BugBear.b


  #1  
Old 06-08-03, 09:48 AM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
Exclamation BugBear.b

Bugbear is back. Bigger and worse than before. I'm not one to forward emails regarding virus' etc, but it alarms me when my virus protection provider sends me several emails about it, plus even goes into detail explaining how it works and how to protect yourself.

Please, please please install an AVP (antivirus protection) on your computer if you don't have one! My email provider (ISP) caught it before it hit my email box, but sometimes that might not happen. Also, update your operating system often! Weekly right now doesn't sound like a bad idea to me. Just go to Windows Update and get all the security patches they have for your operating system. This will help to protect you as well.

If you need an AVP and are not sure how to obtain one, please post here so we can give you some names, and web addresses to get one up and running immediately. It could save your computer, and also the computers of your friends and loved ones.

If you need help with a Windows Update, please post here as well so we can help walk you through it - they are actually very easy to do, but if you are uncomfortable with it then we can help explain it and why its important, and make it easier for you to accomplish it.

Kay
 
  #2  
Old 06-08-03, 11:28 AM
C
Member
Join Date: Nov 2001
Location: Taylors, SC
Posts: 9,483
Likes: 0
Received 0 Likes on 0 Posts
I have anti-virus protection - Linux Mandrake 9.1
 
  #3  
Old 06-08-03, 11:39 AM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
Me too! LOL

I just worry about those that don't have Linux or a good virus protection. Its doubtful that I will be booting into Windows for a very long time now, but occassionally I do to get to my map software, etc.

I do keep my antivirus protection current, and update while using Windows.

Kay

Ps. Thanks again for the copy of MDK 9.1! I am thoroughly enjoying it. The kids are loving it too! I like it because I have ways of keeping the kids offline when I don't want them there and it doesn't cost anything extra! It comes with LInux!

K.
 
  #4  
Old 06-08-03, 03:53 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,467
Likes: 0
Received 0 Likes on 0 Posts
***I have anti-virus protection - Linux Mandrake 9.1***
Ummmm.....
ATLANTA, Georgia (CNN) -- Computer security experts have identified what they say is the first virus capable of infecting both the Windows and Linux computer operating systems.
W32.Winux is what's known as a "proof of concept" virus. The virus was sent to an anti-virus company, and it is not now causing any problems for computer users.
"It's a technical achievement within the virus writing community, in this case the ability to infect both Windows and Linux executable files," said Steven Sundermeier, product manager with the security company Central Command

Or look here:
http://www.claymania.com/unix-viruses.html
UNIX / Linux Viruses - straight from the hip...
by Clay, Frederic and Andrew
Problem:
The myth that Linux is immune to viruses still persists.
Solution:
"We" refute this myth.
And the beat goes on...
 
  #5  
Old 06-08-03, 03:58 PM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
I also have AVP for Linux, but don't know how to install and configure it LOL. I'm just grateful that the more violent ones today aren't aimed at me, and that my email provider does scan emails before they come to me.

Kay
 
  #6  
Old 06-08-03, 06:12 PM
C
Member
Join Date: Nov 2001
Location: Taylors, SC
Posts: 9,483
Likes: 0
Received 0 Likes on 0 Posts
In all seriousness, I realize that there are viruses and worms and trojans for Linux. They just are not very popular to write because of the small installed base. The best approach is to stay up to date on patches, and run good programs. The things that make Windows so vulnerable is the plethora of problems in programs that invite exploits, the slowness of patches, and the reticence of users to install updates to their systems.

Being mindful of the traditional exploits in Windows should make any user reluctant to open suspicious e-mail, execute code with no checksum, or run a loosely secured system. So much bad stuff comes through e-mail that a server such as kaybyrd mentions, one that scans e-mail is a valuable tool in the box. I don't open e-mail with no subject or with a funny sounding one or strange return address. I don't execute unreliable code. I keep my system secure and check the updates everyday. My file and web server is isolated from the rest of the network and is run with high security. I don't run exploitable servers or programs unnecessarily.

But the hackers, they come. I have logs of port scans run and connection attempts to hammer the ports. The viruses are becoming more sophisticated, for sure. Cross-platform is more likely with Java being used in almost all platforms, instant messaging programs.

Someone spent a goodly amount of time trying to hammer into my ftp server just today.

All this is a problem for all computer users. We must remain vigilant, resourceful, and diligent in keeping the neighborhood tight and clean.

After all, we are running two Windows computers here.
 
  #7  
Old 06-08-03, 10:35 PM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
Chris,

How do you update your mandrake? I quit using control panel to do it since most of the time I can't get the updates. I started using RedCarpet by Ximian. The updates and installs seem to be flawless and I've never had trouble connecting to get the updates, either.

I didn't use it at first the MDK 9.1 since it didn't support it, only when I used 9.0, but now they support 9.1

Kay
 
  #8  
Old 06-09-03, 05:06 AM
maadi_griffin
Visiting Guest
Posts: n/a
i run norton's 2003 and i've been completely satisfied with it, especially the auto-upgrades. haven't had a problem since installing it with winxp pro when it came out. to me, both are excellent programs.
i've been the recipient of the infamous emails that tell you to delete a certain file etc etc. norton's web site addresses these issues and are always up to date whether or not they are scams or for real. virus attacks are real, but i don't lose sleep over them and i rarely give it a thought.
 
  #9  
Old 06-09-03, 09:46 AM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
maadi_griffin

Its good to hear that your AVP is up and running.

Every time I get one of those emails that you mentioned I go to google then run a search on the 'virus', then I reply to all receipients of the same email with a brief message about it being a hoax or real; and include a link to at least one valid site containing the information showing that it is a hoax or is true, how the virus works and how to protect/remove it (ex: Symantec, PandaSoftware).

Bugbear is a virus however, and is being compared to the 'iloveyou' and 'klez'. I just hate the idea of someone getting a virus, any virus, because they've neglected installing an AVP. My AVP also notifies me when a critical update (security patch - update) is available at WinUpdate as well. Updates both with the AVP and your Operating System can work hand in hand to protect your system.

Happy computing to all!

Kay
 
  #10  
Old 06-09-03, 11:15 AM
maadi_griffin
Visiting Guest
Posts: n/a
i learned my lesson a couple years back when the "chernobal" virus came out and destroyed my motherboard. back then i always thought a virus protection program was for the paranoid. expensive lesson learned.
 
  #11  
Old 06-09-03, 11:43 AM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
I learned a few years ago, but not by losing a motherboard (thank goodness) when I got a virus that was created, oh...back in the 80's LOL. Talk about feeling foolish! It corrupted all my exe files, including the operating system so a complete reformat and reinstall had to happen. All backups were corrupted....hard lesson learned especially when you have done years of genealogy work on the computer!

Kay
 
  #12  
Old 06-09-03, 06:28 PM
notuboo's Avatar
Member
Join Date: Sep 2001
Location: Kansas City MO
Posts: 1,780
Likes: 0
Received 0 Likes on 0 Posts
I have always had a preferrence for the virus"es" that would mark bad clusters on the hard drives so when you reformatted the hard drive, they were still there.

How CAN it be bad...it says it loves me!

I was never one to really have problems with virus or trogans, but I don't do too many stupid things on the internet anymore. The kids, on the other hand, man oh man... I really could not tell you how many or names of the AVP's we have on our net, but everyone's computer has one. Along with firewallswhich seem to be constantly pinged and probed.
 
  #13  
Old 06-09-03, 06:47 PM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
I wonder how many users don't really worry about AVP since they figure at some point the virus of the day has been discovered and taken care of? But...it hasn't been taken care of in the same sense that we can take flu shots, but we can still get the same type flu and others.

I also wonder how many users don't scan even the commercial software before installing it?

Question: Do you need to format a preformatted floppy disk (blank) just in case, too? Is it also necessary to check to make sure the entire blank disk (cd) is actually blank before burning anything to it? Just curious.

Kay
 
  #14  
Old 06-09-03, 08:06 PM
S
Banned. Rule And/Or Policy Violation
Join Date: Nov 2002
Location: Atlanta, Ga
Posts: 2,691
Likes: 0
Received 0 Likes on 0 Posts
I know there are many who don't believe in AVP's (just go back a few months to our old Moderator - he not only didn't run them, but strongly voiced his opinion against them.) Some people never learn - even after having crashes/reinstalls/corrupted HD's/etc. So, for the uninformed, I run 2 AVP's on my best computer. Just to take up the slack. Actually, the reason I run 2 is simple: 1 is a Freebie (AVG) scanner, the other is a name-brand, always-updated, tried and true (McAfee) scanner - there are many virii out there that target McAfee/Norton/(insert name-brand here) scanners, so my backup is the Freebie that none of the virii target. But, I do like the idea of name-brand protection too, so I run McAfee. When I say some virii target name-brand software, basically what I mean is that if it's run on a computer running the name-brand scanner, it will attempt to disable it first, then infect the computer. So, to counter that, I have a backup. Afterall, what are the chances that someone will write a virus that specifically targets my two scanners? Of course, I also keep a software firewall running, as well as the hardware firewall (router). The main reason for the software firewall is to keep an eye on what programs are trying to access the internet from my computer - or leaving ports open to potential hackers.

Like I say, this is only on my main computer - not on the webserver, not on the laptops (too much overhead) - only on the computer with plenty of CPU and RAM to run multiple programs.

Of course, if you download virii through e-mail or the internet and don't keep your virus scan fully active - none of the above will do anyone any good.
 
  #15  
Old 06-09-03, 08:22 PM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
Smile Two AVP

Brandon,

I didn't know that you could run two virus protection programs at the same time. I thought maybe they would conflict. They are different than say a word processing program.

I learn something new every day.

kay
 
  #16  
Old 06-09-03, 08:30 PM
S
Banned. Rule And/Or Policy Violation
Join Date: Nov 2002
Location: Atlanta, Ga
Posts: 2,691
Likes: 0
Received 0 Likes on 0 Posts
Haven't had any problems yet, I've been running this setup for about 2-3 months (since reinstalling my XP - if you really want to know when, go waay back in the posts ).

But, you are right, typically running 2 programs could cause some problems. I think since I'm running a name-brand and a freebie, they do not tend to conflict too much. Actually, now that I think about it, they don't both run full-protection 24/7 (I should have cleared that up). One runs 24/7 protection and the other I use on downloads and e-mails (both actually.) I always manually scan downloads with both scanners (I like the freebie, it scans much quicker than McAfee does.) I've had some instances where my freebie actually found some virii that McAfee didn't catch - more than once actually. I keep both up to date.
 
  #17  
Old 06-09-03, 08:35 PM
kaybyrd's Avatar
Member
Thread Starter
Join Date: Feb 2002
Location: N.W. MS.
Posts: 1,771
Likes: 0
Received 0 Likes on 0 Posts
That's very good to know! Thanks.

Kay
 
  #18  
Old 06-09-03, 08:55 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,467
Likes: 0
Received 0 Likes on 0 Posts
there are many virii out there that target McAfee/Norton/(insert name-brand here) scanners
yeah, i recently had one that did in my norton av AND sygate firewall. I had to use tiny personal firewall to catch it, and just the other day, I somehow(dont know how) got the yab trojan/virus and only knew when firewall told me. It was completely invisible to av.Now, I am getting actively port scanned(and they wont stop) from ip. 200.157.42.51
(Latin American and Caribbean IP address Regional Registry (NET-LACNIC-200)
Chucarro 1110 ap. 5
Montevideo, 11300
UY
Netname: LACNIC-200
Netblock: 200.0.0.0 - 200.255.255.255
Maintainer: LNIC
Coordinator:
Latin American and Caribbean IP address Regional Registry (LACNIC-ARIN) hostmaster@lacnic.net
(+55) 11 5509-3525
Domain System inverse mapping provided by:
ARROWROOT.ARIN.NET 198.133.199.110
BUCHU.ARIN.NET 192.100.59.110
CHIA.ARIN.NET 192.5.6.32
DILL.ARIN.NET 192.35.51.32
NS.LACNIC.ORG 200.160.0.7
NS.DNS.BR 143.108.23.2
NS2.DNS.BR 200.19.119.99
This IP address range has been transferred to LACNIC for administrativeoversight.
Good antivirus and good firewall are a must, and yes, a backup is a very good idea.
 
 

Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: