Mar, 2009 Volume 09-143
In This Issue:
Download PDF version
- Message from the CEO
- Corporate News
- Operations
- Log Harvesting
- Safety Stats
- Forestry Engineering
- Mill Report
- Environmental Mgmt. & Fire
- Information Systems
- Safety News
- Fred's Compost Talk
- Calendar
Download PDF version
Adobe Acrobat Reader is
required to view PDF files.
By George Rose, IT ManagerInformation Systems
April Fools Day and the Confiker.C scare
As most of us in the IT world expected, reports of the Conficker worm where vastly exaggerated and it did not have as big an impact as was being predicted.
The reason is that the main purpose of the virus, which has already infected about 15 million computers, is to make money. Viruses with that intent generally like to stay hidden as long as possible, collecting as much income as possible before being discovered and disabled.
The worm is self-replicating and has attacked a vulnerability in machines using the Microsoft's Windows operating system. Microsoft issued a patch to fix the vulnerability last October; however, millions of computers that are running pirated versions of Windows are unpatched.
The reason everyone was concerned is that there was reason to believe the virus will change its behavior come April 1, or sometime shortly after. The attacker recently released a major update to Conficker, known as Conficker.C. This variant contains two major new features. First, the domain generation algorithm now creates 50,000 random domains, and attempts to contact 500 of them each day. It is completely impractical for the ‘Conficker Cabal,' a group of security researchers, to lock down all 50,000 domains generated each day.
Additions to the code also include a P2P file sharing ability and a change to the algorithm for the domain names, so the additional functionalities will spread it further and make it harder to track.
How to protect yourself? The usual: firewall, updated anti-virus program and keep your Windows operating system updated.
Think you have the bug? The Confiker worm blocks a couple of web sites it doesn't want you to access because they give information about combating it. If you can go to http://www.mcafee.com you likely aren't infected.
Don’t forget The Golden Rule – Update, update, update!!
The Coulson Group of Companies - Head Office:
4890 Cherry Creek Road, Port Alberni, BC, Canada V9Y 8E9 Phone: (250) 723-8118 Fax: (250) 723-7766
