Infraguard Security Alert

[TCH-Dick]

InfraGard, an FBI/Homeland Security group put this out today:

 

Computers infected with the Sobig.F worm are programmed

to automatically download an executable of unknown function

from a hard-coded list of servers at 19:00 UTC (2:00pm CDT)

X-Force is recommending wholesale outbound filtering of

the following IP addresses:

 

67.73.21.6

68.38.159.161

67.9.241.67

66.131.207.81

65.177.240.194

65.93.81.59

65.95.193.138

65.92.186.145

63.250.82.87

65.92.80.218

61.38.187.59

24.210.182.156

24.202.91.43

24.206.75.137

24.197.143.132

12.158.102.205

24.33.66.38

218.147.164.29

12.232.104.221

68.50.208.96

 

The request method uses UDP port 8998. X-Force also recommends that this port be filtered outbound.

[Head Guru]

Today alone on my personal email account, I had 19 infected emails hit my inbox.

 

Stinks!

[borfast]

That's why very few people have my personal e-mail address and those who do I make sure are educated by me

 

Besides, whenever someone sends me an e-mail (to any of my addresses) and that e-mail has multiple recipients with visible e-mail addresses, they get a nice message from me explaining why they shouldn't send messages with visible multiple recipients (virus take advantage of it, spammers too...) and asking them to use BCC for the recipients

[Head Guru]

I choose not to hide my personal email address from my friends, family and coworkers.

 

That is why I run a hardware firewall and the best AV software $ can buy.

 

[borfast]

I don't hide my address from friends, family or co-workers either - but they all get educated before I give them my address

Unless, of course, I know beforehand that they won't spread my address. For instance, I gave you guys my personal address because I don't think you'll make bad use of it

[chadf]

It seems a little futile to try to get people to change their habits. Most people that I know who forward emails aren't that computer literate and don't really worry about viruses - until they get hit.

 

I've been pretty fortunate and have only been very minimally effected by the latest rash of email viruses. I use my yahoo account for most things and my personal email is kept very private. And of course I never open an attachment.

[Head Guru]

I don't hide my address from friends, family or co-workers either - but they all get educated before I give them my address

Unless, of course, I know beforehand that they won't spread my address. For instance, I gave you guys my personal address because I don't think you'll make bad use of it

I learned many years ago that I cant educate my family or friends on computer use.

 

They just dont want to learn!

 

As far as Viris emails, bring em on! Im ready!

[borfast]

I learned many years ago that I cant educate my family or friends on computer use.

 

They just dont want to learn!

LOL

That is so true...

 

I have that same problem. I keep trying to teach them how to do basic stuff, so they don't need to call me every time they need to do something a little out of the ordinary but they just seem to be afraid of learning computer related stuff

Edited September 1, 2003 by borfast

[TCH-Don]

I learned many years ago that I cant educate my family or friends on computer use

Thats why I give each family member a different addy,

and when they get infected,

I blackhole the addy and give them another

[TCH-Dick]

I have that same problem. I keep trying to teach them how to do basic stuff, so they don't need to call me every time they need to do something a little out of the ordinary but they just seem to be afraid of learning computer related stuff

 

I can beat that, try teaching your 76 year old grandmother how to use a computer

[borfast]

Thats why I give each family member a different addy,

and when they get infected,

I blackhole the addy and give them another

Now that's a good idea! I should do that too

 

I can beat that, try teaching your 76 year old grandmother how to use a computer

That's what I call a real Challenge (notice the capital 'C' )

 

My grandmother can't learn how to use a cell phone! I can't imagine how it would be like to put her in front of a computer and try to convince her that it's not a television and she's in fact controling that little arrow that moves around the screen.

 

I wonder what she'd think of pressing "buttons" that are not really there... something that she can't touch with her own hands but instead has to use that little thing attached to a cord...

 

It must be really confusing for old people but now that I think about it, it's quite interesting too

 

"A typewriter that does not print in paper but instead displays the characters in a television. Wait, it gets better: you can delete characters simply by pressing a button! Oh joy!"

Edited September 1, 2003 by borfast

[TCH-Dick]

she has actually been using a computer for years, but Windows is like a foriegn country for her, she STILL works as an accountant and has been using DOS based programs forever. I just have to explain things 792 times before it sinks in, stuff like changing the background for her e-mails.

[ztrauq]

Just one thing to note about this virus if it hasn't been mentioned already - it can apparently access a user's address book, and then send out emails spoofing any address listed as the from address. I've had a few emails that I had apparently "sent" from an OSX machine that can't be infected returned by email servers becase of the virus, and I've been worrying that people getting the email with my spoofed address might get tricked into opening it.

 

If you have the capability, I would reccomending using a program like PGP to sign all of your emails. This allows people to verify that you actually sent the message, and that it wasn't spoofed by a virus, because a virus doesn't have the password needed to calculate your signiature. This way, if people get messages from you without your signiature, they can determine that the address might be spoofed by a virus, and avoid spreading the infection.

 

That, and convincing people to use virus scanners is a good idea