[Towertalk] Klez
Guy Olinger, K2AV
k2av@contesting.com
Wed, 8 May 2002 10:21:41 -0400
Have to point out that the WinProxy for StarBand is a special variant
that at one time at least kept an open port for the folks that run the
satellite service, so they could keep the satellite response software
current on the client boxes. Don't know what difference that makes, or
if the update procedure is different. I have the regular version.
For any virus there IS a window of vulnerability when the virus first
hits the net, and the time the virus-killer folk get the pattern out
on the lists. That's about 24-48 hours. You might have just been one
of the unlucky ones on the bleeding edge. It wouldn't matter which
virus. Only the elimination of the root vulnerability (e.g.
auto-launch in non-upgraded Internet Explorer or Outlook express, just
for a few) would have helped. That's why it's still important to pay
attention to the security upgrades.
Also, you can get a virus through WinProxy using any of the means that
you don't turn on scanning for. I was tempted to leave some open to
speed up the high speed DSL access (I thought it would). It didn't
slow anything down, including scanning the unzipped content of
incoming zip files.
Currently I get hits from all the talked about viruses, including the
one that trashed your machine. Obviously I don't how it got through in
your case. It's been intercepted here.
BTW, your favorite tower/antenna/shack project, or your weekend time
to operate a contest, or ... is going to come to a screeching halt if
the wife's, or kid's computer goes down with a virus. Tell your kid
whose term paper will make the difference between an A or C and maybe
being accepted to college of choice that anything ham radio ranks over
getting his first (or worse, last) draft back up on the computer, no
matter how or why the virus was on it.
At the moment the internet/study/etc boxes have moved into the
neighborhood of the automobile as indispensable appliances. And I
don't do contests without a computer anymore. Seems a lot of the hams
I know have home LANs now.
To all the subject police out there, the subject is plain and
accurate, and it's called a delete key. Avail yourselves. No one is
making you read it.
73, y'all
Guy
----- Original Message -----
From: "WA9ALS - John" <wa9als@starband.net>
To: "Guy Olinger, K2AV" <k2av@contesting.com>
Sent: Wednesday, May 08, 2002 7:00 AM
Subject: Re: [Towertalk] Klez
> > Having in the past had to clean up the mess a virus made, I would
> > estimate the anger, upset, loss of time and data well into the
$1000
> > range, with some loss non-estimable.
>
> You mean you can't estimate the cost of pulling out my hair?! HIHI
> Fortunately, most of my hair is already out!
>
> > WinProxy and NAV pay for themselves every day.
>
> Exactly! Are other machines on your network being protected by the
Norton
> on your "gateway" PC? I was very surprised to learn that my whole
network
> was being protected by the single copy of NAV! Almost too good to
be true,
> but there's no doubt it's working that way. I see an envelope icon
in the
> systray when another PC on the network sends or receives email,
saying
> something about NAV protecting the email, and it has already
stripped
> several KLEZ viruses from email bound for other PCs on the network.
>
> I am using StarBand, and it's probably configured differently than
your
> DSL-to-network system, so I was just curious if NAV is protecting
your whole
> network or just the one PC. With StarBand, due to it's special
satellite
> acceleration protocols, the network is a little different. The
modem is
> connected to my main PC via NIC, then there's another NIC in the
same
> machine that connects to the LAN. Thus everything passes through
the
> "gateway" PC, and I think this is why I get the whole network
protected by
> the one NAV program. Even with this configuration, the gateway PC
doesn't
> slow down or have problems though - Family can surf during RTTY
contests etc
> without bothering me! hihi 73
>
>
>
>
>