keetrainchild
Joined: 06 May 2008
|
 Posted: Wed Jan 21, 2009 7:03 am Post subject: |
 |
|
It seems to spread itself by exploiting the Windows "Server" service, which was patched four months ago. This means that many people who got this virus wouldn't have if they had updated their systems within the past four months.
Disabling it is easy, enough. Just run the command prompt as an administrator and type:
| Code: |
sc config LanmanServer start= disabled
net stop LanmanServer |
or run services.msc and manually disable and stop "Server". Doing either of these means that your computer won't be sharing anything, though, so if you share files over the network, it will stop working, so you're better off just patching Windows with Windows Update.
It also infects computers through a brute-force password attack, meaning that it just tries to log in over and over again using various passwords. The best protection against this is to have a strong password: 12 characters comprised of at least two of each of these: lowercase letters, capital letters, numbers, and special characters (!@#$$%^&*()). Something like this: $oop3rLEe7H@x0r or Y3rMum!$@fr0g2 . No, that's not a password that I actually use  Just choose something that looks like a really long, horrific AOL username and you'll be ok.
Make sure that you have the firewall enabled on your router, block all incoming connections (except ones you Really need), and allow only outgoing connections that you actually use. Naturally, be wary of any media that you put in your PC, like USB drives, CD's, floppy disks (on the off chance), et cetera.
http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=2
[/code] |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
