Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Nov 2002
Posts: 1,146
Likes: 1
Ice Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Nov 2002
Posts: 1,146
Likes: 1
The virus, which has combined many old attack techniques into a successful package, was hardly blunted by antivirus programs during the first few hours of its exponential spread.

That's a problem, said Shlomo Touboul, CEO of security software maker Finjan Software.

"The MyDoom attack should never have propagated so far into the Internet," he said. "It is obvious that we need another layer (of software) to protect during the first hours of attack."

Despite a deep understanding of how such viruses spread, security experts seem to be at a loss at how to stop them. Popular antivirus technology is generally ineffectual against many of the attacks until an update is downloaded by the user. Moreover, even though antivirus software is the most popular security technology in use--about 99 percent of corporations use it, according to the Computer Security Institute--many home users still don't use the software.

"Many people don't even have the software," said Bruce Schneier, chief technology officer for Counterpane Internet Security. "And for those that do, the first few hours of an epidemic is a race against time."

MyDoom spread through e-mail a week ago, infecting a new computer every time an unwary user opened the attached filed containing the program. As many as 2 million computers may have been infected. The original virus was programmed to attack The SCO Group's Web site last Sunday, while a variant is scheduled to target Microsoft on Tuesday.

E-mail service provider MessageLabs has quarantined more than 17 million e-mail messages in a week, said Alex Shipp, senior antivirus technologist for the company. From data captured early in the epidemic, MessageLabs says that for every Internet address with an infected PC behind it, eight e-mails are sent, on average, to one of the company's customers.

However, even though companies are still seeing massive quantities of e-mail messages bearing the MyDoom virus, the spread has slowed, stressed Shipp.

"I don't think that there are going to be many more people who are left to get infected," he said. "It has gotten most of the available pool of (unwary) people to open it."

The rapid spread opens new questions about how users and companies should defend themselves against the next virus. New software may not be the solution, Counterpane's Schneier said. Instead, the balance between usability and security may have to be re-evaluated.

"It's a fundamental question," he said. "Is the ability to execute attachments from Outlook a feature or a bug? I think it is a bug."

Unless such threats are dealt with, many more computers connected to the Internet may be compromised. While MyDoom infects PCs and turns them into platforms from which to attack other PCs and to send spam, other attacks could be possible and even more devastating, said Paul Mockapetris, chairman and chief scientist for Internet technology firm Nominum.

"People should anticipate that (the attacker) is going to point these hacked PCs at other sites--that's coming," he said. "What's going to be the security of all Web sites if those attacks get more prevalent?"

Already, SCO is feeling the pain. The company's Web site is the primary denial-of-service target of PCs infected with the original version of the MyDoom virus. At 8:09 PST on Sunday morning, infected PCs were programmed to deluge the site with data.

The attack, which effectively shuts down a site by flooding it with a deluge of information, is hard to stop, said Blake Stowell, a spokesman for SCO.

"You have to try and think creatively about how to solve the problem," he said. "Is it something that you have to throw money at it or to think creatively and come up with a technical solution?"

After trying to keep its site up, SCO took its address out of the domain name system, the global yellow pages for the Internet. It's now referring people to a new Web site.

The same thing could happen to Microsoft's main Web site, starting Tuesday. A second variant of the MyDoom virus, which has hasn't spread as far as the original, will begin sending data to the software giant's site. Microsoft would not comment Monday on its defenses, except to say that the company had prepared for the attack.

Other security experts believed Microsoft would fare better than SCO.

"It just goes to show what possibilities exist out there," said Vincent Gullotto, vice president of antivirus research for security company Network Associates. "When this was supposed to happen to Microsoft last year, I think they dealt with it in a more effective manner."

CNet News


Good artists copy, great artists
steal.

-Picasso
Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
PEBKAC and they should know better by now, so its pointless. Ignorance.


Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5