Mailinglist Archive: opensuse (3104 mails)

< Previous Next >
Re: [SLE] [Fwd: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today]



On Sat, 01 Apr 2000, you wrote:
> Ian Reilly wrote:
> >
> > Just received this from SANS and i figure enough of you are running win
> > boxs to warrant it. this is not a joke.
> > Just thought you should know!
>
>
> HOGWASH! this may not be a joke but it certainlly is BAD information

IF you would only go to http://www.nipc.gov you will see that it is
legitmate. The nipc is housed in the FBI building in Washington.
The virus is real too, for M$ OSs.

>
> The FBI finds 911 virus?? They seem to be the only ones who have
> >
> > Ian
> >
> > -------- Original Message --------
> > Subject: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today
> > Date: Sat, 1 Apr 2000 14:04:52 -0700 (MST)
> > From: The SANS Institute <sans@xxxxxxxx>
> > To: Ian Reilly (SD463120) <ian@xxxxxxxx>
> >
> > To: Ian Reilly (SD463120)
> > From: The SANS Institute Research Office
> > Subj: Malicious 911 Virus Wipes Out Hard Drives of Internet Users
> >
> > At 8:00 am on Saturday, April 1 (This is not an April Fool's joke!)
> > the FBI announced it had discovered malicious code wiping out the data
> > on
> > hard drives and dialing 911.
>
>
> hehehehehe... now that is FUNNY!
>
> > This is a vicious virus and needs to
> > be stopped quickly. That can only be done through wide-scale
> > individual action. Please forward this note to everyone who you
> > know who might be affected.
>
> Uh huh.... Ill send it to all those I care about <not>
>
> >
> > The FBI Advisory is posted at http://www.nipc.gov/nipc/advis00-038.htm
>
> so the online community is relying on FBI adviorisies LOL!!!!
>
>
> >
> > The 911 virus is the first "Windows shares virus." Unlike recent
> > viruses that propagate though eMail, the 911 virus silently jumps
> > directly from machine to machine across the Internet by scanning
> > for, and exploiting, open Windows shares. After successfully
> > reproducing itself in other Internet-connected machines
> > (to assure its continued survival) it uses the machine's modem to
> > dial 911 and erases the local machine's hard drive. The virus is
> > operational; victims are already reporting wiped-out hard drives.
> > The virus was launched through AOL, AT&T, MCI, and NetZero in the
> > Houston area. The investigation points to relatively limited
> > distribution so far, but there are no walls in the Internet.
>
>
> OOOOOOO this sounds s c a r y......
>
> Ian, where you get your information is your business... but *please*
> dont try to pass off crap like this to fairly intelligent computer
> users.
>
> Do yourself an informational favor- check any reputable av site on the
> net like
> avp or datafellows, read comp.os.virus youll soon see there is no such
> thing as what the "sans advisory" is "claiming".
> avp, datafellows, or fprot surely have more integrity the the F%^$ing
> FBI!
>
>
> ahhh yet another hoax
>
> rob
>
> below is just a buch of crap.....
> >
> > -----------------
> > Action 1: Defense
> > -----------------
> >
> > Verify that your system and those of all your coworkers, friends, and
> > associates are not vulnerable by verifying that file sharing is
> > turned off.
> >
> > * On a Windows 95/98 system, system-wide file sharing is managed by
> > selecting My Computer, Control Panel, Networks, and clicking on the
> > File and Print Sharing button. For folder-by-folder controls, you
> > can use Windows Explorer (Start, Programs, Windows Explorer) and
> > highlight a primary folder such as My Documents and then right mouse
> > click and select properties. There you will find a tab for sharing.
> >
> > * On a Windows NT, check Control Panel, Server, Shares.
> >
> > For an excellent way to instantly check system vulnerability, and for
> > detailed assistance in managing Windows file sharing, see: Shields
> > Up! A free service from Gibson Research (http://grc.com/)
> >
> > -------------------
> > Action 2: Forensics
> > -------------------
> >
> > If you find that you did have file sharing turned on, search your
> > hard drive for hidden directories named "chode", "foreskin", or
> > "dickhair" (we apologize for the indiscretion - but those are the
> > real directory names). These are HIDDEN directories, so you must
> > configure the Find command to show hidden directories. Under the
> > Windows Explorer menu choose View/Options: "Show All Files".
> >
> > If you find those directories: remove them.
> >
> > And, if you find them, and want help from law enforcement, call the
> > FBI National Infrastructure Protection Center (NIPC) Watch Office
> > at 202-323-3204/3205/3206. The FBI/NIPC has done an extraordinary
> > job of getting data out early on this virus and deserves both kudos
> > and cooperation.
> >
> > You can help the whole community by letting both the FBI and
> > SANS (intrusion@xxxxxxxx) know if you've been hit, so we can
> > monitor the spread of this virus.
> >
> > --------------
> > Moving Forward
> > --------------
> >
> > The virus detection companies received a copy of the code for the
> > 911 Virus early this morning, so keep your virus signature files
> > up-to-date.
> >
> > We'll post new information at www.sans.org as it becomes available.
> >
> > Prepared by:
> > Alan Paller, Reserach Director, The SANS Institute
> > Steve Gibson, President, Gibson Research Corporation
> > Stephen Northcutt, Director, Global Incident Analysis Center
> >
> > --
> > To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
> > For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> > Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
>
> --
> To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/

--
__ _
/ / (_)__ __ ____ __ * Powerful * Flexible * Compatible * Reliable *
/ /__/ / _ \/ // /\ \/ / *Well Supported * Thousands of New Users Every Day*
/____/_/_//_/\_,_/ /_/\_\ The Cost Effective Choice - Linux Means Business!



--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/


< Previous Next >
Follow Ups
References