Re: Windows 98 box is 'owned'
From: Darren Kirby (bulliver_at_badcomputer.no-ip.com)
Date: 09/30/04
- Previous message: Kelly Martin: "Moderator Policy on crossposts to Security-Basics"
- Next in thread: GuidoZ: "Re: Windows 98 box is 'owned'"
- Maybe reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Maybe reply: Nazeeh ElDirghami: "Re: Windows 98 box is 'owned'"
- Maybe reply: John R. Morris: "Re: Windows 98 box is 'owned'"
- Maybe reply: Ansgar -59cobalt- Wiechers: "Re: Windows 98 box is 'owned'"
- Reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Reply: Ansgar -59cobalt- Wiechers: "Re: Windows 98 box is 'owned'"
- Maybe reply: Paul Kurczaba: "Re: Windows 98 box is 'owned'"
- Reply: Randy Williams: "RE: Windows 98 box is 'owned'"
- Reply: Patrick Benson: "Re: Windows 98 box is 'owned'"
- Reply: Darren Kirby: "Re: Windows 98 box is 'owned'"
- Maybe reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Thu, 30 Sep 2004 14:47:39 -0700
Hello all,
First of all, thanks for all the replies, it is way more than I was expecting.
After following the link provided by Bob Bermingham:
>Sounds like the box is "owned", but not in the way you suspect. From
>your description, it looks like she is infected with Netsky.P:
>http://antivirus.about.com/cs/allabout/a/netskyp.htm
I can confirm this is indeed the Netsky.P virus. The filenames listed are
EXACTLY the ones on this box. From reading the description it would seem this
is very old virus...so she (my mom) is running a very old unpatched windows
98? Please let me reiterate at this point that I am really ignorant of
windows...but I have heard that Microsoft has ended support for this old OS.
Is there still a patch available?
James Grant posted:
>2) Install ZoneAlarm. It's free and it will give her
>network protection. Set it up for her, because she may
>not want to read the pop-up questions it asks at the
>start to know what to allow.
Ironically, she installed this herself...I presume after she was already
infected. The problem with this she tells me, is that the pop-ups tell her
"foobar.exe is trying to access the internet" and she can not ever tell if
foobar.exe is legitimate or not. Unfortunately I don't think I could help her
on this point, as I would not know either...
You all pretty much suggest installing software firewall, spyware checkers,
anti-virus scanners, even a hardware firewall...all my mom does is play
freecell, check email once a day, and browse the web infrequently (1-2 times
per week), so this hardware firewall seems a bit extreme.
RandyW posted:
>Without constant monitoring though, the PC WILL become infected again, it's
>just a matter of time.
This is discouraging, as I don't have the time (nor knowledge) to monitor this
computer all the time. Perhaps it is time to say screw it and install
Slackware with a nice KDE desktop for her, because at least I would know how
to help with her problems, and it seems a lot easier than:
1) reinstall OS
2) install firewall, AV, etc...
3) patch OS in 5 minute window available (as mentioned by Kelly Martin)
4) educate Mom on use of AV, anti-spyware, good web practices (don't open
attachments, click on pop-ups etc...)
5) monitor until eventually another virus finds its way in.
6) Lather/rinse/repeat.
Sorry if I sound affected here, but being a unix guy I do not see how this
makes windows an 'easier' desktop to use. What do you all think? Is this
really what you have to do to have a usable windows networked machine?
Again, not trying to be a troll here, it is an honest question.
Thanks again for all the helpful information,
much obliged,
-d
-- Part of the problem since 1976 http://badcomputer.no-ip.com Get my public key from http://keyserver.linux.it/pks/lookup?op=index&search=bulliver "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972
- application/pgp-signature attachment: stored
- Previous message: Kelly Martin: "Moderator Policy on crossposts to Security-Basics"
- Next in thread: GuidoZ: "Re: Windows 98 box is 'owned'"
- Maybe reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Maybe reply: Nazeeh ElDirghami: "Re: Windows 98 box is 'owned'"
- Maybe reply: John R. Morris: "Re: Windows 98 box is 'owned'"
- Maybe reply: Ansgar -59cobalt- Wiechers: "Re: Windows 98 box is 'owned'"
- Reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Reply: Ansgar -59cobalt- Wiechers: "Re: Windows 98 box is 'owned'"
- Maybe reply: Paul Kurczaba: "Re: Windows 98 box is 'owned'"
- Reply: Randy Williams: "RE: Windows 98 box is 'owned'"
- Reply: Patrick Benson: "Re: Windows 98 box is 'owned'"
- Reply: Darren Kirby: "Re: Windows 98 box is 'owned'"
- Maybe reply: GuidoZ: "Re: Windows 98 box is 'owned'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
