Worm Hysteria
May. 4th, 2004 05:54 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
lostcarparkI had a slightly panicked call from a friend who works from home and occasionally calls me to help with PC problems.
He had seen a report on Sky News about the Sasser worm which "brought down the coast guard".
Apparently it did nothing of the sort. It affected their email and mapping systems, but they don't consider either to be a critical system (next time I get into trouble at sea, I must remember not to email my distress call - but I'll do my best to update LiveJournal befor going down).
But what panicked my friend was the revelation that this "virus" doesn't wait for you to open an email attachment or run an affected program. Instead it "finds" your PC on the internet. As he has a broadband connection, he's worried about being found.
I haven't seen the Sky report, but from the web articles I've seen there seems to be the worst kind of sensationalist reporting on this. The stories seem to only stop slightly short of telling us to throw away our PCs and go back to pen and paper. They suggest that worms that attack a networked PC directly are a new threat, when they can be traced back to quite early computers such as the PDP-11 (and probably further back), and on the PC there have been quite similar worms such as Blaster for at least a year.
In fact, according to McAfee it is only a medium risk. Anyone who takes sensible precautions should be quite safe. None of the reports I've seen seem to give any advice on how to protect oneself from it (and other similar threats).
My advice to all users is:
I'm happy to take my friend's call, and to tell him how to protect his PC, but I wish journalists would be a bit more helpful and a little less sensationalist.
He had seen a report on Sky News about the Sasser worm which "brought down the coast guard".
Apparently it did nothing of the sort. It affected their email and mapping systems, but they don't consider either to be a critical system (next time I get into trouble at sea, I must remember not to email my distress call - but I'll do my best to update LiveJournal befor going down).
But what panicked my friend was the revelation that this "virus" doesn't wait for you to open an email attachment or run an affected program. Instead it "finds" your PC on the internet. As he has a broadband connection, he's worried about being found.
I haven't seen the Sky report, but from the web articles I've seen there seems to be the worst kind of sensationalist reporting on this. The stories seem to only stop slightly short of telling us to throw away our PCs and go back to pen and paper. They suggest that worms that attack a networked PC directly are a new threat, when they can be traced back to quite early computers such as the PDP-11 (and probably further back), and on the PC there have been quite similar worms such as Blaster for at least a year.
In fact, according to McAfee it is only a medium risk. Anyone who takes sensible precautions should be quite safe. None of the reports I've seen seem to give any advice on how to protect oneself from it (and other similar threats).
My advice to all users is:
- Update your virus scanner. You do have one, don't you? If you do, make sure it's up to date. If you don't, get one. There's quite a good free one available.
- Install windows patches. If you have any recent version of Windows, go to the start menu, click "Windows Update" and install all the critical updates it recommends.
- Get a firewall. If you have an always-on internet connection, I'd recommend a hardware firewall, whether it's built into a router or an old PC running Linux. For some people that's too much hassle. In any event, a software firewall is a very good idea as a last line of defence. The free version of ZoneAlarm is a good choice.
I'm happy to take my friend's call, and to tell him how to protect his PC, but I wish journalists would be a bit more helpful and a little less sensationalist.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2004-05-04 04:04 pm (UTC)