-
The BladeForums.com 2024 Traditional Knife is ready to order! See this thread for details: https://www.bladeforums.com/threads/bladeforums-2024-traditional-knife.2003187/
Price is$300$250 ea (shipped within CONUS). If you live outside the US, I will contact you after your order for extra shipping charges.
Order here: https://www.bladeforums.com/help/2024-traditional/ - Order as many as you like, we have plenty.
Code Red Worm!! Watch out guys!!!
- Thread starter SkagSig40
- Start date
- Joined
- Apr 9, 2001
- Messages
- 2,170
Here is some info on the worm...
================
The first line will always contain "Hi! How are you?" in the first line, and "See you later. Thanks" as the last line (in english or spanish). It may come from a friend or acquaintance that has you on their email list, therefore, you may think it came from someone you know. Do NOT open the attachment!
You can see a complete profile at:
http://www.sarc.com/avcenter/venc/data/w32.sircam.worm@mm.html
================
This is from one of the other boards I frequent for the studio. The link takes you to Symantec's Anti-Virus site and gives you info on the little bugger and a fix.
Just remember to watch what you open for the next few days. Even if you recognize the individual who sent (supposedly) the e-mail to you.
'Nite....
Alan
================
The first line will always contain "Hi! How are you?" in the first line, and "See you later. Thanks" as the last line (in english or spanish). It may come from a friend or acquaintance that has you on their email list, therefore, you may think it came from someone you know. Do NOT open the attachment!
You can see a complete profile at:
http://www.sarc.com/avcenter/venc/data/w32.sircam.worm@mm.html
================
This is from one of the other boards I frequent for the studio. The link takes you to Symantec's Anti-Virus site and gives you info on the little bugger and a fix.
Just remember to watch what you open for the next few days. Even if you recognize the individual who sent (supposedly) the e-mail to you.
'Nite....
Alan
Cougar Allen
Buccaneer (ret.)
- Joined
- Oct 9, 1998
- Messages
- 75,836
There's a bit of confusion here.... The Code Red worm that will peak again (or try to) Wednesday evening only affects certain internet routers. It might cause the net to slow down for a while but it cannot infect home computers.
Whether it'll slow net traffic significantly depends on how many of the owners of those servers are so lazy or stupid they still haven't downloaded the patch from Microsoft. I'm going to stick my neck out and predict it won't have any great effect this time and next month when it will attempt to peak for the third time I predict it won't be entirely extinct but it'll be much too rare by then to have any noticeable effect on the net.
That worm was designed to scan the net for vulnerable systems where it can install itself, and eventually after building up many copies of itself all over the net, launch a denial of service attack on the White House website. It failed; all they had to do to stop that was change the White House IP address (it still has the same DNS address and service was only interrupted very briefly).
I should explain that.... A DNS (Domain Name Server) address is something like www.bladeforums.com Your DNS server has to translate that to the IP (Internet Protocol) address, currently 216.199.11.131 for Bladeforums, before you can go to Bladeforums. It's done that way because humans find it easier to remember an address like www.bladeforums.com than 216.199.11.131 which is what the computers use. So, all they had to do to stop the attack on the White House website was to tell the DNS system to translate www.whitehouse.gov to a different number than the one Code Red was attacking ... that left it attacking nothing; there was no longer anything there at that address to attack.
But Code Red is still around and it's still scanning the net for vulnerable systems to install itself on to prepare for another futile attack on nobody. That scanning activity will reach another peak Wednesday night, and if there are enough copies of it doing it, it'll take up a lot of bandwidth and slow down other traffic.
There is some concern that someone might modify Code Red to do other more effectively nasty things, but even if that happens it can't infect your computer; it can only infect an operating system that is only used on a few internet routers -- so again, it could cause some problems on the net but not on your computer. Most routers don't use that operating system and surely most of those that do have had the patch installed by now.
The virus that's going around Bladeforums is the SirCam virus. Details here: http://www.bladeforums.com/forums/showthread.php?s=&threadid=162970
Briefly, you have nothing to worry about unless you both don't have any virus protection (or haven't updated it) and you click on the attachment when it gets emailed to you. The attachment comes with varying file names but it's not difficult to recognize; just read the thread and/or the page at Mcafee (there's a link to it in the thread). Refusing to open any email attachments anyone sends you is unnecessary.
Whether it'll slow net traffic significantly depends on how many of the owners of those servers are so lazy or stupid they still haven't downloaded the patch from Microsoft. I'm going to stick my neck out and predict it won't have any great effect this time and next month when it will attempt to peak for the third time I predict it won't be entirely extinct but it'll be much too rare by then to have any noticeable effect on the net.
That worm was designed to scan the net for vulnerable systems where it can install itself, and eventually after building up many copies of itself all over the net, launch a denial of service attack on the White House website. It failed; all they had to do to stop that was change the White House IP address (it still has the same DNS address and service was only interrupted very briefly).
I should explain that.... A DNS (Domain Name Server) address is something like www.bladeforums.com Your DNS server has to translate that to the IP (Internet Protocol) address, currently 216.199.11.131 for Bladeforums, before you can go to Bladeforums. It's done that way because humans find it easier to remember an address like www.bladeforums.com than 216.199.11.131 which is what the computers use. So, all they had to do to stop the attack on the White House website was to tell the DNS system to translate www.whitehouse.gov to a different number than the one Code Red was attacking ... that left it attacking nothing; there was no longer anything there at that address to attack.
But Code Red is still around and it's still scanning the net for vulnerable systems to install itself on to prepare for another futile attack on nobody. That scanning activity will reach another peak Wednesday night, and if there are enough copies of it doing it, it'll take up a lot of bandwidth and slow down other traffic.
There is some concern that someone might modify Code Red to do other more effectively nasty things, but even if that happens it can't infect your computer; it can only infect an operating system that is only used on a few internet routers -- so again, it could cause some problems on the net but not on your computer. Most routers don't use that operating system and surely most of those that do have had the patch installed by now.
The virus that's going around Bladeforums is the SirCam virus. Details here: http://www.bladeforums.com/forums/showthread.php?s=&threadid=162970
Briefly, you have nothing to worry about unless you both don't have any virus protection (or haven't updated it) and you click on the attachment when it gets emailed to you. The attachment comes with varying file names but it's not difficult to recognize; just read the thread and/or the page at Mcafee (there's a link to it in the thread). Refusing to open any email attachments anyone sends you is unnecessary.
- Joined
- Mar 5, 1999
- Messages
- 34,096
Thanks for heads up and, Cougar, thanks for usual knowledgeable and valued info.
- Joined
- Oct 28, 2000
- Messages
- 1,077
This virus does not affect Macintosh computers nor those using Unix so this is essentially a non issue with these users. One exception is those who use PC emulators who will get hit with this bug.
- Joined
- Apr 9, 2001
- Messages
- 2,170
Thanks Cougar,
I guess I read too fast. The info I posted was for the Sircam virus, not the Red Worm thingie....
My days are getting weird and every now and then I pop up for a breath of fresh air. That is when I jump around and try to catch up on the boards I frequent. I guess I should take longer breaks
Later everyone (taking a deep breath and going back under)
Alan
I guess I read too fast. The info I posted was for the Sircam virus, not the Red Worm thingie....
My days are getting weird and every now and then I pop up for a breath of fresh air. That is when I jump around and try to catch up on the boards I frequent. I guess I should take longer breaks
Later everyone (taking a deep breath and going back under)
Alan
- Joined
- Mar 5, 1999
- Messages
- 34,096
I think I escaped and I hope everybody did.
- Joined
- Mar 5, 1999
- Messages
- 34,096
Seems they overestimate damage in most of these cases.
Cougar Allen
Buccaneer (ret.)
- Joined
- Oct 9, 1998
- Messages
- 75,836
It's a self-defeating prophecy. According to www.cnn.com over a million sysadmins downloaded the patch in the last few days. If there hadn't been all that screaming DOOM! DOOM IS NIGH! DOOM, DOOM! all over the net those million idiots who didn't download the patch during the first outbreak wouldn't have downloaded it in time for the second either and there would have been doom. Same as Y2K....
Same with ecological disasters. I actually read somewhere that Silent Spring was a failed prediction. Huh??? Rachel Carson wrote a book about what would happen if we didn't stop using DDT, everybody and his hamster read that book, and we decided to stop using DDT -- was that a failure???
The younger members of this forum probably never heard of DDT and won't know what I'm talking about. They probably never heard of thalidomide, either -- not that anybody predicted the thalidomide disaster, but it's because of that disaster that we have all that government regulation of the pharmaceutical industry now that the Republican politicians keep complaining about -- and if we forget about the thalidomide disaster and let the politicians do what they want we'll have another one. It's easy to believe there's too much government regulation as long as your kids are born with arms and legs....
Sorry ... got a bit off-topic there ... um ... if your computer got an incurable virus and you didn't know how to reformat your disk so you decided you had to put your computer out of its misery, what kind of khukuri would be the best to use?
Extra credit: if you caught the originator of SirCam which of your khukuris would you use and which bits would you chop off first?
Same with ecological disasters. I actually read somewhere that Silent Spring was a failed prediction. Huh??? Rachel Carson wrote a book about what would happen if we didn't stop using DDT, everybody and his hamster read that book, and we decided to stop using DDT -- was that a failure???
The younger members of this forum probably never heard of DDT and won't know what I'm talking about. They probably never heard of thalidomide, either -- not that anybody predicted the thalidomide disaster, but it's because of that disaster that we have all that government regulation of the pharmaceutical industry now that the Republican politicians keep complaining about -- and if we forget about the thalidomide disaster and let the politicians do what they want we'll have another one. It's easy to believe there's too much government regulation as long as your kids are born with arms and legs....
Sorry ... got a bit off-topic there ... um ... if your computer got an incurable virus and you didn't know how to reformat your disk so you decided you had to put your computer out of its misery, what kind of khukuri would be the best to use?
Extra credit: if you caught the originator of SirCam which of your khukuris would you use and which bits would you chop off first?
- Joined
- Mar 5, 1999
- Messages
- 34,096
Good point, Cougar, and I know which bit I would chop off first but I don't think the censor will allow me to state the bit.