| 
		
	
	
	
		
	Posts: 26,577 
	Threads: 2,110 
	Joined: Feb 2005
	
 Reputation: 
13 
	
		Reminder: Conficker day is coming up fast!
		
		
		04-01-2009, 12:23 AM 
	 
		It's due to do... something... tomorrow, as I write this. (I'm betting it's going to "call home" for an upgrade and not do anything really malicious for a few days, but the resulting network traffic will slow things down for everybody else. And my bets are usually wrong.) 
But http://www.theregister.co.uk/2009/03/30 ... discovery/]there's no excuse for letting it run on your computer .
 
So beat the rush, and make sure your anti-virus definitions are up-to-date today...
-- Rob Kelk
 "Governments have no right to question the loyalty of those who oppose
 them. Adversaries remain citizens of the same state, common subjects of
 the same sovereign, servants of the same law."
 
 - Michael Ignatieff, addressing Stanford University in 2012
		
	 
	
	
	
		
	Posts: 1,138 
	Threads: 161 
	Joined: Feb 2005
	
 Reputation: 
0 
	
		Pulling on my CISSP hat
		
		
		04-01-2009, 12:42 AM 
	 
		Okay.
 Updating your virus definitions is not enough.
 
 First and foremost.  Patch your systems.  MS08-067.
 
 Second.  Patch your systems (See above)  Call your parents/computer illiterate siblings/aunts/uncles/ficus benjaminas/etc.  have them patch their systems.
 Walk them through the process.  Use small words, rude gestures and hand puppets as required.
 
 Third - most good anti-virus software has a buffer overflow protection option - turn it on.  MS08-067 is a buffer overflow.
 
 Fourth treat all USB devices as you would your dick (or your dick by proxy, or your favorite dick substitute)  Do not place them in any orifice without
 sufficient protection (It could be that very available picture printer at the supermarket or that Triple-slotted gigabyte gargler at the internet cafe, or even
 the staid business-like one at work).  The most prevalent way Conficker makes its way onto protected networks is through unprotected USB devices.  Disabling
 autorun on your systems is the first step is wrapping your stick before you...
 
 Fifth - patch you Oedipal-Gerund systems!
 
 If you have not patched by this point, patch your system, update your virus scan software and do a full scan with heuristics enabled.  Be warned that some
 variants of Conficker will attempt to disable A/V software.
 
 Shayne
 
		
	 
	
	
	
		
	Posts: 668 
	Threads: 22 
	Joined: Oct 2003
	
 Reputation: 
0 
	
	
		This is probably the infection I had to PURGE BY FIRE a year ago on some computers at my office. It even had a protocol for infecting the utilities on U3 USBdrives, I started a campaign to get people to take those stupid things out.
 - Grumpy Uncle Gearhead
 
		
	 
	
	
		There is no coincidence, only necessity....
 - Clow Reed
 
		
	 
	
	
	
		
	Posts: 2,219 
	Threads: 134 
	Joined: Jun 2005
	
 Reputation: 
2 
	
	
		Question -- no, two questions: 1) what exactly does the phrase "patch your systems" mean and how should it be done; and2) what are "heuristics," and how does one go about enabling them? That term doesn't appear anywhere I saw on the control panel
 for my anti-virus protection (Norton).
 
 Abusive comments as to how I should shut up and get off the 'Net because of my ignorance will not be helpful.
 -----
 Big Brother is watching you.  And damn, you are so bloody BORING.
 
		
	 
	
	
	
		
	Posts: 28,134 
	Threads: 2,301 
	Joined: Sep 2002
	
 Reputation: 
21 
	
	
		According to the Windows Secrets newsletter, Conficker blocks antivirus sites, Microsoft Update, and a number of other locations on the Web that might help youdefeat it. As a result, you can very easily test to see if you're infected by actually going to McAfee, Norton, Grisoft, Microsoft.com, etc. If you can get
 there, you don't have the virus.
 -- Bob
 ---------
 Then the horns kicked in...
 ...and my shoes began to squeak.
 
		
	 
	
	
	
		
	Posts: 2,635 
	Threads: 170 
	Joined: Mar 2008
	
 Reputation: 
0 
	
	
		Quote:Abusive comments as to how I should shut up and get off the 'Net because of my ignorance will not be helpful.  
Abusive comments will be met with withering scorn.
 
'Patch' in this context, refers to Windows patches, to improve security, compatibility, performance (or to degrade any of same), and they are available from windowsupdate.com, or windowsupdate.microsoft.com, or most likely by hitting start -> Windows Update. 
 
The next Linux bigot that tries to jerk my chain about Conficker (I run a Windows network at home, quite a few of my friends run Linux networks. I don't lol..  much..  when their stuff doesn't work), is gonna bring home a handful of their own freaking TEETH.
"No can brain today. Want cheezeburger." From NGE: Nobody Dies, by Gregg Landsman
 http://www.fanfiction.net/s/5579457/1/NGE_Nobody_Dies
 
		
	 
	
	
	
		
	Posts: 1,382 
	Threads: 33 
	Joined: Sep 2007
	
 Reputation: 
0 
	
	
		Patch in this case refers to go to either XP/Vista's 'Windows Update' in the Control Panel, or go to the Windows Update Website (http://update.microsoft.com/microsoftupdate/ ) and download and install KB958644 (or all important/critical listed updates if you're not into digging). Get Norton/McAfee to do a  live/auto update and then run a full system scan. They should be able to find the thing, if you have it. 
---
 
The Master said: "It is all in vain! I have never yet seen a man who can perceive his own faults and bring the charge home against himself."
 
>Analects: Book V, Chaper XXVI
	
		
	 
	
	
	
		
	Posts: 668 
	Threads: 22 
	Joined: Oct 2003
	
 Reputation: 
0 
	
	
		In all honesty, Conficker isn't a problem if you've kept up with your Windows Update routine. I've made the occasional need to reboot the computeras soon as I've really just gotten it turned on some afternoons a part of my routine. Some people don't even know you can get updates from Microsoft,
 though, or have downplayed it.
 
 Which is why there's an estimated infection of over a million computers out right now.
 - Grumpy Uncle Gearhead
 
		
	 
	
	
	
		
	Posts: 26,577 
	Threads: 2,110 
	Joined: Feb 2005
	
 Reputation: 
13 
	
	
		Yes, patch your system as well. (I'm used to doing that as soon as the patches are available...) 
And it looks like http://www.theregister.co.uk/2009/04/01 ... ctivation/]my bet was wrong ... but that's no excuse to not take computer hygene seriously.
Edit:  And here's http://www.dshield.org/conficker]a list of actual anti-Conficker resources  (as opposed to the scareware and malware that are pretending to be anti-Conficker tools). Ignore the ads (in case any of them are for scareware and malware that are pretending to be anti-Conficker tools); trust only the list in the article itself.
-- Rob Kelk
 "Governments have no right to question the loyalty of those who oppose
 them. Adversaries remain citizens of the same state, common subjects of
 the same sovereign, servants of the same law."
 
 - Michael Ignatieff, addressing Stanford University in 2012
		
	 
	
	
	
		
	Posts: 2,219 
	Threads: 134 
	Joined: Jun 2005
	
 Reputation: 
2 
	
	
		Well, I was able to get through to Norton, my computer's been set since I got it to automatically install Windows (and onlyWindows) updates, and I use my USB drives as interim back-up memory, never plugged into any computer but my own, so maybe I'm
 relatively safe.
 
 Mooses gracious to all who explained the advice to me.
 -----
 Big Brother is watching you.  And damn, you are so bloody BORING.
 
		
	 
	
	
	
		
	Posts: 1,450 
	Threads: 168 
	Joined: Oct 2003
	
 Reputation: 
2 
	
	
		DHB, if as of yesterday you installed all windows updates from LAST YEAR, you're okay. The update to fix the issue was released around Nov 1, 2008.
	 
		
	 |