FAQ  Search  Memberlist  Usergroups  Register  Profile  Private messages  Log in

Korgo Virus Goto page Previous  1, 2, 3  Next

Forum Index -> microsoft.public.cert.exam.mcse

Author	Message
Spyke Guest	Posted: Thu Jun 24, 2004 10:42 pm    Post subject: Re: Korgo Virus "kpg" <ipost@thereforeiam.com> wrote in news:OZGJoAhWEHA.1128@TK2MSFTNGP10.phx.gbl: Quote: "Keyboard Cowboy" <thekeyboardcowboy@nospam.cybersolutionz.com> wrote in message news:20a0e01c45a0d$c2460560$a601280a@phx.gbl... # Name resolution details: file://c:\temp\131943.htm (6/24/2004 12:23:51 PM) # On behalf of crappy programmers everywhere, I apologize. -- Fris "HAHAHAHAHAHAH" bee®, MCNGP #13 Hey, are you a member of the crappy programmers guild too? the best with updates -- Cheers, Spyke
Back to top
TechGeekPro Guest	Posted: Thu Jun 24, 2004 11:07 pm    Post subject: Re: Korgo Virus "fygar" <cpudoc10@hotmail.com> wrote in message news:16mld01kv2jhtt550c4at47l8c3v96kc4j@4ax.com... Quote: On Thu, 24 Jun 2004 08:50:34 +1000, "Slarty Bartfast" Slarty@Bartfast.com> wrote: We had two days of the LAN being down this week with the Win32.Korgo.I virus. It has similar behaviour to the Sasser that we spent a whole day on 'fixing'. We had Microsoft Auto-updates turned of for some reason - MS04-011 patch would have stopped it, but it wasn't on all our machines. It most likely got in via a laptop that was on the net while outside our firewall and then brought it in. We are updating all our laptops to XP and using it's firewall - better that nothing. Any suggestions on good laptop policy regarding security - I know that might seem a silly question, but we have been using NT4 and 2000 on our laptops with good updated virus protection forever, long before I came here, even though I knew the lack of a software firewall was a risk and brought the issue up a few times. Run MSBA to find all lagging machines. Patch. Set up SUS. Set up a managed Antivirus. Find a firewall product if not using XP. Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. ***Do not give access to email w/o using VPN. (This forces the occasional connection so the systems will check for updates) Remove batteries and power cords ...butch Yeah, but shouldn't you also keep users out of Administrators group? -- I may not be completely certified, but I am completely certifiable.
Back to top
fygar Guest	Posted: Thu Jun 24, 2004 11:14 pm    Post subject: Re: Korgo Virus On Thu, 24 Jun 2004 14:07:14 -0400, "TechGeekPro" <%username%@yahoo.com> wrote: Quote: "fygar" <cpudoc10@hotmail.com> wrote in message Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. ***Do not give access to email w/o using VPN. (This forces the occasional connection so the systems will check for updates) Remove batteries and power cords ...butch Yeah, but shouldn't you also keep users out of Administrators group? I'll add that to the list. ....b
Back to top
Ken Briscoe Guest	Posted: Thu Jun 24, 2004 11:16 pm    Post subject: Re: Korgo Virus "TechGeekPro" <%username%@yahoo.com> wrote in message news:y76dnXrA5t3chUbd4p2dnA@adelphia.com... Quote: Yeah, but shouldn't you also keep users out of Administrators group? I had to stick users in local admin groups the other day. we have a dumbass printer whose software won't allow users to print to a mailbox unless they have administrative rights. so, since i'm not the one running the show, i'm merely a lackey, i was instructed to add EVERYONE to their local admin group. I protested, but only briefly, as I realized that this is job security. Doing this will virtually guarantee me a job in a couple months when things backfire and a sh!tstorm of spyware, viruses, and nosy users ensues. But I guess, for now, everyone's happy because they can all print. Whatever. But I can feel it...the big one's coming. I know I'm going to be told to give some luser domain admin access, by either giving him one of the admin usernames/passwords or by dropping him/her into domain admins. I can feel it. I'm going to cringe. I'm going to vomit. I'm going to probably pass out. Oh well. -- KB - MCNGP "silent thug" #26 first initial last name AT hotmail DOT com
Back to top
TechGeekPro Guest	Posted: Thu Jun 24, 2004 11:20 pm    Post subject: Re: Korgo Virus "fygar" <cpudoc10@hotmail.com> wrote in message news:se6md0h2pgbc49udd71l6ndqruact9l0rj@4ax.com... Quote: On Thu, 24 Jun 2004 14:07:14 -0400, "TechGeekPro" %username%@yahoo.com> wrote: "fygar" <cpudoc10@hotmail.com> wrote in message Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. Keep users out of Administrators group. ***Do not give access to email w/o using VPN. (This forces the occasional connection so the systems will check for updates) Remove batteries and power cords ...butch Yeah, but shouldn't you also keep users out of Administrators group? I'll add that to the list. ...b Glad to help. ;-) -- I may not be completely certified, but I am completely certifiable.
Back to top
Neil Guest	Posted: Thu Jun 24, 2004 11:36 pm    Post subject: Re: Korgo Virus "kpg" <ipost@thereforeiam.com> wrote in news:OZGJoAhWEHA.1128 @TK2MSFTNGP10.phx.gbl: Quote: Hey, are you a member of the crappy programmers guild too? the best no, no kpg. you are a member of the krappy programmers guild... ;) -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Neil Guest	Posted: Thu Jun 24, 2004 11:37 pm    Post subject: Re: Korgo Virus Spyke <spyke@mailinator.com> wrote in news:Xns95128B6F95090spykemailinator.com@207.46.248.16: Quote: the best with updates it is real -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Neil Guest	Posted: Thu Jun 24, 2004 11:38 pm    Post subject: Re: Korgo Virus "Ken Briscoe" <youcant@sendmespam.com> wrote in news:elE8NdhWEHA.1684 @tk2msftngp13.phx.gbl: Quote: I'm going to cringe. I'm going to vomit. do it on the luser and then you can take the day off and postpone the inevitable -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Slarty Bartfast Guest	Posted: Fri Jun 25, 2004 4:08 am    Post subject: Re: Korgo Virus Thanks Fygar, your post was very helpful. I will look at SUS. Regarding VPN and Admin Group, I've asked, but they won't touch VPN here. And everyone is a Local Admin. I have pointed out some problems with this, not least of which that anyone can map to the Administrative Shares of anyone else. -- Regards, Slarty Bartfast
Back to top
nerd32768 Guest	Posted: Fri Jun 25, 2004 4:23 am    Post subject: Re: Korgo Virus "Slarty Bartfast" <Slarty@Bartfast.com> wrote in message news:eRTr$$jWEHA.712@TK2MSFTNGP11.phx.gbl... Quote: Thanks Fygar, your post was very helpful. I will look at SUS. Regarding VPN and Admin Group, I've asked, but they won't touch VPN here. And everyone is a Local Admin. I have pointed out some problems with this, not least of which that anyone can map to the Administrative Shares of anyone else. -- Regards, Slarty Bartfast if you need help with SUS, you can always go to "microsoft.public.softwareupdateservices"
Back to top
Slarty Bartfast Guest	Posted: Fri Jun 25, 2004 4:42 am    Post subject: Re: Korgo Virus Thanks Nerd, I'll go there now and have a look. -- Regards, Slarty Bartfast
Back to top
Neil Guest	Posted: Fri Jun 25, 2004 4:52 am    Post subject: Re: Korgo Virus "Slarty Bartfast" <Slarty@Bartfast.com> wrote in news:eRTr$$jWEHA.712 @TK2MSFTNGP11.phx.gbl: Quote: And everyone is a Local Admin. NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!!!!!!!!!!!!!! -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Neil Guest	Posted: Fri Jun 25, 2004 4:53 am    Post subject: Re: Korgo Virus "Slarty Bartfast" <Slarty@Bartfast.com> wrote in news:OoclRTkWEHA.3012 @tk2msftngp13.phx.gbl: Quote: Thanks Nerd, I'll go there now and have a look. -- Regards, Slarty Bartfast or www.susserver.com -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Slarty Bartfast Guest	Posted: Fri Jun 25, 2004 8:58 am    Post subject: Re: Korgo Virus why... -- Regards, Slarty Bartfast "Neil" <neilmcse@nospamforyou.com> wrote in message news:Xns9512CA0A95DE0neilmcsehotmailcom@207.46.248.16... Quote: "Slarty Bartfast" <Slarty@Bartfast.com> wrote in news:eRTr$$jWEHA.712 @TK2MSFTNGP11.phx.gbl: And everyone is a Local Admin. NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!!!!!!!!!!!!!! -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Neil Guest	Posted: Fri Jun 25, 2004 5:47 pm    Post subject: Re: Korgo Virus "Slarty Bartfast" <Slarty@Bartfast.com> wrote in news:OIO59hmWEHA.2576 @TK2MSFTNGP10.phx.gbl: Quote: why... *walking away* "you can call it job security then... -- Neil MCNGP #30 "you'd do what, to who, for how many biscuits?"
Back to top
Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First

	Forum Index -> microsoft.public.cert.exam.mcse	All times are GMT Goto page Previous  1, 2, 3  Next
Page 2 of 3