Slashdot Mirror

← Back to Stories (view on slashdot.org)

IRC Networks Unite in Fight Against Fizzer Worm

Posted by michael on from the why-cliff-got-klined dept.

Dave writes "Over the past few days, IRC Networks across the internet have felt the brunt of the Fizzer worm. In an unusual display of geek solidarity, representatives from dozens of IRC Networks, including EFNet, IRCNet and DALnet, have gathered to create a Fizzer Task Force. Interesting, and mostly productive results have occurred so far from such a meeting of the IRC minds."

20 of 314 comments (clear)

  1. Re:method by Anonymous Coward · · Score: 1, Informative

    Most IRC worms exploit the scripting engines in the IRC clients, not an OS bug.

  2. Re:death of irc? by NDPTAL85 · · Score: 3, Informative

    That note was from 2 years ago. Undernet is still going strong today and remains one of the largest IRC networks.

    --
    Mac OS X and Windows XP working side by side to fight back the night.
  3. Re:mIRC by shadowjk · · Score: 5, Informative

    This does not affect mIRC or any other IRC Client, at all.

    The fizzer worm that's currently spreading, spreads through outlook and Kazaa. It also has a IRC backdoor, through which presumably the virus author can access infected computers. This IRC backdoor connects to a list of several irc servers, and sit in a channel.

    As the number of infected computers (Please people, update your Anti Virus software!) is growing, this puts a higher load on the irc servers. This is what it's all about, to find a way to get rid of the trojans from the servers, so that nobody can abuse them for DDoS or looking for CC numbers or other private info on infected machines, in a way that doesn't put too much stress on the IRC servers.

  4. Re:method by shadowjk · · Score: 2, Informative

    Through outlook, and by the user downloading warez from Kazaa.

    See this f-secure article

  5. Re:okay, time to update by ejaw5 · · Score: 4, Informative

    AVG AntiVirus Free Edition is available here: http://www.grisoft.com When I used to use windows, AVG was IMO the best antivirus out there in terms of speed and detection, compared to mcAfee and norton.

    --

    $cat /dev/random > Sig
  6. Re:Lock em down by REBloomfield · · Score: 2, Informative

    well, most windows processes refuse to be killed, unless you use one of the API exploiters such as kill.exe. Sophos has an install option to prevent removal, but i don't think this goes as far as shutting it down.

  7. Re:okay, time to update by nolife · · Score: 2, Informative

    I've been using AntiVir for a few months on W2K and 98SE machines. Seems to work pretty good.

    AVG appears to be another free one but I have not tried it.

    I was using an older version of NAV Corporate but it seemed too bloated for some of my slower machines. I've also used the scaled down version of Trendmicro that normally comes packaged with new motherboards, it is limited to 3 months of updates unless you pay for a subscription but the price is reasonable if you want to keep using it.

    --
    Bad boys rape our young girls but Violet gives willingly.
  8. Re:Missing from the discussion so far: by michaelggreer · · Score: 1, Informative

    Pervasive VB scripting, particularly in Outlook. By default, someone can send you an email and run almost arbitrary code on your computer.

  9. Re:As Well They Should ... by slug359 · · Score: 3, Informative

    QuakeNet probably won't get targeted as they have a highly active anti-worm/trojan squad equipped with a trojan scanner (my work) and other services which hunt the network for flood clones/trojans/illegal botnets automatically.

  10. Re:IRC is P2P by jez9999 · · Score: 2, Informative

    The entire idea of IRC is communications between individuals. Some is direct, some is centralised, that part doesn't matter. It's a P2P network, and one of the significant ways files get traded.

    You obviously don't have a clue what a P2P network is. The most striking feature of a Peer to Peer network is its lack of a centralised server - you communicate with the network through a peer. IRC has centralised servers, and although it is possible to form a direct connection with another client, you cannot connect to the network _through_ them. IRC is *not* P2P.

    --
    == Jez ==
    Do you miss Firefox? Try Pale Moon.
  11. Re:mIRC by Moonshadow · · Score: 2, Informative

    The actual effect on IRC is that the virus creates bots which then sit in IRC channels and listen for instructions. Server ops are getting several thousand of these, in some cases, draining server resources. It's a network problem, not a client one.

  12. Re:Lock em down by tomstdenis · · Score: 2, Informative

    Services in win2k/xp cannot be killed from a user level process at all. [which is annoying if you really want it to die].

    So even if you did "kill pid" it won't work.

    Tom

    --
    Someday, I'll have a real sig.
  13. Re:okay, time to update by Dioji · · Score: 3, Informative

    F-Prot is what I use, and the DOS version is free: www.f-secure.com

  14. Re:*Ahem* by fred666 · · Score: 4, Informative

    *NIX/Linux systems can be at risk if you're using a misconfigured wine.

    Seriously, wine is getting better every month and can run a wider lot of window$ software, it is not surprising that it will (could?) run windows worms/viruses (which are software written by human after all) and put our supposed-virus-free-OS [insert your preferred flavour of unix here] at the same level of risk than windoze users.

    Please think about it if you install such a software...

  15. Re:Missing from the discussion so far: by geschild · · Score: 2, Informative

    I'll bite.

    Having a very elaborate rights structure within their filesystem, much better than the Unix variants have had (imho), having an 'executable' in it, and then not using it!

    Default to setting it off on software coming from network connections, have the user explicitly turn it on when necesarry. Unfortunatly this would go against the grain of 'easy computing for everyone' which is the core bussiness of Windows.

    So basically the answer to your question is: Microsoft is doing something wrong by wanting to cater for the lowest denominator computer user, no bars hold.

    --
    Karma? What's that again?
  16. Re:IRC is P2P by MsGeek · · Score: 2, Informative

    IRC might be a client/server network, but DCC is strictly peer to peer. In DCC you create a direct connection between your IP address and the person who you are exchanging information with's IP address. IRC facilitates finding someone to do a DCC connection with, but that's it.

    --
    Knowledge is power. Knowledge shared is power multiplied.
  17. mIRC != IRC by nurb432 · · Score: 2, Informative

    Just a pet peeve when people refer to it that way.., one is a client of many, the other is a network ( also many )...

    And just sounds like people need to use some common sence, and update signatures.. None of these things should be a huge deal..

    --
    ---- Booth was a patriot ----
  18. Symantec tool by BigBir3d · · Score: 2, Informative

    main page

    Removal tool

    Cleaned up my office yesterday very nicely.

  19. Info by Anonymous Coward · · Score: 4, Informative

    For those unaware of what the Fizzer worm does and stuff. You can find most stuff here.

  20. Re:vbs is supposed to run, but not through email! by radish · · Score: 2, Informative

    Why can't the M$ dummies do like every other reasonable OS and implement file permisions and owners within the file system?

    What are you talking about? Windows has far more fine-grained access control, permissioning and user management than Unix. I'm no MS fanboy but it's a simple fact - the Unix mechanism with chmod and chown is really crude by comparison (although it's tried & tested).

    --

    ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"