OH-CENSUS-LOOKUP-L Archives

Archiver > OH-CENSUS-LOOKUP > 2001-09 > 1000851345


From: "Nancy Riley" <>
Subject: [OHCEN] Fw: [IL-Census] off subject VIRUS WARNING
Date: Tue, 18 Sep 2001 18:15:45 -0400



----- Original Message -----
From: Cheryl Layton <>
To: <>
Sent: Tuesday, September 18, 2001 9:06 PM
Subject: [IL-Census] oof subject


> We all had trouble with SIRCam. So pardon me if I pass this along.
> Cheryl
>
>
> United Press Int'l . Health News . Health
>
>
> Worm, e-mail virus attacking Internet
>
> By SCOTT BURNELL, UPI Internet Writer
>
> WASHINGTON, Sept. 18 (UPI) -- Private
> companies and a national
> computer security organization said Tuesday
> morning a new e-mail
> virus could be behind a "massive increase" in
> attempts to infect
> Internet servers worldwide.
>
> The first reports of both the virus and the
> increased malicious
> scanning attempts surfaced at about 9 a.m. EDT
> Tuesday, said Ken
> Van Wyk, president of Para-Protect, a computer
> security company
> in Centreville, Va. Although the source of the
> activity hasn't yet been
> traced, it started at almost exactly the same
> day and time at which
> the terrorist attacks began last week. Van Wyk
> told UPI it took only
> minutes for the e-mails and scanning behavior
> to show up across the
> company's client base, as well as at the home
> computers of its
> employees.
>
> The CERT Coordination Center, an organization
> at Carnegie Mellon
> University in Pittsburgh that studies computer
> vulnerabilities and acts
> as an information clearinghouse, also issued a
> warning Tuesday
> about the e-mail and "a massive increase in
> scanning activity
> directed at (a common computer Internet)
> port."
>
> An attachment in Microsoft Outlook e-mails
> appears to be the
> source of all the activity, Van Wyk said,
> although the company
> hasn't yet had a chance to analyze a copy of
> the e-mail. Opening the
> attachment, named "readme.exe," apparently
> forces the computer to
> run a program searching for 16 known security
> holes in Microsoft
> Internet Information Server software, he said.
>
> IIS was the program targeted by the "Code Red"
> and "Code Red II"
> worms earlier this summer, although it only
> runs on Windows NT and
> 2000 servers. The "readme.exe" virus, on the
> other hand, affects any
> Windows-based personal computer running
> Outlook, Van Wyk said.
> The "Code Red" occurrences prompted most
> companies to install
> fixes to IIS, so infection rates on Web
> servers appear to be low, he
> said.
>
> But far more seriously, this attack affects
> home computer users.
> Van Wyk said the scanning attempts come from
> computer
> addresses all over the Internet, including the
> digital subscriber line
> and cable modem connections associated with
> residential use. In
> order to minimize the attack's impact, PC
> users should avoid
> opening unfamiliar e-mail attachments, Van Wyk
> said. And for the
> time being, DSL or cable modem users should
> consider severing
> their Internet connection if that won't hurt
> an ongoing business or
> other important activity, he said.
>
> Antivirus software makers will distribute
> solutions for this attack as
> soon as they're available, Van Wyk said.
>
> --
>
> Copyright 2001 by United Press International.
>
> All rights reserved.
>
>
> ==== IL-CENSUS-LOOKUP Mailing List ====
> Please put your census books to good use and help to locate someone's
family.
> Genealogists don't grow old, we only lose our CENSUS.
>
> ==============================
> Ancestry.com Genealogical Databases
> http://www.ancestry.com/rd/rwlist2.asp
> Search over 2500 databases with one easy query!
>


This thread: