[ISN] FBI, computer industry join forces against viruses, worms

From: InfoSec News (isnat_private)
Date: Tue Oct 02 2001 - 02:30:20 PDT

  • Next message: InfoSec News: "[ISN] Bush taps Clarke as cyberdefense chief"

    Monday, Oct. 1, 2001 
    WASHINGTON (AP) -- The FBI is teaming up with the computer industry to
    help American companies and regular Internet users prevent the 20
    worst computer threats -- from the Code Red worm to the Melissa virus.
    The FBI also announced Monday it is putting computer security tips for
    home users on the National Infrastructure Protection Center's Web site
    with the intention of making it a one-stop shop for home users
    confused by most security terms.
    ``The challenge right now is that (home users) either go to a vendor,
    or they go to a site that's too techie for them, so they give up,''
    said Alan Paller, research director at the Sans Institute, working
    with the government on the project.
    For regular users
    ``This is a site that's designed for people that are regular users,
    and it isn't trying to sell them anything,'' he said. The tips include
    using updated antivirus software and being suspicious of e-mail
    All the recent Internet viruses took advantage of well-known program
    vulnerabilities, and the government hopes to get users and companies
    to patch them before the next virus appears.
    The list, compiled with the help of more than 50 computer security
    experts, addresses software bugs in Unix and Microsoft Windows
    operating systems, as well as many common mistakes. These include
    using simple passwords and not backing up critical data.
    The all-purpose fix will help counter the thousands of hacking tools
    that scan through the Internet looking for vulnerable computers.
    ``It lets (computer administrators) know the things these scanning
    programs are looking for, and it will protect them the instant they
    put the machine on the Internet,'' Paller said.
    Sans Web site
    Both the list and the fixes can be found on the non-profit Sans
    Institute Web site. The institute's Paller said the Top 20 scanner can
    be obtained for free by sending an e-mail to the Center for Internet
    Security, using instructions found on the Sans Institute Web site at
    Paller said the fix eventually will be distributed on a CD-ROM as
    Security experts long have said computer users should download
    regularly new software fixes, known as patches, but the practice is
    frequently overlooked at large companies and universities.
    Many individual users are unaware of vulnerabilities in their
    computers and find installing software updates tedious and difficult.
    In July, the FBI and industry groups joined in a campaign to tell
    computer users how to protect themselves from the Code Red worm
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 06:49:53 PDT