So I’m sitting down at my computer, checking my e-mail when Outlook Express tells me I have two new messages from someone I’ve never heard of before, subject titles “!!!” and “merry christmas.” So I go to delete them as it’s probably a mistake or some sort of spamming. I highlight the first message, and a dialog box appears: “Do you wish to install “xromeo.exe” from” and that’s all there was. No location. The other message asked me if I wanted to install “xjuliet.chm.” No location, again. That’s a red flag, folks. I knew this person had (most likely) inadvertently sent me a virus. I tried to delete the files, but the worm installed itself. I had been infected with a strain of the “Romeo and Juliet” internet worm.
Let me tell you, I never thought I’d be this pissed about something that had happened to my computer. It’s just a machine, right? I type up documents on it; I send e-mail; I talk with instant messaging to friends in other places; I surf the web and build webpages. Doesn’t sound like all that much, does it? Well, as much as I don’t want to admit it, this machine is a big part of my academic life. And some prick in Poland made a virus that overwrote several files that my computer uses all the time.
This virus only overwrote .doc files at first and that was enough to drive me up the wall. I’m a writer, and I like Microsoft Word 2000 more than any other word processor. Then it got into .mp3s and .mpegs and .jpgs. That’s just too much, ya’ll. I ran McAfee Virus Scan the very second I knew the virus had gotten in, but for some reason the scanner didn’t catch anything. Over time the computer got slower and slower, and I had to reformat the hard drive. What a pain. Even after reformatting, half of my drivers are funky and nothing will install. How nice.
I have to wonder: why do programmers write these worms? What’s in it for them? To cause digital terror? The very second you begin to trust people, they turn on you. But that’s a whole other vent.
The best advice I can extend to you is to always download the latest DAT files for your scanner. New viruses are found every day. Download any patches for viruses your software applications are susceptible to, and get rid of old files that you don’t need. Don’t open e-mail that looks suspicious. However, if you get a forward that talks of a virus alert, these are rarely true. Check out Symantec.com (also known as Norton) and McAfee.com for more details.
The only way to avoid computer viruses completely is not to be connected to the internet or to use e-mail. Alas, such are not options for the college student, or even for the modern citizen in general. Give your computer the “shots” it needs.
Name: PeeR Name: slacker dave Name: Brian
Name: norm
Comments:
Yeah hey Whim folks - make this text field bigger. It's easy to do...
Comments:
You know, the funny (well, not so funny, but interesting) thing is that all of the recent DDOS attacks (that's distributed denial of service) began in universities.
To break it down, here's what happened in the case of amazon this May: hacker writes a script that repeatedly hits a web server with large amounts of information (basically a really fast ping bomb). Then, hacker writes code that exploits systems with high-speed connections. One the hacker has access to take over about 30 machines on campus, he runs the ping bomb on those 30 machines (from his home computer, mind you) and the lab machines do the dirty work rmeotely, ping-bombing a single target until the server cannot handle the incoming requests, and ultimately crashes.
I don't know if that makes sense, because this feedback window is 3 lines high... but if you get my jist, the point is that unviersities need to not only prevent damage from internal users, but external attackers as well.
Comments:
I have noticed the embarrasingly lax security at radford university.. you can log into any lab or classroom computer on campus with a completely generic user name and password. How do you get such a secret login? Why, they tape it to the monitor so knucleheads aren't deprived of their AOL instant messaging. So basically, anyone can be anonymous on our network. No user accountability = no so hot security.
Bunch of jackasses.
Comments:
"I have to wonder: why do programmers write these worms? What’s in it for them? "
The thrill. I could go on and on about this, but it's ultimately the thrill of being famous. (or notorious)
Since May, I've learned more than I ever wanted to learn about Internet Security, and the one common denominator among all vulnerability exploits is user ignorance. Radford University in particular is very lax in security, despite their claims to the contrary. Having a binder with a policy is only one of 400 steps to truly ensure that steps are taken to prevent exposure. One of the best steps to take is to move away from Outlook, and go back to Eudora.
Outlook is designed to work with your operating system, therefore exploits in Outlook can directly affect (or 'infect') system files, run macros, and lots of other good stuff.
Having converted 100% to outlook myself, I get concerned at times, but I have great resources. Check out the ICSA Labs report on virus Hoaxes. Most of the time, you'll be safe if you just don't open stuff you aren't familiar with. That's a good rule of thumb for a lot more things than email...