Is the new Microsoft Worm Giving You Problems This Morning? (I switched to Netscape)

Internet Weather Report/Network Overview ^ | September 12, 2003 | staff report

[meg70]

Traffic in Asia is slowed down to about half of the US

[Malsua]

>>The popups are harmless, but they can't be stopped with anything but a firewall<<


They can be stopped by turning off the messenger service. This is not MSN messenger, it's called messenger in the services control panel under administrative tools in the windows control panel.

Disable it. I can't think of any admin that uses it instead of Email these days.

-Mal

[mhking]

Adaware deos not remove it either.

Try HijackThis!, a spyware-killer that actually looks at your program startup stack and removes running elements from within it.

[Protagoras]

I have a firewall. Maybe I'll try a different one.

[js1138]

Windows Update is necessary but not sufficient. It does not give you a virus scanner, and unless you have XP, Windows does not have a firewall. If you have XP, the firewall is off by default. If you turn it on you may be shut off from your home network (if you share the internet connection).

[martin_fierro]

<|:)~

Try that Spybot S&D, too. Good stuff!

[Protagoras]

Thanks, I'll try that too.

[Ronaldus Magnus]

If you don't have a firewall, you can get popup messages that use your Widows message service. this is not the same as instant messenger and has nothing to do with your browser. The popups are harmless, but they can't be stopped with anything but a firewall.

I don't believe that is true. Rather than install a firewall, you can simply disable Windows Messenger Service.

[Hodar]

I can think of no greater security hole than allowing an operating system to be altered without direct user control.

Ummmm, have you looked at this program at all? The most aggressive setting allows it to automatically go to a pre-determined site, and download the critical update. It will then petition you to allow the install, but will also allow you to view the critical update. If nothing else, it serves notice that there are critical updates that need to be installed.

I have never met an IT manager who permits this practice.

Which would you rather have, a company that shuts down everytime a high school punk decides to hot-rod an existing virus (any idea how many thousands of virus's are out there), or a OS that automatically updates itself so it is protected against this. Norton SystemWorks, Symantec Anti-virus (same company) and MacAfee all automatically update. I think you need to expand your pool of IT managers you get your info from.

[js1138]

Turning off the message service is not practical for home users.

[governsleastgovernsbest]

Thanks for the suggestions. I went to Windows update, but found there were no critical updates that I had not already installed. MS updates pop up spontaneously in my tool bar, and I always permit them.

Any other suggestions to prevent this from happening again?

[johnb838]

I have a user with outlook problems. Thats why I'm interested in this thread. Hers will start up, but then it just freezes. Thanks for the info.

[Protagoras]

Thanks

[js1138]

Turning off the message service is treating a symptom. Your computer is still exposed to netbios attacks. Much better to have a firewall, especially since there are free ones available.

[Hodar]

I have a firewall. Maybe I'll try a different one.

For the cost of the software firewall, you can buy a Linksys or Dlink router. They are cheap, along the lines of ~$50 (plus some have rebates which further lowers your cost.

What does a Router get you? Well, a darn near bullet-proof firewall for one thing. It can only be configured from your end, so script kiddies can't tamper with it's settings directly. It also allows you to connect up to 255 PC's to your single cable or DSL router with additional switches; or directly connect 4 PC's using it's built in switch. Simply connect the Cat5 cable between your Network Card (NIC) to the Router. But the biggest plus, is how much faster your PC will be when you finally throw away your software firewalls. Now your PC can stream the info directly to you, instead of scruitinizing every single byte with software.

[SaveTheChief]

They can be stopped by turning off the messenger service. This is not MSN messenger, it's called messenger in the services control panel under administrative tools in the windows control panel.

BLESS YOU! I knew there had to be a way to stop these things from coming in. I just didn't know where to find it.

[johnb838]

Good point. I don't have a helper so I have to go around and update 22 machines everytime a new flaw/patch is output. Automatic update would really help me, though I'd still have to go machine-to-machine to check. I suppose I really have reached the point where I need to get some system management software to manage the pushing of updates to the clients. Any suggestions from the peanut gallery?

[js1138]

I can think of no greater security hole than allowing an operating system to be altered without direct user control. I have never met an IT manager who permits this practice.

Well, duh! The default behavior is to download the patches and ask permission to install them. There are other options. At the very least you can download the patches and wait a week to see if they are causing trouble for others.

[Ronaldus Magnus]

The most aggressive setting allows it to automatically go to a pre-determined site, and download the critical update. It will then petition you to allow the install, but will also allow you to view the critical update. If nothing else, it serves notice that there are critical updates that need to be installed.

That is all well and good until someone compromises your system connection or an in-route router. On-line operating system updates are inherently dangerous, and setting them up to automatically propose them is foolish.

Which would you rather have, a company that shuts down everytime a high school punk decides to hot-rod an existing virus (any idea how many thousands of virus's are out there), or a OS that automatically updates itself so it is protected against this. Norton SystemWorks, Symantec Anti-virus (same company) and MacAfee all automatically update. I think you need to expand your pool of IT managers you get your info from.

That is a false choice. I would prefer to have an operating system that didn't have all of these flaws and holes and didn't need to be updated every week. The very idea of giving the company that created all these security holes an even wider security hole is lunacy.

[Ronaldus Magnus]

Turning off the message service is treating a symptom. Your computer is still exposed to netbios attacks. Much better to have a firewall, especially since there are free ones available.

I don't disagree that a firewall is a good idea, but it is simply not true to say that it is the only way to stop Windows Messenger Service pop-ups.

[Hodar]

Any other suggestions to prevent this from happening again?

Please see post 54. I cannot recommend a router strongly enough. The benefits mean that you can connect 4 PC's to a single cable/DSL modem and pay the single PC cost. Or, you can daisy-chain even cheaper switches together and connect over 250 PC together. You will be inheretly immune from most virus attacks, as the Router's built-in (and automatically enabled) firewall will protect you.

Other pluses, the Router will serve as a firewall between the hackers and you. There are a gazillionty different combinations of codes to make it through the router to your PC. The router randomly re-assigns these numbers to each of your home PC's every hour, day, week (you set that up). It blocks ports that you neither want, nor need open. It's easily configured (literally takes you all of 10 minutes - yes, even a novice).

Cost is low. I mean, you can find a Router for less than ~$50 pretty easily.