bah - some people are missing the point - you can have a perfect security/virus set up and still be screwed by this stupid thing.

Evidently not....

I guess my investment in the CPU Condem was a solid one, no ITD's here

bah - some people are missing the point - you can have a perfect security/virus set up and still be screwed by this stupid thing.

We are all screwed by it regardless. But the more obstacles you can put in its way the better. Don't open unknown e-mail, question all e-mail, protect however you can, hope, and put up with the mess these things are making of something that could be so good.

You think that's a lot of e-mails. Well I get 700 junck mail everyday and then I got a virus that gives you like 500. So 700+500=??? You do the working out.

goodmorphing, no we are not all screwed...

we've yet to have one phone call about any of this and not one issue with network speed falling off or anyone unable to make use of their email at over 50 client sites.

Only apply MS updates that you read up on and choose to apply = turn off automatic updates

Active Virus monitoring and daily auto updates turned on.

Active Software Firewall and daily auto updates turned on.

Disable auto opening attachments in email program set to prompt, if it can't do it then get one that can.

Active registry scanner with daily auto updates turned on.

Active Register monitor with daily auto updates turned on.

Automatic running of scripts turned off, script filtering turned on.

Encrypted Secure Tunnel/Portal for your Internet connection. No one including your service provider needs to know what you do, buy, sell and where you go on the net it is not their business.

Drive and file transfer encryption, email encryption.

Hardware firewall with filtering enabled for Broadband AND/or Dialup is advisable also.

put an old computer together with two nicks in it and run it as a proxy server or NAT box and Gateway then secure the hell out of it.

There is no reason other than not knowing what to do for a system or a network to be open to such stuff beyond lack of user intervention.

Does this all mean 100% secure? No... does it mean that you can go years without any problem, without a doubt yes.

You know I laughed when MS presented IPv6 as an upgrade to IPv4. With the ability to bypass NAT security built into it. Talk about 1 step forward 10 back, give it time and a new storm will hit everyone who has jumped up to IPv6 that just installs it and doesn't do any security tweaking by leaving everything as a default.

Kind of like OS's and NOS's and leaving them set as default beyond creating extremely simple pass words.

No I am not saying anything about anyone who's been hit with this crap in the least. But if someone is in the business of Networking and IT Security and they got hit I feel bad for them because it really be very likely to happen if things are setup correctly, statistically.

Common home users and business users alike shouldn't be expected to just know how to avoid this kind of thing. But IT Professionals sure as hell should and if they don't learn when something like this happens they should consider some crash courses fast and CIO's FIO's CEO's should get off the money to send them to classes. On going education should be key to keeping IT Dept's level to or ahead of most issues. Also corporate subscriptions to various tech sites so they can interact with their peers and have brain storming chats and such, or just pass information on between each other, tricks, tweaks and past knowldge.

After all, business theses days IS the data on the network which includes email.

IPlural kicks soapbox back under the desk and slips back into wackybobo mode

anyway.. just my uneducated opinion



[Message Edited]

http://labrea.sourceforge.net/labrea-info.html
LaBrea: "Sticky" Honeypot and IDS
LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers connection attempts in such a way that the machine at the other end gets "stuck", sometimes for a very long time

Supported platforms
The latest version of LaBrea has been tested on:

OpenBSD
Linux
Solaris
Windows (98/ME/2000/XP)

SourceForge.net is the world's largest
Open Source software development website,
with the largest repository of Open Source code and applications available on the Internet. SourceForge.net provides free services to Open Source developers.


http://sourceforge.net/


Browse by Operating System:

http://sourceforge.net/softwaremap/trove_list.php?form_cat=199



[Message Edited]

IPlural, you can take all the precautions in the world to protect your machines from the virus but, as has been pointed out countless times and seemingly ignored on every occasion, the only thing you have to have done to be affected by this thing is give your e-mail address to someone. If your e-mail address is stored on someone's machine, regardless of whether that's in an address book, e-mail, text file, cached web page, or whatever, and that machine gets infected, then you'll start receiving hundreds of 'undeliverable mail' and 'virus alert' messages from mail servers who think you're sending them the virus due to your address being spoofed.

You can be the world's best IT expert, but unless you've never sent or received an e-mail in your life you're at high risk of being affected. If you haven't been affected then I can only congratulate you on your luck. The fact that so many of us have been affected means nothing whatsover about the security measures we may or may not have in place. It's all down to the lack of knowledge on the part of some unknown person elsewhere on the planet who happens to have encountered our e-mail addresses at some point.

Why is this so hard for people to understand? It's so frustrating to keep reading this nonsense from those who have so far managed to escape unscathed.

Nonsence?

Look this isn't the first worm to hit the net that attacks address books, or web sites or servers. Dealing with personal systems is all anyone can do unless they happen to be in IT and in control or connected to the administration of servers. That is what I addressed above, personal computers and what one can do to protect their systems and my thoughts on the IT end of things.

As far as not being able to do anything goes. Take a look at Spamkiller, you might be suprise just how much that alone can do to keep the crap out of your box. Not stop it from being sent but killing it when it shows up.

Mcafee
http://us.mcafee.com/default.asp


Get the email you want and nothing else. McAfee SpamKiller quickly and easily helps you stop spam from polluting your inbox with advanced rule-based and list based filtering.

SpamKiller is THE Leading Anti-Spam Product for Consumers and Small Businesses

Benefits

With fraudulent, inappropriate and offensive emails being delivered in vast quantities to adults, children and businesses every day, spam protection is an essential component of your PC's security strategy. Whether you want to eliminate spam as quickly and easily as possible, or crave the power to fight back, McAfee SpamKiller is for you. No other email filtering solution offers so many features, or is as easy to set up and use.


Block emails using both lists and preset filters
Update internal filters automatically
Filter MSN/Hotmail, POP3 and MAPI email
Create custom filters
Quarantine spam outside of your inbox
Import "friends" automatically into your safe list
Monitor and filter multiple email accounts
Fight back against spammers
Report spam to McAfee


Kill the crap as it hits...





[Message Edited]

Key Features

24-hour protection provides vital Internet security for dial-up, DSL, and cable modem users.


ENHANCED! Ad blocking now stops even more banner ads, pop-up windows, pop-under windows, and other Web distractions.


LiveUpdate™ automatically downloads new security updates.**


Norton AntiVirus™ Professional Edition
NEW! Detects and blocks viruses in instant message attachments.

ENHANCED! Automatically removes viruses, worms, and Trojan horses.

Scans and cleans both incoming and outgoing email messages.

ENHANCED! Script Blocking and new Worm Blocking can detect new threats even before virus definitions are created for them.


Data recovery protects important applications and files from accidental deletion.


Norton™ Personal Firewall
Intrusion Detection automatically blocks Internet attacks.

NEW! Alert Assistant indicates the level of an Internet threat and helps you choose the best response.


NEW! Security Monitor displays the status of your Internet protection and lets you stop or resume all Internet traffic with a click of a button.


Automatic program control determines which programs can safely connect to the Internet.


Norton™ Privacy Control
ENHANCED! Prevents confidential information from being sent out without your knowledge.


Norton™ Spam Alert
NEW! Helps you keep junk mail out of your inbox by checking email coming in via popular POP3 clients such as Microsoft® Outlook® Express, Eudora®, and Netscape® Messenger.


Norton™ Productivity Control
Lets you block access to distracting newsgroups and Web sites.

Allows you to set up different Internet access privileges for each user.

Web Tools
NEW! Web Cleanup deletes unneeded files left over from Internet sessions.


NEW! Connection Keep Alive helps prevent dial-up Internet sessions from being interrupted.



** One year of Internet security updates included with purchase of Norton Internet Security 2003 Professional Edition; annual subscriptions available for subsequent online updates.

nope not a thing you can do about it....

I'll not post anymore in this thread, being nonsensical and all that.

nothing personal and nothing personal taken..

IPlural: Your advice is good, but it is hard for most people to follow what you mean. Don't forget you are a power user.

Example: For the average user it is hard to decide what MS updates to install. Often technical terms are used which are incomprehensible for average users. Even for a power user it is hard to decide what to install or not. 99.9% of such updates are OK. So, what is good advice? If you are uncertain then install it? In those rare situations where things can go wrong for some users one can often find information on the net how to correct installed bad MS updates. And you can always ask friends to help you out. There is this message board too of course.

I'll not post anymore in this thread, being nonsensical and all that.

MadIce is puzzled. Nah. I don't think so. Please continue.