Full ArticleQuote:
Computer viruses became more intricate and spread at a faster speed in the first half of 2003, posing a grave threat to computer networks, Symantec Corp. reported Wednesday.
Printable View
Full ArticleQuote:
Computer viruses became more intricate and spread at a faster speed in the first half of 2003, posing a grave threat to computer networks, Symantec Corp. reported Wednesday.
What is the internet coming to? Soon we will have to go back to the dark ages.Quote:
These threats are also spreading faster than ever before. The Slammer worm had a worldwide impact within a few hours, while the Blaster virus infected around 2,500 computers every hour.
Guidance...
Computers are becoming cheaper and there apparently is a greatly increased number of malicious "hackers" and virii writers.
Not if people become security literate and protect themselves; two, the people who are writing this code need to grow up. It's not funny to shut down peoples computers, **** them up, or flood the interenet any more than it is for any malicious "hacker"(mainly skiddies) to run some program they do not even understand and mess with peoples computers.Quote:
What is the internet coming to? Soon we will have to go back to the dark ages.
Main Points:
1) The public needs to be security literate
2) Skiddies and virii writers need to grow up
PM8228,
It takes time to make people security conscious... but time won't make the others grow up :)
i hate viruses, its a waste of tanlent
You need talent to create a virus? No way... virus creation kits?
However, if you mean waste of talent fixing/protecting against, then I completely agree. :)
All,
I read last weekend (can't remember where) that the University of Quebec will be including a course on writing virii in it's CS curriculum. The idea is that if people understand how they work they wil be better preparred to deal with them.
That was the universities point of view. I happen to vehemently disagree.
If i can find the article I'll come back and edit...
Hi Folks,
All of a sudden I feel very, very, old. I can remember the days when we connected at 9,600 Baud (roughly equivalent to BPS).
I remember one of my people developing an internal communications system to run on an IBM S/38, and us discussing what to call it, we chose "e-mail" :D ...............my PC booted DOS (about v3.0, I think) There were probably a few dial-up BBS sites around, but no internet as we know it now.
My point is that I consider the Symantec analysis to be a bit "weak".............of course malware is travelling faster and further...it is called technology. My current modem would fire crap out at 578,000Bps..................we have cable, satellite and DSL? There are more targets?
A biological analogy................if there are 5 farmers living twenty miles apart and one contracts strep throat..............chances are the others won't?.......50,000 soldiers on an army camp an the MO will be quite busy?
It is all down to technology and environment IMHO :)
Just my £0.02
Cheers
Very good analogy nihil!! I like it.Quote:
A biological analogy................if there are 5 farmers living twenty miles apart and one contracts strep throat..............chances are the others won't?.......50,000 soldiers on an army camp an the MO will be quite busy?
You are right that with more targets connected together on faster communications systems there will of course be more infections occurring faster.
I think the thing that concerns me more than that is the fact that the timespan from vulnerability discovery to exploit code to worm is getting shorter and shorter. Slammer exploited a hole that was 6 months old. Blaster exploited a hole that was about 6 weeks old.
Patching is a full-time job and then some these days (maybe they should come out with a MCPI (Microsoft Certified Patch Implementer) certification- it would be a high-demand cert these days!!). When you have vulnerabilities coming out weekly and it takes a month to patch the tens of thousands of computers in your environment but the malicious coders of the world come out with an exploit worm in 2 weeks it poses a huge problem.
The other huge problem- which has been covered in other threads- is that security education is only half the battle. Even a well-educated and intelligent home user can not feasibly keep his system patched over a 56k dial-up connection. Windows 2000 SP4 is 130Mb- it would take more than 5 hours to download on an excellent, noise-free connection. Worms like Slammer and Blaster can infect a vulnerable machine in about 1 minute.
They need to come up with alternative means of distributing the patches like making them freely available on CD at Best Buy, CompUSA, Walmart, Blockbuster- anywhere that consumers can just go get the CD for free to patch their computer rather than trying to download it.
Anyway- kudos again on the great analogy!
I'm sure any virus writers and blackhats here on AO will flame me for this but I think the more virus writers and blackhat hackers they throw in jail the better. It will send a strong message that this is not being put up with!
I read somewhere that the reason why (speculation of course here) a new worm exploiting the MS RPCSS vulnerability hasn't been released yet as predicted was because the hackers/writers were hiding underground due to all the arrests and investigative activity focused around the Blaster worm...who knows maybe some truth to that speculation??!?
I realize this doesn't cure the root problem and is only a deterence but I think it would help greatly since we are really starting from a very low prosecution rate now.
We do also need to understand the WHY DO THEY DO IT better and work on that core too!
...hey the damn software needs to be fixed and better developed too...I know.