19 August 2003 - New Microsoft E-Mail Virus - W32/Sobig.F-mm

Marc

Marc

Fully vaccinated are you?
Leader
Laura M said:
Knock on wood, but I havent seen it.
My AV software is as up to date as I have been notified, but I don't get a 'rejected' message either. I'm not looking for trouble either, hope this doesn't get me any.....
Click to expand...
If your virus definitions (signatures) are up to date and your computer is firewalled (Tiny Personal Firewall is a very good one that I use on my peecee) you shouldn't have a problem.

I have found out - after helping a friend get rid of the blaster worm on his computer - that Windows XP's 'buiilt in' firewall is pretty tight. But we had to keep turning it off to get anything - like new virus definitions and 'the patch'.
 
Marc

Marc

Fully vaccinated are you?
Leader
Bob_M said:
I believe most people that CAN setup linux/unix systems from scratch know how to properly protect their systems from the rest of the world. Us Microshaft users are typically plug and play and good old bill appearantely doesn't not protect MS by default, and would rather have us upgrade to the newest version (which is the safest ever blah blah), than fix the holes. Don't get me wrong, I'm an MS user, because I wan't plug and play computers, but I also like to tweak. *shrug*
Click to expand...
I believe you're correct. Those that CAN set up 'nix boxes are typically 'techies' to some degree.

In the /. discussion, a major point was Macs ship 'locked down' and MS machines are shipped open to the world. I believe I saw a headline yesterday that MickeySoft is 'considering' shipping the OS in locked down mode rather than open mode. Duh...

I went through a lot of 'lookin' when I set up my peecee here - the CheechWizard server. Bottom line is my only liability is worms and break-ins because I get my mail with my Mac. I don't need a virus checker but I did need a configurable firewall. Norton and McAfee were too structured (plug and play) and disrupted too many services (as Windows XP's firewall apparently can). Tiny Personal Firewall is all I use. It's been online over 2 years and *as far as I know* it has not been broken into or otherwise compromised. I have file and printer sharing open to the world, but that just means someone has to know the password to get in. I can even watch people as they try to get in via alternate ports by ftp, etc., but no success to date.

If you want to 'look' at your machine, there are several places to do it. But note: Just because you machine can be scanned doesn't mean it is vulnerable.
They each over hype things a bit, but give you an idea of where your box stands. Remember, these do not address e-mail viruses, but rather check for vulnerabilities that the MSBlaster worm used and other port vulnerabilities which someone could potentially use to break into your computer.

My favourite is: https://www.grc.com - the scanner is at: https://www.grc.com/x/ne.dll?bh0bkyd2

https://scan.sygate.com/ Is another.

https://www.pcflank.com/test.htm Is yet another.

Don't let "This port has responded to our probes. This means that you are not running any application on this port, but it is still possible for someone to crash your computer through known TCP/IP stack vulnerabilities." bug you too much. As long as you keep OS patches current and in place you shouldn't have a problem. There's a lot of FUD spread by the firewall and virus folks.
 
Claes Gefvenberg

Claes Gefvenberg

Admin
Marc said:
I have found out - after helping a friend get rid of the blaster worm on his computer - that Windows XP's 'buiilt in' firewall is pretty tight. But we had to keep turning it off to get anything - like new virus definitions and 'the patch'.
Click to expand...

XP's firewall is pretty decent as long as it's all about keeping things out. If something does get in however, it (if my information is correct) does nothing to stop things from getting out. If a worm gets into your system (yeuch! :eek: ) it will be able to do it's dirty work and post the results to the rest of the world....

/Claes
 
D

db

I have Windows XP Professional and I have one recurring bug that will probably require re-installation. It is important to note that this only occurs when accessing https://Elsmar.com/Forums. As soon as I try to go anywhere from the main page, a popup for AboutCars.com jumps out. I have everything set up for prompting (such as cookies and scripts), and I get no prompt for the popup. I have been told that the webmaster of the site does not do advertising, so I guess I must have something going on in my system.

On another note, if I attempt to log in at elsmar.com/Forums, I can log in, but I get notice that I don't have permission to do anything. I have cleared all of my cookies, deleted all temp files and erased my history, but nothing seems to change.
 
R

Randy Stewart

db have you been a bad boy????
You better see if the Sheriff is tinkering with your computer! :biglaugh:
 
Claes Gefvenberg

Claes Gefvenberg

Admin
db said:
I have Windows XP Professional and I have one recurring bug that will probably require re-installation. It is important to note that this only occurs when accessing https://Elsmar.com/Forums. As soon as I try to go anywhere from the main page, a popup for AboutCars.com jumps out.
Click to expand...

Uh, oh.... :eek: That's a strange bug... Sorry to have to say it, but that does not sound like a bug at all to me, but rather as if you have something in your system that doesn't belong there. I'm no expert though.. Any other opinions?

Anyway: Check your system.

/Claes
 
D

db

Claes Gefvenberg said:
rather as if you have something in your system that doesn't belong there
Click to expand...

Yeah, but that I would call that a bug. My virus protection is up-to-date, and can find nothing. I have a firewall. It sounds to me like some setting has been changed, but I can't find it anywhere.
 
B

Bob_M

db said:
Yeah, but that I would call that a bug. My virus protection is up-to-date, and can find nothing. I have a firewall. It sounds to me like some setting has been changed, but I can't find it anywhere.
Click to expand...

It sounds more like spyware/adware.

Download Ad-Aware

https://www.lavasoftusa.com/

check for updates within the program then scan you computer.

The free version is good at getting rid of spy and ad ware that you probably didn't even know was there...
 
B

Bob_M

Purchasing/VP just got w32.sobigf virus/worm from one of our vendors.
Definitions were not upto date. :(
Removed worm,
but we're still getting the email from our vendor and who ever else infected us...

Can we issue a corrective action to our vendor for supplying NC email? TEEHEE
 
Claes Gefvenberg

Claes Gefvenberg

Admin
Bob_M said:
Can we issue a corrective action to our vendor for supplying NC email? TEEHEE
Click to expand...
Um... I wouldn't do that, because it's very likley that they didn't send it. Sobig picks a mail addie at random and displays it as the sender. Yet another smoke screen...

db: I agree with Bob, i was thinking about some ad or spyware too. AV software will not catch them, but a firewall may, if it deals with outgoing traffic in addition to the incoming stuff. Ad Aware is good. get it, but be warned: You may be in for a bit of a shock if you haven't used it before.

/Claes
 
You must log in or register to reply here.

Similar threads

Forum Administrator
  • Locked
  • Sticky
Terms & Conditions of Use
Replies
0
Views
15K
Forum Administrator
Forum Administrator
Wes Bucey
The FIRST computer virus - only on Apple?
Replies
5
Views
3K
Jim Wynne
Jim Wynne
Marc
Top viruses, worms and malware in 2006
Replies
2
Views
2K
Marc
Marc
Jim Wynne
Worm Alert - How to avoid computer worms and viruses
Replies
4
Views
3K
Marc
Marc
R
New Virus Alert - 3 February 2006
Replies
4
Views
3K
Coury Ferguson
Coury Ferguson
Top Bottom