A 'Good' worm, is still a worm

Spinner

The previously reported 'W32.Welchia' worm (or MSBlast.D/W32.Nachi) has been reported to have started unhealthily overloading corporate networks with its aggressive scans for vulnerable hosts.

"This is local clogging as opposed to worldwide Internet clogging," said Jimmy Kuo, a research fellow at security software company Network Associates. "There are many areas of local pain."

The originally labelled 'good' worm, infects computers it detects that aren't protected against the original MSBlast worm and then attempts to download a patch to protect the system it has inhabited. Eventhough the worm seems to have good intentions, its aggressive spread has resulted in many clogged networks.

"It's faster," Kuo said. Previous versions of MSBlast tried to spread to 20 different network addresses at a time but had to wait for each attempt to fail, if no computer was at that address. The Nachi variant tries to spread to 300 different addresses at a time and doesn't wait, letting it spread very fast.

The full report:
http://news.com.com/2100-1002_3-5065644.html?tag=lh

Related News:
http://www.short-media.com/forum/showthread.php?s=&threadid=2574

CaffeineMe

Bossman is making me stay late because of lusers who continue to have issues with this dog. Virus writers should be hung.

Spinner

I agree, my girlfriend got two emails today containing the same virus, they were specific first generation carriers of a new virus which came out yesterday. Luckily for her, I had installed NAV a long time ago, and it swiftly delt with the pesky things. Still...

It's gonna get worse before it gets better.

QCH

I've been chasing these viruses for the past 2 days... My laboratory has over 1000 pc's and over 100 are infected. We blocked the ports yesterday in the early morning, since then, it has been bouncing around our site. We are now blocking any pc that exibits signs of having the virus.... this is going to carry out for then few days!!! MSBlaster & Nachi are driving me crazy.

Shorty

Same here

Busted two shareholders trying to hook their laptops into the network yesterday because "we don't have broadband and can download the fixes/updates quicker here" :mad2:

Im just glad I was able to stop them before hand! All clean at the moment & Id it to stay that way.

a2jfreak

Why do people continue to use Outlook and IE?

If someone tells you "don't do that, or you can break your leg" and then you do it and break your leg do you keep doing it again and again and again, and each time breaking your leg? If you do, you're pretty dumb. So why keep using Outlook and IE? Whether or not you feel IE is superior to another browser in its ability to render a webpage is almost completely mooted by its security flaws. Whether or not you feel Outlook is the best thing since sliced bread is irrelevant if your system is always doing things you don't want (sending out virii, crashing, whatever). Why not use something else?

Mozilla and Opera are two common alternatives to IE.

Eudora and Courier are fine alternatives to Outlook.

Need a calendar and all the other features of Outlook that are so nice? Get something else. So it's not all tied into one program . . . big deal. Is using 2 programs or, gasp, 3 programs truly that difficult that the risk is worth it?

Thrax

IE renders the code better than any other browser existence and has the largest volume of third-party support for any browser in existence. That's a pretty good reason to use it.

Eudora is equally capable of receiving the viruses through email, as is Courier.

A more apt analogy is: You can change the mailbox, but the mailbomb will still explode.

primesuspect

How about: There's no excuse to not be running Windows update daily. For enterprises, this is what network admins are for.

Omega65

primesuspect said
How about: There's no excuse to not be running Windows update daily. For enterprises, this is what network admins are for.

If your on braodband (like most of us here) Windows Updates should be part of the daily or weekly routine. My three machines each upgraded themselves today.

But if your on Dial-up it can be a different story(It's still no excuse not to Update once a month). But I tell people it's better to not use IE & Outlook just to avoid the virus headache.

I agree with a2jfreak completely.

a2jfreak

For the sake of argument I will agree it renders code better, even though that's questionable.

Third-party support? What because sites are written in non-compliant HTML to take advantage of IE's "features?" Write HTML that isn't IE-ized and everything is fine.


Equally capable of receiving? Yes.
Equally capable of executing? No.

The mailbomb will not necessarily explode if the fuse only remains lit if it is put into a certain type of mailbox. Put it into a different type of mailbox and the fuse is cut.

Thrax said
IE renders the code better than any other browser existence and has the largest volume of third-party support for any browser in existence. That's a pretty good reason to use it.

Eudora is equally capable of receiving the viruses through email, as is Courier.

A more apt analogy is: You can change the mailbox, but the mailbomb will still explode.

That's great, but not a 100% fix.

primesuspect said
How about: There's no excuse to not be running Windows update daily. For enterprises, this is what network admins are for.

Thrax

No, third-party support would be plugins that are becoming industry-standard.

Flash, Shockwave, support for those came on IE long before anyone else. Viewpoint 3d web viewer, gaining in popularity for its ability to display 3d models in 3d, especially popular with newer 3d modellers...Only on IE. Many web-java clients only function on IE, etcetera.

Rendering code better isn't questionable. After 4 years of web development with pure HTML, it's fact. Perfectly html-compliant webpages are screwed by nutscrape, opera, or fireturd's rendering engines.

I've stopped caring.