This type of virus spreads across local networks or through internet via shares disks. The virus searches for computers in its "neighborhood" with shared network drives and then copies itself on them.
For prevention as far as possible do not share whole disks, but only selected folders. It is also advisable to use passwords on shared folders.
We recommend you remove binding to "File and printer sharing" in Bindings Tab under TCP/IP Properties for all TCP/IP protocols (the TCP/IP protocol is usually defined for every LAN or Dial-Up adapter).
Peer-to-peer networks
Next most common method of spreading is by "peer-to-peer" networks (like KaZaA), the virus creates a few copies of itself in folders within the P2P shared system. If these files have got alluring names then there is a good chance somebody will download these files and execute them.
I-Worm/Brontok
This is now the most common type of virus. It spreads as an attachment to an e-mail sent from the infected computer. It is also able to spread by other methods - copying itself to shared network disks in local network, sending via IRC or as a file with some alluring name within a folder on a "peer-to-peer" file sharing system.
E-mail content
E-mail message created by the virus is often suspect at first appearance - it normally contains a few sentences in English trying to convince you that you should open the attached file.
However this is not always the case - some viruses use text or parts of text randomly taken from files within the infected computer and some even take existing message from Inbox folder. They put this text within the e-mail and attach the infected file and forward the virus on by e-mail.
Sender address
Latest viruses send e-mails with faked sender message header, so there is no point in replying to it with notice about infection.
Also - if you are unlucky in that an I-worm randomly selects your e-mail address to use in the "sender" header, you start to receive undeliverable messages (that you never sent) or automatic messages from mail servers that your e-mail messages are infected.
Outlook & Outlook Express
Because these mail clients are very popular, they act as a magnet for virus writers to abuse their features or security holes. If you use one of these mail clients it is recommended you keep it updated with security updates and service packs released by Microsoft.
For prevention as far as possible do not share whole disks, but only selected folders. It is also advisable to use passwords on shared folders.
We recommend you remove binding to "File and printer sharing" in Bindings Tab under TCP/IP Properties for all TCP/IP protocols (the TCP/IP protocol is usually defined for every LAN or Dial-Up adapter).
Peer-to-peer networks
Next most common method of spreading is by "peer-to-peer" networks (like KaZaA), the virus creates a few copies of itself in folders within the P2P shared system. If these files have got alluring names then there is a good chance somebody will download these files and execute them.
I-Worm/Brontok
This is now the most common type of virus. It spreads as an attachment to an e-mail sent from the infected computer. It is also able to spread by other methods - copying itself to shared network disks in local network, sending via IRC or as a file with some alluring name within a folder on a "peer-to-peer" file sharing system.
E-mail content
E-mail message created by the virus is often suspect at first appearance - it normally contains a few sentences in English trying to convince you that you should open the attached file.
However this is not always the case - some viruses use text or parts of text randomly taken from files within the infected computer and some even take existing message from Inbox folder. They put this text within the e-mail and attach the infected file and forward the virus on by e-mail.
Sender address
Latest viruses send e-mails with faked sender message header, so there is no point in replying to it with notice about infection.
Also - if you are unlucky in that an I-worm randomly selects your e-mail address to use in the "sender" header, you start to receive undeliverable messages (that you never sent) or automatic messages from mail servers that your e-mail messages are infected.
Outlook & Outlook Express
Because these mail clients are very popular, they act as a magnet for virus writers to abuse their features or security holes. If you use one of these mail clients it is recommended you keep it updated with security updates and service packs released by Microsoft.
0 comments:
Post a Comment