VICUG-L Archives

Visually Impaired Computer Users' Group List

VICUG-L@LISTSERV.ICORS.ORG
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: info on confiker, from Kim Komando, get this around, folks!
From:
David Poehlman <[log in to unmask]>
Reply To:
David Poehlman <[log in to unmask]>
Date:
Tue, 31 Mar 2009 16:50:11 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (217 lines) 
be sure to listen to my next show, we are gonna deep fry fish.

On Mar 31, 2009, at 2:17 PM, Harry Brown wrote:


Hi all,
Here's today's tip of the day from Kim Komando, and it's a duzy!
This is no joke, forward this to everybody you know.  If it's from Kim  
Komando, it's truth!
Harry
Conficker prepares to rule the world!

3/31/2009

Q. My friend was telling me about Conflictor. That's a computer thing  
that is going to take over the world. Or, maybe not. I assume this is  
an April Fool's

joke. Right?

—Mamie in Miami, listening on WIOD 610 AM

A. No, Mamie, Conficker (not Conflictor) is the real thing, I'm  
afraid. No one knows what it's going to do. But it probably won't be  
good. (Conficker is

also known as Downadup and Kido.)

April 1, compromised machines will contact hundreds of computers on  
the Web. They will get their marching orders, whatever they may be.

Maybe they will start sending spam. Or, they could be roped into  
massive armies to attack other computers. Those are called distributed  
denial of service

attacks. They're used to blackmail sites that need to be online.

Or, Conficker might steal confidential information from its host  
machine. That could be in addition to other bad deeds.

Conficker has reportedly compromised millions of Windows machines.  
Symantec says 3 million. The Washington Post said 12 million, without  
attribution.

Cisco says 10 million in 150 countries. It puts China at 3 million;  
Brazil, 1 million; and Russia, 800,000. The United States has an  
estimated 200,000 compromised

computers.

Counterfeit Windows installations are common in China, Brazil, Russia  
and elsewhere. Microsoft won't update counterfeit installations. So  
those machines

are wide open. (Somehow, I don't think Microsoft is helping its  
customers with this policy.)

Business networks apparently also are vulnerable. They usually have  
good security against the outside world. But they may lack security on  
individual machines.

So if malware gets past the gates, it can run wild internally. That's  
especially true if the machines use weak passwords. Conficker can  
launch dictionary

attacks.

Conficker takes advantage of a flaw Microsoft patched in October. Lots  
of people don't patch their machines—even when they're legitimate.  
When Conficker

gets in, it patches the flaw itself. That keeps other criminals out.  
(Thanks, Conficker!)

The result: System administrators cannot scan for unpatched machines.  
At least, that's the idea. Researchers recently found a flaw in the  
Conficker patch.

That will help identify compromised machines on networks. Scanning  
software companies are working hard to capitalize on that.

Conficker also blocks anti-malware sites. So, if you have outdated  
protection, you supposedly can't update it.

Conficker is professionally written. That is why it has spread so  
capably. Criminals in Eastern Europe are believed to be behind it.

Of course, it's possible that the April 1 date is a red herring. Even  
if Conficker installations are updated on April 1, they won't  
necessarily do anything.

Remember, these are probably criminals looking to make money. You  
don't make money by shutting down the Web. That's vandalism. Most  
criminals prefer stealth.

So, April 1 may pass uneventfully for civilians. Pros watching traffic  
online will probably see a lot going on.

There is a slim chance that Conficker is vandalism. In that case,  
maybe just the host machines will be attacked. But "slim" probably  
overrates this idea.

This thing is too well done. Old style viruses were written by barely  
competent people.

So, this all raises the question of protection. Do you have Conficker  
on your machine?

Well, that depends. Do you keep your security programs up to date?  
Update Windows regularly? Delete spam immediately? If you answered yes  
to these questions,

infection is unlikely.

If you're lackadaisical about security, you may be infected. How do  
you tell? Well, there are tools out there to help.

I have several on my site.

So, let's say you find Conficker. What then? Well, get it off your  
machine first. Then run Windows Update. Open Internet Explorer and  
click Tools>>Windows

Update. Download and install critical and important updates.

Once that's done, install and update security software. I've got  
everything you need at my

Security Center.

I would also sign up with OpenDNS. This is a free service that makes  
for faster surfing. (DNS stands for domain name service (or server or  
system). These

servers translate names like

www.komando.com

  to Web addresses, like 66.210.246.140.) So, we already use it. I  
have a link to

http://www.opendns.com

But OpenDNS also teamed with Kaspersky (a Russian security company)  
against Conficker. It blocks every Web address Conficker uses online.  
So, if you have

Conficker, it couldn't connect online. I'd install OpenDNS pronto. If  
you already have OpenDNS, you're set.

It gives you safer, speedier Web surfing

To locate Web sites, computers use IP numbers. But numbers like  
66.102.7.104 are difficult to memorize. That's where DNS (domain name  
system) comes in.

DNS allows us to use names like www.komando.com instead of numbers.

Behind the scenes, computers still work with IP numbers. Lists of  
matching names and numbers are kept by DNS servers. Enter an address,  
and your browser

requests the matching number from a DNS server.

This lookup process takes valuable time. DNS servers typically keep  
only partial lists. Often, one request is forwarded through several  
servers. Many are

halfway around the globe.

OpenDNS is a free service that aims to speed up this process. OpenDNS  
servers keep more complete lists than other DNS servers. Also, your  
browser's requests

go to the OpenDNS server closest to you.

You don't have to download anything to use OpenDNS. It's available  
through a simple change of Internet connection settings. The OpenDNS  
site includes instructions

for changing these settings in Windows. There are also instructions  
for those who connect through routers.

OpenDNS does more than speed up Web surfing. It can also keep you  
safer. OpenDNS keeps an updated list of phishing sites. If you get  
fooled into visiting

one of these sites, OpenDNS will block it.

OpenDNS can also protect you from Web address misspellings. Misspelled  
addresses often lead to advertisers who profit from accidental  
visitors. OpenDNS

corrects common misspellings on the fly to deliver the sites you want.

Cost: Free!

One other thing: I remember sitting up New Year's Eve, waiting for the  
Y2K bug. I think I started with Australia. Nothing ever happened. So,  
you might not

want to hold a Conficker party. The whole thing could be anticlimactic.

Leave list: [log in to unmask]

VICUG-L is archived on the World Wide Web at http://listserv.i cors.or  
g/archives/vicug-l.html

Send questions on list operation to [log in to unmask]


    VICUG-L is the Visually Impaired Computer User Group List.
Archived on the World Wide Web at
    http://listserv.icors.org/archives/vicug-l.html
    Signoff: [log in to unmask]
    Subscribe: [log in to unmask]

ATOM RSS1 RSS2