|
PureBytes Links
Trading Reference Links
|
Ron,
> e-mails the IP address of infected machines. This allows someone
initiating the spread of BadTrans to
> download the contents of the Hksdll.dll keystroke logger file, which the
> worm also installs.
Just to clarify, is this your interpretation or is this from a
"knowledgeable, authoritative" website? If this is "good" information, it
begs the question of the value of a firewall? Knowing an IP address is one
thing. Getting through a locked firewall from the outside is another. If
the worm has the ability from the infected machine to disable a locked
firewall and transmit a keystroke file, we're all in deep s***. It doesn't
seem that's the case tho given Symantec's and McAfee's risk assessment.
It's almost as if it's keystroke logger aspect is meant to spook us.
> This dangerous worm is an excellent example of how having a good antivirus
> system in place can save a lot of time and money. Those who have antivirus
> software and a good policy for maintaining it have largely been immune to
> this virus. Those who don't have such software or lack a good
> implementation policy are suffering some major headaches because of this
> little demon.
At the risk of rekindling the safest browser/emailer discussion again, this
is a key, if not critical, part of the solution. A good Swiss army knife
that does HD maintenance and all purpose virus scanning is as essential to
your system as having a HD or a screen. We all have time, dollars, sweat
and tears tied up in our systems. Not having a maintenance/AV package and
learning how to use it as well as keeping it current puts it all at risk.
Regards,
Mike
|