Aces High Bulletin Board
General Forums => The O' Club => Topic started by: 1pLUs44 on March 31, 2009, 09:10:10 PM
-
Turn off your computers at midnight, make sure you're completely updated.
It's apparently pretty nasty, so, hope you already didn't get it. (Hopefully, Firefox did it's part pretty well.) :pray
I'm updating AVG, and downloading the windows update right now.
-
April Fools. :noid
-
Don't worry. I live your future and the day passes with no such event.
-
Don't worry. I live your future and the day passes with no such event.
Yea im in korea and nothing has happened, i think you need to lay of the paodi
-
The early reports from other parts of the world claimed that the worm didn't really cause any issues. It does have a key logger tho.
It was also reported that one way to know your infected is that you can get the microsoft update site and cant update you anti-virus thru the web.
The only workaround is to have the update emailed to you or transfer it from a removable media.
Seems its more of a inconvenience than a major threat.....but who knows tomarrow we may wake up back in the dark ages if you beleive some of the doomsayers regarding this virus :rofl.
The only skeery kinda thing is that nobody really knows WTF this thing actually does. only that its dormant till april and some website or soemthing on the web activates it, "they" dunno what though :huh
-
Are we all gonna die now like we were supposed to with the millenium bug ? :confused:
-
Well, even so, the confiker's a right nasty bug, to the point where microsoft's got a 250,000 USD reward out for whoever has info leading to the arrest of whoever made it... ;) But I think all will be well...
-
I would turn myself in for that kind of money...... :lol
-
Too bad Microsoft doesn't get smart and install the virus on one of their computers. In doing this they can sniff the packets of the computer which is infected. Once the virus contacts the website for instructions on how to operate, remove the virus and look at the packet log. Within that packet log is information of when the virus contacted the website's server, the IP of the server, and what the virus was looking for. With that information Microsoft could contact the owner of the server's IP and ask for information regarding recent domain registrations. Now you have your list of suspects.
-
Once the virus contacts the website for instructions on how to operate, remove the virus and look at the packet log. Within that packet log is information of when the virus contacted the website's server, the IP of the server, and what the virus was looking for.
The first two versions of the virus pinged 250 unique IPs a day looking for updates or instructions. The 3rd version pings 50,000 unique domains a day. It's a fairly advanced virus.
https://www.honeynet.org/files/KYE-Conficker.pdf
The majority of infections are in Asia. It is estimated that more than 85% of the copies of Windows installed in Asia are counterfeit, and they therefore can not get security updates so they are more vulnerable to attacks.
-
Well, I know that. However only one IP will respond with instructions. The packet sniffer will pick that up thus giving you the IP of where the instructions came from. Yes, it's time consuming to sift through the information the packet sniffer picked up. However if you want to catch the guy, that would be the easiest way to do it.
-
Now, what if instead of one IP address giving instructions, multiple IP addresses only have parts of the instructions? Or is that not possible yet?
-
Yea im in korea and nothing has happened, i think you need to lay of the paodi
:rofl
-
:noid You have been infected!!!!1
-
Well, I know that. However only one IP will respond with instructions. The packet sniffer will pick that up thus giving you the IP of where the instructions came from. Yes, it's time consuming to sift through the information the packet sniffer picked up. However if you want to catch the guy, that would be the easiest way to do it.
The thing is that the way the creator of the virus is giving it instructions is he breaks into one of those 50,000 domain names that the virus goes to to get it's instructions, now there's no way to monitor all 50,000 domains, someone who creates a virus thats this good is more then capable of staying undetected, hell Microsoft is offering a $250,000 reward for information leading to the arrest of the virus's creator, I doubt they'd offer that large a reward if it was that easy to trace him.
-
Oh hai Skynet
(http://www.whatheck.com/uploaded_images/skynet-terminator-727080.jpg)
-
:devil
-
April 1. is here and im still alive. As usual i havent gotten this virus either even if i dont have any AV software running. Never gotten a virus and im still wondering where people find them :)
-
my computer just blew up.
-
As I giggled at the feeble attempts of the Conficker Virus I heard my Computer rattle.
A worm jumped out and bit off my leg at the thighs :D
-
my computer just blew up.
And you're still typing?
-
Turn off your computers at midnight, make sure you're completely updated.
It's apparently pretty nasty, so, hope you already didn't get it. (Hopefully, Firefox did it's part pretty well.) :pray
I'm updating AVG, and downloading the windows update right now.
Did the sky fall and I missed it?
-
What would be funny if it was all just an April Fool's Joke. Would probably go down as the best April Fool's Prank ever.
ack-ack
-
What would be funny if it was all just an April Fool's Joke. Would probably go down as the best April Fool's Prank ever.
And as the most costly one ever I figure.
-
hahaha. Cute avatar Fishu. I like it. :aok
My kids run around with helmets on all the time. It's a real hoot. :)
I reckon that to a civilian it looks as peculiar as a tin-foil hat. Oh well, they're happy with it. :)
-
Not as bad as I thought... Got outta 6th/7th period to be a bounty hunter. ;) One of our campuses had EVERY one of it's computers infected (I'm guessing some kid actually brought it on a flashdrive, once it hit the server... well, kaploot)... So, had a fun afternoon of plug in flashdrive, open AV software installer, go to next computer, start them all...