-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Tuesday, March 11, 2003 7:13 AM To: Information Technology Subject: [Information_technology] Daily News 3/11/03 March 10, IDG News Service New worm targets weak Windows passwords. A new worm, W32/Deloder-A (Deloder), appeared on Sunday and is considered a low risk for infection, according to an alert posted by anti-virus company F-Secure. The worm, which is believed to have originated in China, attempts to connect to other computers on a network through TCP (Transmission Control Protocol) port 445, randomly generating IP addresses to locate vulnerable machines. If the worm succeeds in breaking the Administrator account password, it places copies of a backdoor (trojan) program known as "inst.exe" in several locations on the infected machine. Machines running Windows 95, 98, NT, 2000, ME and XP are vulnerable to attack by Deloder, Symantec said. No infections from Deloder have been reported and most firewalls block access to port 445. Computer users are advised to contact their anti-virus company for further details.. Source: http://www.idg.net/go.cgi?id=790456 March 02, Time Magazine Investigators examine the links between Islamic fundamentalists and the Internet. On February 26, Sami Omar al-Hussayen, a Ph.D. candidate in computer security at the University of Idaho, was charged with violating conditions of his student visa by registering and maintaining a dozen militant websites promoting violence against U.S. interests. U.S. officials want to know more about al-Hussayen's work for the sponsor of most of these sites, the radical Islamic Assembly of North America (IANA), a Michigan-based group known as one of the most strident voices of Islam on the Web. IANA hosted the websites of two radical Saudi sheiks - Salman al-Awdah and Safar al-Hawali - both of whom are closely associated with Osama bin Laden and who provided religious justification for the September 11 attacks, according to the SITE Institute, a Washington-based terrorist-research group that monitors the Internet. Al-Hussayen's case also may provide fresh evidence that at least some of these anti-American websites are being supported by funds coming from Saudi Arabia. Al-Hussayen is accused of covertly receiving $300,000 from abroad and disbursing much of it to IANA. A Saudi-embassy spokesman in Washington said no government money has gone to IANA. Source: http://www.time.com/time/magazine/article/0,9171,1101030310-428043,00.ht ml Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 11 March 2003 Last Changed 10 March 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 445 (microsoft-ds), 113 ident), 135 (epmap), 139 (netbios-ssn), 25 (smtp), 4662 (eDonkey2000), 6346 (gnutella-svc) _______________________________________________ Information_technology mailing list Information_technology@listserv http://listserv.infragard.org/mailman/listinfo/information_technology
This archive was generated by hypermail 2b30 : Wed Mar 12 2003 - 11:20:33 PST