Remember the Klez!!!
Results 1 to 4 of 4

Thread: Remember the Klez!!!

  1. #1
    Member
    Join Date
    Aug 2001
    Posts
    46

    Remember the Klez!!!

    I don't know about any of you, but I remember how tough it was to get Klez out of my network.

    Read this article:

    Klez set to return

    A minor variant of the Klez virus is set to go into action Friday, erasing a host of files on infected hard drives. But the attack may also wipe out the attacker.
    Time is a created thing -- to say \"I don\'t have time\" is like saying \"I don\'t want to.\"

    Lao-Tzu

  2. #2
    Junior Member
    Join Date
    Sep 2002
    Posts
    25
    Klez.E and any other worm is always very difficult to remove from a network environment. Your IRT (Incident Response Team) needs to react fast and decisive to eliminate the threat. If only one node in your network is infected it can allow a Worm to propagate on even protected machines using the infector's resources never making a function call to the protected machine.

    Best bet...If your scared...and you should be....set-up a Honey Pot and look for machines that match the profile and take them out of action.

    Provides some useful information on Klez.E

    http://securityresponse.symantec.com...klez.e@mm.html

  3. #3
    Junior Member
    Join Date
    Sep 2002
    Posts
    16
    We got rid of it on our network but peoples home PCs keep trying to spread it agin. Thank goodness Norton anti-virus stops it in its tracks evertime. No matter how much you tell users not to open certain attachments they do it anyway.

  4. #4
    Junior Member
    Join Date
    Sep 2002
    Posts
    25
    You may want to look into another Mailer AV program as well. If you are an ISP that is using something similiar to MSE 5.5 or 2k or something along that lines, you should be able to find an AV that will scan your information store or your mailboxes and eliminate those viruses before the user can get them.

    If your talking about Yahoo or Hotmail, you may want to look into a proxy or perimeter AV product. Something like Symantec Web Security will scan http and ftp connections for viruses and that may be the best bet to cover those areas.

    Let me know...How it goes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides