Slashdot Mirror

← Back to Stories (view on slashdot.org)

Internet Security Warnings

Posted by CmdrTaco on from the we-have-a-code-yellow-people-this-is-not-a-drill-omg-freak-out dept.

Juha-Matti Laurio writes "Internet Storm Center's Diary reported today: Due to a number of very well working Windows exploits for this weeks patch set, and the zero-day Veritas exploit, we decided to turn the Infocon to yellow. The following Internet Threat Level meters are at level 2/4 because of Windows Plug and Play vulnerability's several exploit codes too: Symantec ThreatCon as a part of global DeepSight Threat Management System saying Increased alertness and Internet Security Systems X-Force with Increased vigilance at AlertCon."

10 of 296 comments (clear)

  1. Another color-code system? by green+pizza · · Score: 5, Interesting

    Seems to me these color coded systems do more to confuse than they do good. Should I relax if we're at green? Should I be paranoid if we're at Red? Should I even care since I run UN*X rather than Windows? Every day there are at least a few new sploits. Every few weeks there's a sploit that affects me as a sysadmin and requires my attention to preserve the security of my servers and internet-attached LAN. Given this I still don't understand the value in these color coded alert systems. Yellow? What does that mean? Wake up an extra hour early to read the logs? The terrorists can attack just as easily if we're at green than if we are at red. I'm uncertain of the value in the announcements at the airport every 15 minutes to remind me that we're at yellow or orange.

  2. Re:It hate to say it... by confusion · · Score: 4, Interesting

    It means that I'm not looking forward to another worm, but I'm realizing that the circumstances are right for one to happen.

    That's what I meant.

    Jerry
    http://www.cyvin.org/

  3. Re:It hate to say it... by ciroknight · · Score: 5, Interesting

    No drugs here, but then again, my argument does make sense; Security left in the hands of Microsoft is security that should be questioned.

    I mean just look at the terrificly terrible job they've done with the Xbox, or the bang up job they've done to date with patching well known security issues in Windows. Their attempts at security seem half-assed at best, as most of the more critical bugs are found by companies outside of Microsoft, and as Microsoft acquires more of these companies, I doubt if their advisories will ever make it out the front door.

    Thus, I believe when Vista comes out, there will be a million new exploits, just as were delivered with Windows XP when it came out. And as most of these exploits will be retroactive (as the NT platform is known for carrying bugs for years without them being detectable), WinXP and 2000 will be at risk as well. It's only an opinion, but it's a well thought out one. At this point it's all speculation.

    --
    "Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
  4. Alert Level Red? by g-san · · Score: 2, Interesting

    So if the internet should come crashing down, as in the infocon red situation, what is the use of a little hyperlinked gif to their website, a gDesklet , or a systray icon?

  5. Re:Netcraft Confirms It. by sound+vision · · Score: 4, Interesting

    Windows will never die, not unless something major happens like Microsoft shuts down... not likely.

    It's just that people don't care enough, or don't know enough. "Here's a Mandrake install disc, have fun." Maybe they'll mess with it for a few minutes, but then the killer question comes: "How do I put my kids' <i>Game X</i> on it?" or "How do I use my camera?" I've tried to convert several people to Linux, and there's <i>always</i> a killer question. Some site needs Active X, or some shit company doesn't make Linux drivers for their hardware. If nothing else, "This doesn't look like Excel. How do I put Windows back on?"

    I'm sure you've all read those jokes in the respectable upstanding citizen! magazines like Reader's Digest, about how computers are unreliable. Everyone I talk to has this conception that computers are inherently unreliable machines that will always break. But when they say computers, they really mean Windows. They don't know the difference between a monitor and a modem, they just want to push the little blue button and have their email pop up... viruses and all.

    In summary, Windows will be the #1 OS until a significant proportion of Wal Mart computers come with an alternative OS (not likely unless MS looses their grip) or people get smarter (not likely period).

  6. Why do I love Windows98 SE... by fprog · · Score: 2, Interesting

    Affected Products:
    Microsoft Windows NT 4.0 up to and including SP6a
    Microsoft Windows 2000 up to and including SP4
    Microsoft Windows XP up to and including SP2
    Microsoft Windows Server 2003 up to and including SP1

    It's nice to be a Microsoft "reject"...
    at least when worms come out I don't give a damn.

    Just don't use Internet Explorer and have a good Firewall...

    The only problem with Windows 98 SE, is that most newer machine cannot install it properly, since drivers do not exists!!! arggggg.

    Which means.... hmmm
    maybe I should update my Dell Laptop. =(

    Anyone knows where to find Windows 98 drivers for Dell laptops ?! [Hint: Dell Tech Support are clueless]

    Also, it's funny that all those fine .NET companies,
    which insist on using ASP.NET, C#, ISS crapt will get infected again, again and again...
    why nobody learn... just use LAPP!!!
    (Linux, Apache, PostgreSQL, Perl/PHP)

  7. Re:Windows Update by Fizzl · · Score: 2, Interesting

    I also had the automatic updates set to wait for my approval. For a long time. Then I finally realized that in the years approving the updates, I haven't rejected a single one. I can't remember even researching most of the updates to see if there's something I don't want. To the extent that I didn't even bother reading the descriptions because they always were pretty useless.

    Now I just have it on full auto. What the heck. If they fuck up, I think I'll be reading about it on slashdot within few minutes and some comment will have link to instructions on how to undo the evil one.

    --
    Bot Assisted Blogging
  8. Sometimes... by RAMMS+EIN · · Score: 4, Interesting

    Sometimes I almost wished Microsoft's own Internet imitation hadn't died. Then, we would have the true Internet, with the academic publications, some grassroots stuff, and the users of alternative operating systems. And the Microsoft network with all the Windows users, entertainment, flashing adverts, worms, pr0n, and everything.

    Of course, people would probably build bridges between the two networks, and the bridges could probably be exploited by worms...but the vulnerabilities would probably be on the Microsoft side for the most part, meaning that worms could travel from the Internet to the Microsoft network, but hardly the other way around.

    Ah, how pleasant dreams can be...

    --
    Please correct me if I got my facts wrong.
  9. Not to sell a used car at a funeral, but... by Kamiza+Ikioi · · Score: 2, Interesting

    Not to sell a used car at a funeral, but... when these worms hit is the best time to push linux, especially to companies who see significant downtime and lost sales. Something along the lines of, "You know, if you were running (Insert *nix and/or BSD distro here), you'd still be in business. Right now, your business is doing as much sales as a liquor store being robbed, because being 'robbed' is exactly what's happening. If Windows is the liquor store, (distro) is the well guarded bank. 'Robberies' can still happen, but they are extremely more rare and the 'crooks' will be caught sooner."

    --
    I8-D
  10. There is at least one worm active out there. by Alejo · · Score: 2, Interesting
    Look for pnpsrv.exe in windows/system32 and /run.

    A large client was affected last night because of it. And they patched almost all servers this week, but how can you keep patching up with thousands of workstations, including home users accessing through vpn?

    Tightening more is not an easy option as people want to do all what Microsoft promises them. When security teams (or just plain support) insist on patching they are labeled as annoying dorks, and when a worm/virus hits because of lame users not patching... just plain dorks!

    Sometimes I wish I liked painting instead of computers.