They're not "Morons" Bill...just "End Users". ;)
Make sure the auto-update is set to automatically download and install
critical updates (simple to do on a system image or push via SMS or other
remote management software)...and you're pretty much ok. Filtering these
viruses is really up to the IT Staff/NOC as they need to make sure that the
firewalls and mailservers are updated. The last two companies I worked at
(in the IT field)...we never had a virus - firewall, systems management, and
email server were all setup to prevent this type of problem (Yes...Linux,
SUN, and Windows servers/clients).
- Bernd
----- Original Message -----
From: "Bill Pitz" <dakota@billpitz.com>
To: <dakota-truck-moderator@bent.twistedbits.net>
Sent: Monday, May 03, 2004 11:54 PM
Subject: Re: DML: OT new virus
>
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >On 5/3/2004 11:45 PM, KenCo wrote:
> >
> >| http://www.microsoft.com/security/incident/sasser.asp
> >
> >We got hit by this one at work, but I don't know the full extent of it.
> >~ At home, the data light on my cablemodem was blinking constantly
> >(probably due to this and other nasties) within 24 hours of getting
> >hooked up here at the new apartment, but my Linksys firewall kept
> >everything out.
>
> Yet another worm that hits the MORONS (yes, that's right, MORONS!) who
> don't run Windows Update. The reason I call them morons is because of
> the ~30 people I talked today who had this virus, most of them have
> been infected and told numerous times by me or my colleagues to run
> Windows Update regularly. And yet, did they do it? No... And then
> they wonder why the get infected again.
>
> It's like the people who smoke a pack a day and claim that they
> "didn't know" smoking causes cancer.
>
> So, if you're a Windows user, the lesson you should learn from this is
> VISIT THE WINDOWS UPDATE SITE REGULARLY!!!!!!
>
> Grumble. Anyway, yeah, the infected machines are trying like crazy to
> spread which is something that's going to impact everyone. There are
> also several variants. I cleaned a machine for a customer today that
> had a variant of the Sasser virus on it that wasn't even detected by
> McAfee or Norton yet. She got infected with it within a few minutes
> after she cleaned off the first infection of the original Sasser
> virus. The same pigs that wrote the Netsky virus are claiming
> authorship of this one, which explains a lot of its very similar
> behavior patterns (and the prevalence of variants).
>
> Sorry for the rant. I'm tired. :-)
>
> -Bill
>
This archive was generated by hypermail 2b29 : Tue Jun 01 2004 - 10:59:11 EDT