OpenEuphoria: Forum: virus alert

virus alert

new topic » topic index » view thread » older message » newer message
Posted by Kat <gertie at ZEBRA.NET> Apr 01, 2000
382 views
This has nothing to do with Eu, but since i don't want to see anyone here
crashed, and since some of us are doing internet programming with Eu, this
is the fastest way to alert all of you......

If you do not have a *firewall* or port *blocker* running on a Micro$oft OS
puter, you need to look at this, then do something about the fileshare
ports:

 http://www.nipc.gov/nipc/advis00-038.htm


The ports 137, 138, and 139 are normally open on all Microsoft operating
systems. In fact, in at least one MS OS, if you turn off everything that
would use these ports, such as fileshares and "network neighborhood", the OS
will still have the ports open. Nukenabber does NOT count as a blocker or
firewall.

kat

***************************

SUBJECT: NATIONAL INFRASTRUCTURE PROTECTION CENTER INFORMATION SYSTEM
ADVISORY (NIPC ADVISORY 00-038); SELF-PROPAGATING 911 SCRIPT

1. A RECENT AND BREAKING FBI CASE HAS REVEALED THE CREATION AND
DISSEMINATION OF A SELF-PROPAGATING SCRIPT THAT CAN ERASE HARD DRIVES AND
DIAL-UP 911 EMERGENCY SYSTEMS. WHILE INVESTIGATION AND TECHNICAL ANALYSIS
CONTINUE, THE SCRIPT APPEARS TO INCLUDE THE FOLLOWING CHARACTERISTICS:

A. ACTIVELY SEARCH THE INTERNET FOR COMPUTER SYSTEMS SET UP FOR FILE AND
PRINT SHARING AND COPY ITSELF ON TO THESE SYSTEMS.

B. OVERWRITE VICTIM HARD DRIVES.

C. CAUSE VICTIM SYSTEMS TO DIAL 911 (POSSIBLY CAUSING EMERGENCY AUTHORITIES
TO CHECK OUT SUBSTANTIAL NUMBERS OF "FALSE POSITIVE" CALLS).

2. TO THIS POINT CASE INFORMATION AND KNOWN VICTIMS SUGGEST A RELATIVELY
LIMITED DISSEMINATION OF THIS SCRIPT IN THE HOUSTON, TEXAS AREA, THROUGH
SOURCE COMPUTERS THAT SCANNED SEVERAL THOUSAND COMPUTERS THROUGH FOUR
INTERNET SERVICE PROVIDERS (AMERICA ON-LINE, AT&T, MCI, AND NETZERO).
DISSEMINATED SCRIPT MAY BE PLACED IN HIDDEN DIRECTORIES NAMED CHODE,
FORESKIN OR DICKHAIR. FURTHER SCRIPT ANALYSIS BY THE FBI/NIPC CONTINUES.

3. FBI/NIPC REQUESTS RECIPIENTS IMMEDIATELY REPORT INFORMATION RELATING TO
USE OF THIS SCRIPT TO THE LOCAL FBI OR FBI/NIPC WATCH AT
202-323-3204/3205/3206. AS MORE TECHNICAL OR OPERATIONAL INFORMATION ABOUT
THIS SCRIPT DEVELOPS, NIPC WILL DISSEMINATE THIS INFORMATION THROUGH THE
CARNEGIE MELLON CERT, ANTIVIRUS VENDORS OR ITS OWN WEB SITE (www.nipc.gov),
AS APPROPRIATE.




----------------------------------------------------------------------------
----

[ Back to Advisories, Alerts and Warnings ]
OpenEuphoria

virus alert

Search

Include:

Quick Links

User menu

Misc Menu
