Mailinglist Archive: opensuse (3104 mails)

< Previous Next >
Re: [SLE] [Fwd: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today]
  • From: dizzy73@xxxxxxxxxx (dizzy)
  • Date: Sat, 01 Apr 2000 17:08:32 -0500
  • Message-id: <38E67360.8B217F8E@xxxxxxxxxx>

Ian Reilly wrote:
> Just received this from SANS and i figure enough of you are running win
> boxs to warrant it. this is not a joke.
> Just thought you should know!

HOGWASH! this may not be a joke but it certainlly is BAD information

The FBI finds 911 virus?? They seem to be the only ones who have
> Ian
> -------- Original Message --------
> Subject: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today
> Date: Sat, 1 Apr 2000 14:04:52 -0700 (MST)
> From: The SANS Institute <sans@xxxxxxxx>
> To: Ian Reilly (SD463120) <ian@xxxxxxxx>
> To: Ian Reilly (SD463120)
> From: The SANS Institute Research Office
> Subj: Malicious 911 Virus Wipes Out Hard Drives of Internet Users
> At 8:00 am on Saturday, April 1 (This is not an April Fool's joke!)
> the FBI announced it had discovered malicious code wiping out the data
> on
> hard drives and dialing 911.

hehehehehe... now that is FUNNY!

> This is a vicious virus and needs to
> be stopped quickly. That can only be done through wide-scale
> individual action. Please forward this note to everyone who you
> know who might be affected.

Uh huh.... Ill send it to all those I care about <not>

> The FBI Advisory is posted at

o the online community is relying on FBI adviorisies LOL!!!!

> The 911 virus is the first "Windows shares virus." Unlike recent
> viruses that propagate though eMail, the 911 virus silently jumps
> directly from machine to machine across the Internet by scanning
> for, and exploiting, open Windows shares. After successfully
> reproducing itself in other Internet-connected machines
> (to assure its continued survival) it uses the machine's modem to
> dial 911 and erases the local machine's hard drive. The virus is
> operational; victims are already reporting wiped-out hard drives.
> The virus was launched through AOL, AT&T, MCI, and NetZero in the
> Houston area. The investigation points to relatively limited
> distribution so far, but there are no walls in the Internet.

OOOOOOO this sounds s c a r y......

Ian, where you get your information is your business... but *please*
dont try to pass off crap like this to fairly intelligent computer

Do yourself an informational favor- check any reputable av site on the
net like
avp or datafellows, read comp.os.virus youll soon see there is no such
thing as what the "sans advisory" is "claiming".
avp, datafellows, or fprot surely have more integrity the the F%^$ing

ahhh yet another hoax


below is just a buch of crap.....
> -----------------
> Action 1: Defense
> -----------------
> Verify that your system and those of all your coworkers, friends, and
> associates are not vulnerable by verifying that file sharing is
> turned off.
> * On a Windows 95/98 system, system-wide file sharing is managed by
> selecting My Computer, Control Panel, Networks, and clicking on the
> File and Print Sharing button. For folder-by-folder controls, you
> can use Windows Explorer (Start, Programs, Windows Explorer) and
> highlight a primary folder such as My Documents and then right mouse
> click and select properties. There you will find a tab for sharing.
> * On a Windows NT, check Control Panel, Server, Shares.
> For an excellent way to instantly check system vulnerability, and for
> detailed assistance in managing Windows file sharing, see: Shields
> Up! A free service from Gibson Research (
> -------------------
> Action 2: Forensics
> -------------------
> If you find that you did have file sharing turned on, search your
> hard drive for hidden directories named "chode", "foreskin", or
> "dickhair" (we apologize for the indiscretion - but those are the
> real directory names). These are HIDDEN directories, so you must
> configure the Find command to show hidden directories. Under the
> Windows Explorer menu choose View/Options: "Show All Files".
> If you find those directories: remove them.
> And, if you find them, and want help from law enforcement, call the
> FBI National Infrastructure Protection Center (NIPC) Watch Office
> at 202-323-3204/3205/3206. The FBI/NIPC has done an extraordinary
> job of getting data out early on this virus and deserves both kudos
> and cooperation.
> You can help the whole community by letting both the FBI and
> SANS (intrusion@xxxxxxxx) know if you've been hit, so we can
> monitor the spread of this virus.
> --------------
> Moving Forward
> --------------
> The virus detection companies received a copy of the code for the
> 911 Virus early this morning, so keep your virus signature files
> up-to-date.
> We'll post new information at as it becomes available.
> Prepared by:
> Alan Paller, Reserach Director, The SANS Institute
> Steve Gibson, President, Gibson Research Corporation
> Stephen Northcutt, Director, Global Incident Analysis Center
> --
> To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the FAQ at

To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at

< Previous Next >