RootsWeb.com Mailing Lists
Home

Results for list 'ca-goldrush'

Total: 1/1
    1. Re: [GOLDRUSH] Fw: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today

    3. Looks like a goofy hoax/spam to me. I wouldn't click on that URL. Alexandra On Sat, 1 Apr 2000 19:02:56 -0800 "Eddie Ireton" <kireton@earthlink.net> writes: > I realize this is "April Fools Day" and this is being sent to a Geneology list and I appolojise but this is important to pass on. It is a new type of virus and can do a lot of damage. This notice comes from the FBI and the NATIONAL INFRASTRUCTURE PROTECTION CENTER. > > Posts of this nature will not be sent again by me. > > Thank you and please read. Any questions, please e-mail me direct. > > -Ed > > ----- Original Message ----- > From: The SANS Institute <sans@sans.org> > To: Edward Ireton (SD390948) <eireton@ibm.net> > Sent: Saturday, April 01, 2000 12:57 PM > Subject: Virus Alert: FBI Finds 911 Virus Wiping Out Hard Drives Today > > > To: Edward Ireton (SD390948) > > From: The SANS Institute Research Office > > Subj: Malicious 911 Virus Wipes Out Hard Drives of Internet Users > > > > At 8:00 am on Saturday, April 1 (This is not an April Fool's > joke!) > > the FBI announced it had discovered malicious code wiping out the > data on > > hard drives and dialing 911. This is a vicious virus and needs to > > be stopped quickly. That can only be done through wide-scale > > individual action. Please forward this note to everyone who you > > know who might be affected. > > > > The FBI Advisory is posted at > http://www.nipc.gov/nipc/advis00-038.htm > > > > The 911 virus is the first "Windows shares virus." Unlike recent > > viruses that propagate though eMail, the 911 virus silently jumps > > directly from machine to machine across the Internet by scanning > > for, and exploiting, open Windows shares. After successfully > > reproducing itself in other Internet-connected machines > > (to assure its continued survival) it uses the machine's modem to > > dial 911 and erases the local machine's hard drive. The virus is > > operational; victims are already reporting wiped-out hard drives. > > The virus was launched through AOL, AT&T, MCI, and NetZero in the > > Houston area. The investigation points to relatively limited > > distribution so far, but there are no walls in the Internet. > > > > ----------------- > > Action 1: Defense > > ----------------- > > > > Verify that your system and those of all your coworkers, friends, > and > > associates are not vulnerable by verifying that file sharing is > > turned off. > > > > * On a Windows 95/98 system, system-wide file sharing is managed > by > > selecting My Computer, Control Panel, Networks, and clicking on > the > > File and Print Sharing button. For folder-by-folder controls, you > > can use Windows Explorer (Start, Programs, Windows Explorer) and > > highlight a primary folder such as My Documents and then right > mouse > > click and select properties. There you will find a tab for > sharing. > > > > * On a Windows NT, check Control Panel, Server, Shares. > > > > For an excellent way to instantly check system vulnerability, and > for > > detailed assistance in managing Windows file sharing, see: Shields > > Up! A free service from Gibson Research (http://grc.com/) > > > > ------------------- > > Action 2: Forensics > > ------------------- > > > > If you find that you did have file sharing turned on, search your > > hard drive for hidden directories named "chode", "foreskin", or > > "dickhair" (we apologize for the indiscretion - but those are the > > real directory names). These are HIDDEN directories, so you must > > configure the Find command to show hidden directories. Under the > > Windows Explorer menu choose View/Options: "Show All Files". > > > > If you find those directories: remove them. > > > > And, if you find them, and want help from law enforcement, call > the > > FBI National Infrastructure Protection Center (NIPC) Watch Office > > at 202-323-3204/3205/3206. The FBI/NIPC has done an extraordinary > > job of getting data out early on this virus and deserves both > kudos > > and cooperation. > > > > You can help the whole community by letting both the FBI and > > SANS (intrusion@sans.org) know if you've been hit, so we can > > monitor the spread of this virus. > > > > > > -------------- > > Moving Forward > > -------------- > > > > The virus detection companies received a copy of the code for the > > 911 Virus early this morning, so keep your virus signature files > > up-to-date. > > > > We'll post new information at www.sans.org as it becomes > available. > > > > Prepared by: > > Alan Paller, Reserach Director, The SANS Institute > > Steve Gibson, President, Gibson Research Corporation > > Stephen Northcutt, Director, Global Incident Analysis Center > > > > >

    04/01/2000 09:04:43