[thelist] The New Worm - need some help to clean it
Frank
lists at frankmarion.com
Mon Aug 11 23:58:36 CDT 2003
At 06:08 PM 8/11/2003 -0700, you wrote:
>Do all you can to protect yourself on this one, its a real pain. :(
Grrr! F%@ S^%# P^!!!! <swear, curse and bitch!>
I just got taken down by a combo of trojans, and I have no idea how they
got there. I thought that my security was drum tight. The last three days
was about rebuilding my system from scratch--twice. I empathise.
>This worm SERIOUSLY degrades my internet connection. I'd say 50-100%
>packet loss. That I can get this email out is a serious task. Anyway,
>can anyone point me to anything else I can do to clean my system? ZA
>seems to block port 135 attacks every time, but cannot of course
>clean the worm. The Norton update didn't clean it, and the MS updates
>didn't fix it (BIG surprise eh?)
First set up ZoneAlarm.
http://www.zonelabs.com
Then get this fine log reader- It makes ZA's logs actually intelligible.
It's free, and I now consider it a "must have".
http://www.visualizesoftware.com/
You don't need to have port 135 open. Use ZA to close it altogether, and
close it manually. Go here, spend half a day reading the whole site from
top to bottom.
https://grc.com
Finally,
This piece of software is a butt kicker. It's not really for the newbie
though. Most techies will handle it fine. Frankly, it's as impressive as it
is scary.
TDS-3
http://www.diamondcs.com.au/?hop=supportale.diamondcs
This is is the review page that lead me there.
http://www.anti-trojan-software-reviews.com/
I've tried a number of them, none could help me out. This is the only one
that identified the issue and tried to resolve it.
Anyhow, those were my ugly lessons of these last 3 days.
--
Frank Marion lists at frankmarion.com Keep the signal high.
More information about the thelist
mailing list