Beware Conficker worm come April 1

http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4

This one is really dangerous. I trust all you Windows users have all
your malware and antivirus programs as well as Windows Updates up-to-date.

Alias

"Alias's Ass Kicker" <> wrote in message
news:AgMyl.13000$...
>
> Gotta agree with you on this one. If you have your antivirus software up
> to date and don't open any attachments from people you don't know

Attachments from people you DO know are statistically MORE likely to infect
you....

--
Asking a question?
Please tell us the version of the application you are asking about,
your OS, Service Pack level
and the FULL contents of any error message(s)

"Alias" <> wrote in message
news:gqfoj6$75q$...
> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>
> This one is really dangerous. I trust all you Windows users have all your
> malware and antivirus programs as well as Windows Updates up-to-date.
>

While I agree conficker is very dangerous the article has a number of things
wrong. Here is some real information on how conficker C works and what will
happen come April 1.

http://mtc.sri.com/Conficker/addendumC/

Conficker C is not a worm like previous versions of conficker. It does not
try to spread. Starting April 1 once a day an infected computer will
generate 50,000 random domain names spread across 110 ccTLDs. It will try to
contact 500 of those domains looking for a control centre. No one except the
authors know what will happen if it finds a control centre. The most likely
scenario is it will update itself with new code as this is what previous
versions have done. At that point it may mutate back into a worm, virus, or
who knows what.

The main danger come April 1 is that the authors will be looking to register
domains and set up servers to control the infected machines. They may also
be looking to hijack existing servers that are already using domains that
match one of the randomly generated domain names. There isn't much Windows
users can do about any of this. In fact it's quite likely the owners of
Linux (and Windows) based web servers will be the most affected. If their
domain happens to match one of the randomly generated domains they may be
attacked by the authors of conficker trying to hijack the site and use it
for a control centre. At the very least they may experience denial of
service problems as they are swamped by infected computers looking for a
control centre. Most of the ccTLDs have plans in place to mitigate a lot of
this.

http://www.cira.ca/pr-conficker-c/

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/

http://www.eweek.com/c/a/Security/Th...TE03262009STR1

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"Alias" <> wrote in message
news:gqfoj6$75q$...
> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>
> This one is really dangerous. I trust all you Windows users have all your malware
> and antivirus programs as well as Windows Updates up-to-date.
>
> Alias

Alias's Ass Kicker wrote:
> "Alias" <> wrote in message
> news:gqfoj6$75q$...
>> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>>
>> This one is really dangerous. I trust all you Windows users have all your
>> malware and antivirus programs as well as Windows Updates up-to-date.
>>
>> Alias
>
> Gotta agree with you on this one. If you have your antivirus software up to
> date and don't open any attachments from people you don't know

False. Emails from people you do know are just as likely to be infected
and you say you know something about computers! LOL, what a trolling putz.

> and don't
> visit questionable sites, then you shouldn't have a problem.

Or use Ubuntu and visit any old site you like. Out of curiosity, what
constitutes a "questionable site"? Avast picked up a drive by in
Wikipedia on a friend's computer the other day. Is Wikipedia a
"questionable site", hot shot?

>
> People need to practice safe computing.

That leaves you out as you obviously don't.

>
> Just think, if there was a virus out there for Linux, there could be at
> least 5,000 computers at risk!

Try over 8 million but, rest assured, there are none and even if there
were one, it would only affect the home account and not the kernel.

You're soooooooooooooooo ill informed.

Alias
>
>
>

Peter Foldes wrote:
> http://www.eweek.com/c/a/Security/Th...TE03262009STR1
>
>

One should always have the firewall enabled in the router along with a
good password as well as doing a firmware update if necessary but that's
true with *any* operating system, not just Linux.

Alias

Alias's Ass Kicker wrote:
> "Alias" <> wrote in message
> news:gqg67m$nsa$...
>> Alias's Ass Kicker wrote:
>>> "Alias" <> wrote in message
>>> news:gqfoj6$75q$...
>>>> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>>>>
>>>> This one is really dangerous. I trust all you Windows users have all
>>>> your malware and antivirus programs as well as Windows Updates
>>>> up-to-date.
>>>>
>>>> Alias
>>> Gotta agree with you on this one. If you have your antivirus software up
>>> to date and don't open any attachments from people you don't know
>> False. Emails from people you do know are just as likely to be infected
>> and you say you know something about computers! LOL, what a trolling putz.
>>
>
> So you will never open an attachment from someone you know? HA HA - If your
> antivirus software is up to date and your antivirus defintions are up to
> date, you should be good.

Um, with Ubuntu, this isn't a problem. With Windows, I used to save the
attachment to disk and then run the AV on it, which, clueless one, is
"safe computing" and, with Windows, even that's no guarantee because it
may be a virus that your AV hasn't got the definitions for it yet.

Alias
>
> In your case all you get is SMUT so it will most likely be infected.
>
>
>>> and don't visit questionable sites, then you shouldn't have a problem.
>> Or use Ubuntu and visit any old site you like. Out of curiosity, what
>> constitutes a "questionable site"? Avast picked up a drive by in Wikipedia
>> on a friend's computer the other day. Is Wikipedia a "questionable site",
>> hot shot?
>>
>>> People need to practice safe computing.
>> That leaves you out as you obviously don't.
>>
>>> Just think, if there was a virus out there for Linux, there could be at
>>> least 5,000 computers at risk!
>> Try over 8 million but, rest assured, there are none and even if there
>> were one, it would only affect the home account and not the kernel.
>>
>> You're soooooooooooooooo ill informed.
>>
>> Alias
>>>
>

"Alias's Ass Kicker" <> wrote in message
news:bZMyl.10663$...
>
> "Gordon" <> wrote in message
> news:...
>> "Alias's Ass Kicker" <> wrote in message
>> news:AgMyl.13000$...
>>>
>>> Gotta agree with you on this one. If you have your antivirus software
>>> up to date and don't open any attachments from people you don't know
>>
>> Attachments from people you DO know are statistically MORE likely to
>> infect you....
>>
> OK. Good point. When people send you an attachment, delete it right
> away. For others, if you know what you are being sent, your CURRENT
> antivirus and UP TO DATE antivirus definitions should take care of any
> issues. If in doubt, forward them to GORDON and he will check them out.
>
>
>


Prat. Most viruses are replicated by using the addressbook on the infected
machine. You wouldn't have the email address of someone you don't know (in
terms of never having communicated by email before) on your machine, would
you?
Idiot.

--
Asking a question?
Please tell us the version of the application you are asking about,
your OS, Service Pack level
and the FULL contents of any error message(s)

"Kerry Brown" <*a*m> wrote in message
news:...
>
> "Alias" <> wrote in message
> news:gqfoj6$75q$...
>> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>>
>> This one is really dangerous. I trust all you Windows users have all your
>> malware and antivirus programs as well as Windows Updates up-to-date.
>>
>
> While I agree conficker is very dangerous the article has a number of
> things wrong. Here is some real information on how conficker C works and
> what will happen come April 1.
>
> http://mtc.sri.com/Conficker/addendumC/
>
> Conficker C is not a worm like previous versions of conficker. It does not
> try to spread. Starting April 1 once a day an infected computer will
> generate 50,000 random domain names spread across 110 ccTLDs. It will try
> to contact 500 of those domains looking for a control centre. No one
> except the authors know what will happen if it finds a control centre. The
> most likely scenario is it will update itself with new code as this is
> what previous versions have done. At that point it may mutate back into a
> worm, virus, or who knows what.
>
> The main danger come April 1 is that the authors will be looking to
> register domains and set up servers to control the infected machines. They
> may also be looking to hijack existing servers that are already using
> domains that match one of the randomly generated domain names. There isn't
> much Windows users can do about any of this. In fact it's quite likely the
> owners of Linux (and Windows) based web servers will be the most affected.
> If their domain happens to match one of the randomly generated domains
> they may be attacked by the authors of conficker trying to hijack the site
> and use it for a control centre. At the very least they may experience
> denial of service problems as they are swamped by infected computers
> looking for a control centre. Most of the ccTLDs have plans in place to
> mitigate a lot of this.
>
> http://www.cira.ca/pr-conficker-c/
>
> --
> Kerry Brown
> MS-MVP - Windows Desktop Experience: Systems Administration
> http://www.vistahelp.ca/phpBB2/
>
>
>
>


Also to be taken into account is the fear and myths that will spread before
anything has taken a hold.. :-)


--

Mike Hall - MVP Windows Experience
http://msmvps.com/blogs/mikehall/

Alias's Ass Kicker wrote:
> "Alias" <> wrote in message
> news:gqg6o7$nsa$...
>> Alias's Ass Kicker wrote:
>>> "Alias" <> wrote in message
>>> news:gqg67m$nsa$...
>>>> Alias's Ass Kicker wrote:
>>>>> "Alias" <> wrote in message
>>>>> news:gqfoj6$75q$...
>>>>>> http://tech.yahoo.com/blogs/null/128...dw6CyRT1oazJV4
>>>>>>
>>>>>> This one is really dangerous. I trust all you Windows users have all
>>>>>> your malware and antivirus programs as well as Windows Updates
>>>>>> up-to-date.
>>>>>>
>>>>>> Alias
>>>>> Gotta agree with you on this one. If you have your antivirus software
>>>>> up to date and don't open any attachments from people you don't know
>>>> False. Emails from people you do know are just as likely to be infected
>>>> and you say you know something about computers! LOL, what a trolling
>>>> putz.
>>>>
>>> So you will never open an attachment from someone you know? HA HA - If
>>> your antivirus software is up to date and your antivirus defintions are
>>> up to date, you should be good.
>> Um, with Ubuntu, this isn't a problem. With Windows, I used to save the
>> attachment to disk and then run the AV on it, which, clueless one, is
>> "safe computing" and, with Windows, even that's no guarantee because it
>> may be a virus that your AV hasn't got the definitions for it yet.
>>
>> Alias
>
> So we all have to take a chance. You could get hit by a car crossing the
> street in a crosswalk. You can't stop living and working because there is a
> virus out there.

With Ubuntu, it's not necessary. Oops.

>
> If I received an attachment from someone I knew, I would scan the document
> with the AV. If I don't recognize what was sent, then I don't download/scan
> it. BFD.

Being as no one you knows sends you emails because you have no friends
or business acquaintances, you haven't got this problem.

>
>
>>> In your case all you get is SMUT so it will most likely be infected.
>>>
>>>
>>>>> and don't visit questionable sites, then you shouldn't have a problem.
>>>> Or use Ubuntu and visit any old site you like. Out of curiosity, what
>>>> constitutes a "questionable site"? Avast picked up a drive by in
>>>> Wikipedia on a friend's computer the other day. Is Wikipedia a
>>>> "questionable site", hot shot?
>>>>
>
> Questionable sites: PORN, Gambling, sites where people don't give a ****
> what happens to your computer. Peer-to-peer music sharing, file sharing,
> software crack sites, etc....

So, hot shot, do you include Wikipedia? You didn't address that.

>
> You need to be careful where you go on the internet.

I don't. You do.

>
> I would feel safe going to abcnews.com, CNN.com, etc...

BORING.

>
>
> Got it now slick?

I got it long before you ever did or will. You're still using Windows
which is proof enough that you don't get it.

Alias
>
>
>
>