Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Viruses Hit 30-Month High

Posted by CowboyNeal on from the my-worm-infested-inbox-agrees dept.

Mz6 writes "InformationWeek reports that Sophos has analysed and protected against 959 new viruses in May, this is the highest number of new viruses discovered in a single month since December 2001. From Sophos' own TopTen list they continue on to say that the 'Sasser and Netsky worms may have captured the headlines. ...May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.'"

7 of 252 comments (clear)

  1. Re:arrests won't stem the tide... by agwis · · Score: 3, Informative

    oops, in hindsight I realized I shouldn't have lumped Mitnick in with virus writers, at least I don't think he was.

    Damn, where is that undo button?

  2. Re:Security... by dealsites · · Score: 5, Informative

    Security at the hardware layer is definately important, but don't under-estimate the power of a cheap NAT router. If if you don't need one, it will still keep out many of the IP port scans and vulnerabilities. I have a linksys with logging enabled, and it's amazing to watch the port scan in real time. I'm sure most of them are from script kiddies, or people that have compromised machines. But it sure does the job. NAT routers can be picked up for next to nothing these days.

    Of course it doesn't help with email viruses or attacks from the LAN side (ie, dumb users), but it helps cut down on the worm and viruses that propagate over the web.

    --
    New deal processing engine online: http://www.dealsites.net/livedeals.html

  3. Re:Use it to an advantage. by Kris_J · · Score: 3, Informative

    I've been suggesting Mozilla as the answer to IE-hijacking [ad/spy]ware. Works every time. I also recommend Eudora as the answer to Outlook-exploiting viruses, but patching Outlook works just as well.

  4. Re:Phatbot/Polybot/Gaobot/Agobot... by mythosaz · · Score: 3, Informative
    I'm going to hope that violating the GPL copy[direction] rules is going to be the least of their problems.

    These Agobot variations wouldn't be a problem if half of the virus scanners in the world didn't only scan into UPX compressed files.

    The problem is, if you search google for Executale Compressors you get a hundred more that McAfee and Norton can't see until it's too late.

    Run PEID and find a couple hundred things on your OWN executables that McAfee can't look inside.

  5. Re:That's all very nice, but Sophos is 'moneyware' by docbrazen · · Score: 5, Informative

    You could try:

    ClamAV, A GPL virus scanner featuring:
    * command-line scanner
    * fast, multi-threaded daemon
    * milter interface for sendmail
    * database updater with support for digital signatures
    * virus scanner C library
    * on-access scanning (Linux and FreeBSD)
    * detection of over 20000 viruses, worms and trojans
    * built-in support for RAR (2.0), Zip, Gzip, Bzip2
    * built-in support for Mbox, Maildir and raw mail files

    I use ClamAV on my mail server and it works pretty good.

    There is also an open source windows version called ClamWin Antivirus.

  6. Sophos, in case you've forgotten... by gumpish · · Score: 4, Informative

    Sophos, in case you've forgotten, are the same bunch of asshats who asserted to the media that Linux advocates were responsible for the MyDoom worm.

  7. Re:Security... by pHDNgell · · Score: 3, Informative

    Security at the hardware layer is definately important, but don't under-estimate the power of a cheap NAT router.

    NAT is not a security device, it's only there to work around address limitation problems at the cost of making communication more difficult for legitimate services. What you're describing is the job of a basic firewall blocking ingres traffic.

    --
    -- The world is watching America, and America is watching TV.