Jeff Posted December 8, 2005 Share Posted December 8, 2005 Security outfit iDefense is reporting that the next Sober worm attack will take place on 5 January - the 87th anniversary of the founding of the Nazi party. The information has been gleaned from breaking encrypted code in the latest version of Sober which dominated the November anti-virus ratings. According to iDefense, "the November 22 variant is designed to download an unknown payload of code on January 5, 2006". Click Here As we reported last month, Sober accounted for "one in every 13 emails sent and 42.9 per cent of all viruses reported to Sophos" in the November threat chart. The last variant was delivered as an email attachment to messages - either in German or English - allegedly emanating from police agencies warning users they are under investigation for visiting illegal websites. Once the attached file is run, the worm "scans the user's hard drive for email addresses, in its search for fresh targets for infestation". It also tries to disable security software on infected Windows PCs. Regarding the apparently political timing of the next expected assault, Joe Payne, vice president, VeriSign iDefense Security Intelligence Services, said: "This discovery emphasizes the ever-present and often underestimated threat of 'hacktivism' - combining malicious code with political causes. Exposing this latest variant required technical and geopolitical analysis that connected the dots to give enterprises and home users plenty of time to shore up their defenses." Quote Link to comment Share on other sites More sharing options...
Tracey Posted December 8, 2005 Share Posted December 8, 2005 So is not opening suspicious emails enough to protect our PC's from this? What do you do, Jeff? Quote ...............Chase (FTH Smooth Talker), Morgan (Cata), Reggie (Gable Caney), Rufus (Reward RJ). Fosters check in, but they don't check out. Forever loved -- Cosmo (System Br Mynoel), March 11, 2002 - October 8, 2009.Miss Cosmo was a lady. And a lady always knows when to leave. Link to comment Share on other sites More sharing options...
Jeff Posted December 8, 2005 Author Share Posted December 8, 2005 never open stuff like that, but no, that in itself is not enough. Install a decent virus scanner there are good free ones available http://www.avast.com/eng/avast_4_home.html (Free) Avast - What I use http://www.grisoft.com/doc/289/lng/us/tpl/tpl01 (Free) AVG - also very good Also install a firewall http://smb.sygate.com/products/spf_standard.htm (Free) Sygate Quote Link to comment Share on other sites More sharing options...
Tracey Posted December 8, 2005 Share Posted December 8, 2005 Would you recommend those in addition to the Norton stuff I have, or instead of? I know there was a thread not too long ago where everyone basically agreed Norton was subpar, but I wasn't sure if I should dump it or just augment it with the other. Quote ...............Chase (FTH Smooth Talker), Morgan (Cata), Reggie (Gable Caney), Rufus (Reward RJ). Fosters check in, but they don't check out. Forever loved -- Cosmo (System Br Mynoel), March 11, 2002 - October 8, 2009.Miss Cosmo was a lady. And a lady always knows when to leave. Link to comment Share on other sites More sharing options...
Jeff Posted December 8, 2005 Author Share Posted December 8, 2005 yeah, Norton is pretty much crap, but you don't want to run more than 1 software firewall at a time. If you are happy with Norton keep it, if not uninstall it and get your computer back from the Norton grasp. Quote Link to comment Share on other sites More sharing options...
Tracey Posted December 8, 2005 Share Posted December 8, 2005 uninstall it and get your computer back from the Norton grasp. 1799039[/snapback] Well, I guess that right there tells me all I need to know. Thanks! Quote ...............Chase (FTH Smooth Talker), Morgan (Cata), Reggie (Gable Caney), Rufus (Reward RJ). Fosters check in, but they don't check out. Forever loved -- Cosmo (System Br Mynoel), March 11, 2002 - October 8, 2009.Miss Cosmo was a lady. And a lady always knows when to leave. Link to comment Share on other sites More sharing options...
Guest Soriams Posted December 10, 2005 Share Posted December 10, 2005 Makes me glad I have a mac.... Quote Link to comment Share on other sites More sharing options...
Jeff Posted December 10, 2005 Author Share Posted December 10, 2005 Macs are not immune http://www.theregister.co.uk/2005/12/01/secfoc_macos/ http://www.theregister.co.uk/2005/09/19/sy..._threat_report/ Quote Link to comment Share on other sites More sharing options...
Wonder Posted December 10, 2005 Share Posted December 10, 2005 downloaded Quote Kari and the pups.Run free sweet Hana 9/21/08-9/12/10. Missing Sparks with every breath.Passion 10/16/02-5/25/17 Link to comment Share on other sites More sharing options...
Guest mantis Posted December 10, 2005 Share Posted December 10, 2005 Jeff: I have AVG on my machine and I love it but don't have the firewall that you talked about but will look into it. Thanks for the heads up. Quote Link to comment Share on other sites More sharing options...
Guest Soriams Posted December 11, 2005 Share Posted December 11, 2005 True that macs are not imune, but at least it is a bit of extra protection against my roommate's dirty, dirty computer. Quote Link to comment Share on other sites More sharing options...
Guest btiedt Posted December 11, 2005 Share Posted December 11, 2005 I use zone alarm for the free firewall and avast for the e-mail. I have been told that virus's are passes in attachments so if you do not open the attachement, then you are safe (and you are running anti-virus software). I rarely open attachments even jokes ones that friends pass. Never open them. Is this true that virus's are always in the attachment? Quote Link to comment Share on other sites More sharing options...
Jeff Posted December 11, 2005 Author Share Posted December 11, 2005 not really, malware and virus can also be spread from malicious web sites, or implanted if your computer is hacked into, but the most common way is through email or online downloads. Quote Link to comment Share on other sites More sharing options...
Guest mummytogreys Posted December 11, 2005 Share Posted December 11, 2005 jeff, do you fancy hosting a weekly computor class, for those of us who find this all a bit "over our heads"? or maybe its just me lol... Quote Link to comment Share on other sites More sharing options...
Jeff Posted December 11, 2005 Author Share Posted December 11, 2005 I just post the virus warnings I see. When the last big one hit, we got a bundle of email to our helpdesk, that is because many of the GT users were infected and didn't even know it. The virus sent to everyone listed in the persons inbox, our helpdesk included. It became worse after SS started because 360+ people now have the address to the helpdesk, and however many of those infected now send to us. I find it funny when people say "I've never had a problem, or a virus" but the fact of the matter is... you may not know you do, but all the people in your inbox sure know that you have a problem! Quote Link to comment Share on other sites More sharing options...
Guest BigPercy Posted December 11, 2005 Share Posted December 11, 2005 My computer keeps blocking something from W32.Sober.X Same thing???? Quote Link to comment Share on other sites More sharing options...
Guest Pat2003 Posted December 11, 2005 Share Posted December 11, 2005 Just went to download the fire wall and - Important Notice: Effective November 30th, 2005 all Sygate personal firewall products will be discontinued. This does not affect Sygate's Enterprise firewall and endpoint compliance products, which will still be updated and supported. I down loaded the avast anti-virus software and removed all the Norton stuff which I think included a fire wall. Any other suggestions for a fire wall? Quote Link to comment Share on other sites More sharing options...
dobelvr Posted December 11, 2005 Share Posted December 11, 2005 (edited) Jeff, My desktop is infected with something right now. My son opened an email and thats where it started. We have the Mcaffey provided by msn but I guess that didn't work. Mcaffey also has a firewall as does windows xp. Are these not sufficient or have I not set them up properly. We run ad aware frequently. I have downloaded the AVG software and spybot and would like a recommendation for a free firewall. Thanks for letting us pick your brain. Sandy Edited because I forgot to mention I am working on my laptop not the desktop. Edited December 11, 2005 by dobelvr Quote Link to comment Share on other sites More sharing options...
Jeff Posted December 11, 2005 Author Share Posted December 11, 2005 The windows built-in firewall is not sufficient, no. By choosing to open the email, you pretty much bypass the firewall, they are designed to stop forced entry, not so much email virus, but that is where your virus scanner comes in. Your virus scanner if updated, and designed to scan emails before you open them, should catch things like that. Always be sure you have the latest virus definitions for your virus scanner, most new ones, download those definitions automatically and check for them at least daily, if not every few hours. I don't have a personal recommendation for a firewall. I am behind a hardware firewall, plus also run a software firewall (ZoneAlarm Pro) but even knowing what I am doing, ZoneAlarm is a bear to setup and use, so I don't really recommend it. Quote Link to comment Share on other sites More sharing options...
kronckew Posted December 12, 2005 Share Posted December 12, 2005 (edited) best solution is a hardware firewall, a software firewall, and an anti-spyware and anti-virus system that updates itself frequently (some do daily or even more frequent updates). hardware (& ms windows firewall) are good at protecting you from unsolicited intrusion from outside, but not from anything that you have 'invited' in via websites or email, file share systems, dodgy downloads, etc. a layered approach useing some or all of these is best, depending on how paranoid you are. Software Firewalls: i'm a bit prejudiced, as i am a moderator for their user based support forum, but agnitum's outpost firewall pro has beaten many of the others, norton, ZA, sygate, etc. in side-by-side tests and the current version three has a number of plugins to assist in anti-spyware, ad & popup blocking and a number of other attack threats. there is a version 1 available as freeware which is quite good, but the paid version is much better now, there may be a free reduced feature version soon. now that sygate has been killed by semantec to keep competition away from their bloated offering, and with many ZA people crossing over, outpost is a viable option for many. there is a free to download 30 day trial version available, so feel free to try it before you buy it & if you don't like it, you're not out anything. make sure if you have used zone alarm before (or any other personal firewall) to completely deinstall it before installing outpost or any other flavour firewall as they cannot co-exist. the windows firewall should also be disabled in the security centre if you install any other firewall. if you accept the default settings of outpost, you can then go on to explore it's many other settings that can be used to further tighten up the security. it's not a install & forget solution, you will need a modicum of computer literacy to use it fully, but those of us running the forum are there to help if you get stuck. (and we are greyhound tested and approved by blue & millie) ad-aware, one of the most well known anti-spyware systems has just done a deal to bundle a reduced version (some of the outpost plugins are not available, main firewall functionality is the same tho) with their security systems. have a look at www.agnitum.com and/or at the ad-aware site. as far as wether you should use a free or a paid version of security software, it depends on your budget, how much you can afford to lose if you get zapped and are infected, and how much it will cost to recover any files, letters, and other documents, music, etc. destroyed by the baddies. also how much you have in your accessable bank accounts if they manage to spy out your account details. remember 2 things: you get what you pay for caveat emptor good luck all! Edited December 12, 2005 by kronckew Quote Regards, Wayne KronckeCAVE CANEM RADIX LECTI ET SEMPER PARATUSVegetarians: My food poops on your food. Link to comment Share on other sites More sharing options...
mareyeka Posted December 19, 2005 Share Posted December 19, 2005 will downloading a new firewall cause any conflicts with the windows firewall? Quote Remembering the games we used to play: Games We Used to Play: A Hop, Skip and Jump Down Memory Lane Oscar (Answer to Chevy): 8/23/02-8/13/07 & Dee (Cee Bar Denise): 12/23/98-8/28/08. Order your own copy of Oscar's Diaries: Life as a Retired Greyhound Link to comment Share on other sites More sharing options...
nyGreys Posted December 19, 2005 Share Posted December 19, 2005 will downloading a new firewall cause any conflicts with the windows firewall? 1820003[/snapback] That's what I was wondering. Quote Link to comment Share on other sites More sharing options...
Jeff Posted December 19, 2005 Author Share Posted December 19, 2005 yes, you don't want to run more than one firewall at a time. Microsoft Firewall is very poor, it should not be relied on. Also, it is only an inbound firewall, not an outbound. Here is something interesting.... most modern firewalls automatically disable the Microsoft firewall when they are installed. Now if those programs can disable it, don't you think a virus can too Other firewalls are not able to be disabled by programs like the Microsoft firewall can. Quote Link to comment Share on other sites More sharing options...
greyhoundlov Posted December 22, 2005 Share Posted December 22, 2005 (edited) My McAffee just caught a Sober Worm trojan horse...a bogus e-mail from E-bay. Edited December 22, 2005 by greyhoundlov Quote Mary in Houston Everyone has a photographic memory, but not everyone has film. LAND OF THE FREE BECAUSE OF THE BRAVE Link to comment Share on other sites More sharing options...
jodyksam Posted December 22, 2005 Share Posted December 22, 2005 My McAffee just caught a Sober Worm trojan horse...a bogus e-mail from E-bay. 1826907[/snapback] Wow... Jeff, my school has a firewall, but when I take my laptop home (it belongs to the school, but I use it at school and at home), I'd like firewall protection. What would you recommend? I read where you said to not run more than one at a time, but obviously I need some kind of protection when using the laptop at home. Quote Mom to Daisy (1999-2012), LB (aka Little Bit), and Sammy James (aka Sammy or Buddy) Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.