Slashdot Mirror
Evaman Worm Attacks Email Servers
An anonymous reader writes "CoolTechZone is reporting that the mail servers of various popular email services such as Hotmail and Yahoo to be bogged down with a new worm, code-named Evaman.
The headings are common to the ones users encounter everyday in their inbox - "Failed Transaction" or "Delivery Failure". This worm has the potential to take control over Windows 95, 98, ME, 2000, XP, NT, and Windows Server 2003."
Also been seeing lots of those "MS Security Update" mails too. Anyone know if the two are related?
This would be the windows catastrophie of the week huh?
Can someone please, please, please write a decent Unix worm so we can get some interesting headlines?
And don't tell me it's just because MS is a bigger target. Linux runs between 35%-40% of the worlds servers (and more than that if your only counting the DMZd webservers). It's the code stupid.
I would rather be ashes than dust!
Many people are like that. One day, my landlady thought I had missed a payment. She called me and when I told her I just checked using the online interface to my bank account that the payment was really made, she asked me to print a copy of the receipts as "proof". Simply the date of the transfer was not enough for some reason.
It took me quite a while to explain to her that I could save the html ("But surely you can't edit the web pages of your bank, can you?"), type in anything I wanted to, print it and send it to her. After I went through all this trouble to explain how I could cheat her, she seemed to assume I was telling the truth and that I did pay it.
Donate free food here
It's kinda sad though that you've been infected by the time you managed to download the security update...
I've got an idea - Microsoft can start letting the magazines ship the patches on cover CDs again... or even better - they should be legally required to ship a CD containing the patches to every registered user.
http://blog.nexusuk.org
..well im not so sure about that since a DoS is a form of attack.
Consider the following situation:
1- one user logs into his mail server and naively executes britneynaked.gif.exe and starts spreading the worm to all of his contacts.
2- now, if all users that receive the worm do the same thing, the serve will start to bog his way down.
3- Some users will not be able to connect to the server since it is to busy processing millions of worms going back and forth.
4- The server has ben attacked.
All worms are potentially dangerous to servers!
What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
I see the real long term solution to the problem of unwanted software execution being a form of public-key cryptography at the hardware level -- effectively, for every processor to have its own unique instruction set, so that only code compiled for that particular processor can be run on it. (Maybe there would need to be a compatibility-mode switch, to install a kernel and a compiler just to get you going; but please let it be something like a jumper on the motherboard which you have to put on -- certainly there should be no way that software could subvert this security feature.) Also, the installation of new software should require a conscious action on the part of the user, and involve a hardware operation -- such as operating a normally-concealed switch. If you bought a new computer, you would have to recompile all your software from source, but that's a small price to pay. Alternatively, you could allow the user to flash the thing with a new key pair; so you could just give your new computer the same instruction set as the old one. Or a corporation with many desktops to administer need only give all their machines the same keys, and then compile application software once to run on any of them.
The average user won't really notice much. They will simply see an extra step taking place after downloading and before installing, as an automatic configure and make are performed. And they will have to validate the install, but I can't see how anybody would think that unusual: if it can affect the way your computer works, you damn well should have to tell it you're sure you want to go ahead.
Since every piece of downloaded software would have to include the source code, it would be much simpler to chase up infections if they occurred. And if every software installation required users to validate it, drive-by downloads -- arguably a form of virus infection -- would become a thing of the past.
It would still be possible to sell closed-source software; but you would either have to insist that users programmed their machine to a key pair you specified {which is great for locking out your competitors, but rather defeats the entire point of personalised instruction sets} or supply you with the public key of their machine so you can compile software for it {a little more secure for the user, but very expensive to implement}.
BTW, why is anti-virus software closed-source? What don't the likes of Symantec want us to know?
Je fume. Tu fumes. Nous fûmes!
I always enable the ICF firewall that comes with WinXP, update, reboot, update, reboot...repeat as necessary and then disable the firewall. Never got infected this way.
Then I realized that I could download all the updates, and then chain them together in one batch file and then pull them off the server which is behind a real firewall (not just a NAT). When I install, I just filter off the new computers (no Internet access for you!) and then install the patches. Works much slicker and you can simply update the central server.
A NYC lawyer blogs. http://www.chuangblog.com/
Writing email saying its been virus checked is just a simple form of "Social Engineering" ...
yush
Well, there is always some way you can cheat. You could print phony receipts, you could forge a bank statement... but what matters is that every business transaction you make involves some level of trust. You trust that when you pump gas in your car that it isn't water, and the guy at the counter trusts that the credit card is yours and that is really your ID (if he checks it). I don't think it's necesssarily a bad thing, either. I think a healthy society needs to be able to trust each other.
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
The security advisory then lists a dozen or so popular multi-stage relays, from some major ISPs. This explains why my system was being hit by Verizon servers over a thousand times this weekend, targeting a non-existant address.
And here I thought it was just their normal "ignore the 550 response code, just retry endlessly" configuration! Turns out, it was just their "Relay anything for anyone" configuration!
Uh huh.
It's not kind of like driving a car. Other drivers don't crash into you just because you're driving a Punto. No one releases huge robots on to the highways that are programmed to crush Fords, then make new Ford crushing robots out of the scrap.
Car analogies suck.
Debian Investigation Report
This was an attack by mounted by an actual blackhat...who initally sniffed a password. The operating system is irrelevant if your password is stolen.
So, yeah, that was a human error exploited by an unscrupulous individual but do you leave your house unlocked because only theives would break in anyway? It's best not to tempt people.
And, again, that analogy sucks too.
It's more like innoculization. You're protecting yourself against the most common diseases (0-day Windows exploits). Yeah, it's not much good if someone decides to break your legs with a baseball bat or you have unprotected sex -- and the shot can be painful -- but, on balance, it's better for you.
Or something. What do I care for your 'health' anyway?
"The number of Unix installations has grown to ten, with more expected." (Unix Programmer's Manual, 2nd ed.; june 1972)
I am working on a thesis and will probably want some contributors to help. The internet is committing suicide and Microsoft is always part of the equation. It started with Microsoft not embracing TCP/IP (remember the Clarkson drivers). Then Microsoft really screwed up and didn't support the internet for about a year after the ball got rolling because they wanted the entire planet to use MSN. Finally they realized that the entire planet was probably not going use MSN exclusively and they jumped on the internet bandwagon. From then on the things they did seemed to only destory what was good. Email suddenly became HTML based. They tried to hijack IRC with Microsoft Comic Chat. They tried desperately to torpedo java and had limited success. They tried to hijack HTTP/HTML with Microsoft crap like Frontpage. Fast forward to 2004 and we have millions and millions of Microsoft zombie pc's completely wreaking havoc on the net. Is it possible it is all part of a master plan ? I can see where in the future they could proclaim the only safe way for people to be networked is if everyone was on MSN because they can rigorously control how everyone's pc works and what it does. For example they would get rid of SMTP, HTTP, IRC, etc and replace it with "safe" Microsoft protocols and software.
In short, is Microsoft the Al-Qaeda of the networking world ? It sounds screwy but if you write a chronology of the internet and Microsoft side by side you will notice that almost everytime something bad happens in the internet world Microsoft is right there playing a major role. The vast majority of Microsofts contribution to the internet is leading to its destruction. I wonder if somehow they are behind the other internet scourge: pencil necked geek know-it-all bullies on newsgroups, slashdot, and irc that in reality could have their a**es kicked by little girls. Bah.