Your advice is good, but it is hard for most people to follow what you mean. Don't forget you are a power user.

Example: For the average user it is hard to decide what MS updates to install. Often technical terms are used which are incomprehensible for average users. Even for a power user it is hard to decide what to install or not. 99.9% of such updates are OK. So, what is good advice? If you are uncertain then install it? In those rare situations where things can go wrong for some users one can often find information on the net how to correct installed bad MS updates. And you can always ask friends to help you out. There is this message board too of course.

TechRepublic.com
http://techrepublic.com.com/5100-6264_11-5065898.html?tag=ft

Blaster, Welchia, and SobigF pose triple threat to networks
August 20, 2003 | John McCormick | E-Mail



Rating: 5 / 5 | Rate this article
Discussions: 1 Post(s) | 1 NEW | View posts


Malicious intruders plus vulnerable networks and buggy software equals a security nightmare. Sleep better by subscribing to Builder.com's Development Security Spotlight e-newsletter. Each Tuesday, security expert John McCormick will provide you with the latest methods for keeping your development environment safe. Sign up instantly!




After several months of relative calm on the virus front with only low-level threats, last week the Blaster worm assaulted many networks and wreaked havoc on a lot of PCs. This week, the Welchia worm—which is actually supposed to remove Blaster—arrived and began causing additional problems. Not only that, but a hot new version of the old Sobig mass-mailing worm has turned lethal and begun infecting many systems with its own brand of mischief.

Yes, we all know we should have anti-virus protection on our machines IPlural. I personally also already use a spam filtering application, but without manually configuring it to recognise the messages I spoke about above it's pretty much useless for the average user in this situation. There's also the added problem that by filtering out the 'undeliverable mail' and assorted other mails, you lose the ability to tell if your legitimate mail has reached its destination. Many spam filters also only work once mail has been downloaded to a user's machine, which is something of a problem when you have around 30Mb of mail per day generated by the Sobig virus to download on a 56k connection.

Also, what is the point of copying and pasting the marketing blurb for these products here? A simple 'try McAfee SpamKiller' or 'try Norton Internet Security' would suffice.

grayhaze: I was responding to post #54. Hehe. You people even write faster than I can read.

MadIce, exactly so on the ISP filtering.. that is on the IT end of things though and if they fell down on this it is a personal choice to continue service with them though because of the dynamic nature of the net, it is extreamly hard to play catch up on the IT end of things right in the middle of a situation such as this.



I remember when the worst thing you had to face was people sharing floppies

Your Computer is Stoned
Ambalance
Chars falling off the screen to pile up on the ottom of the screen
Displayed screen melting on you
Or the simple removal of the "C" from the ascii table on programmable keyboards...

Until now I have escaped e-mail virii/worms/spam, but to be secure I have just activated a spam filter and subscribed to a virus filter. Both are ISP filters. There are several options for the spam filter, but I have chosen to send it to another e-mail address (which was activated by my ISP for this purpose). They advised me to use their web-mail client or use a regular e-mail client with a virus filter. It turns out that the new virus filter can handle two POP accounts, so I added the second one to the spam account. Sounds good. Let's see what happens.

It appears this latest email problem times out in a week or two and will ultimately cease to propagate

Until the next version is released................

MailWasher does the same thing (But you can also look at the whole message still
on the server before deleting it).  You can set it to bring up your mail
client as soon as it is done processing mail.  Quite handy until you set
4,000 email a day to sort through

It appears this latest email problem times out in a week or two and will ultimately cease to propagate....

I read this on MSNBC this morning...

Computer security experts were racing Friday to beat a 3 p.m. ET deadline to find and disconnect 20 computers from the Internet, a defensive move aimed at preventing the Sobig.F virus from unleashing a second — and perhaps more sinister — round of havoc.

THE VIRUS, which already has tormented companies and personal computer users by becoming the fastest e-mail outbreak ever seen, contains code that instructs infected computers to download an unknown program on Friday between the hours of 3-6 p.m. ET, said Chris Belthoff, senior security analyst with the antivirus firm Sophos. He said it is unclear what that program is, or what it might do to machines infected with Sobig.F.

*****

Another Sophos official, Carole Theriault, said the program also could be as innocuous as “a smiley face dances (that) across your screen.” But even if that’s the case, the sheer volume of Internet data converging on the 20 computer targets could significantly affect Internet performance.
The virus’ secret programming for a second phase was discovered late Thursday, when analysts found code within Sobig.F instructing infected machines to make contact with the 20 computers during the three-hour window on Friday and again from 3-6 p.m. ET on Sunday.


[Message Edited]