Security Basics mailing list archives
Re(2): Possible new virus?
From: Occams Razor <occamsraser () yahoo com>
Date: Thu, 11 Sep 2003 14:29:19 -0700 (PDT)
There certainly is a remote possibility that these 3 machines have been infected by some mysterious virus the purpose of which is to convince the user that their fan is malfuctioning. It is much, much, much, more likely that indeed something in the environment is causing the fan to malfunction. If someone passes me in the hall and tells me that my shoe is on fire, my first reaction would be to check and see if my shoe is indeed on fire. I would not run back to my cube and send a message all around the world asking if anyone has heard of a social engineering hack where the attacker tells the victim their shoe is on fire BEFORE checking to see if my shoe is on fire. Likewise, if my computer told me that, "cpu cooling fan is malfunctioning," the very FIRST thing I would do is check if indeed the cpu cooling fan is malfunctioning. Has the skill set of the average "Assistant Network Administrator" really degraded to the point that we must accept as normal the posting to a worldwide mailling list with tens of thousands of readers as the FIRST troubleshooting step? Yours, Occam -----Original Message----- From: Lee Rich [mailto:lee.rich () wlga gov uk] Sent: Thursday, September 11, 2003 4:08 AM To: security-basics () securityfocus com Subject: Re(2): Possible new virus? Importance: Low Chris, in a later posting, Matt has stated that 'another' machine has been reported to have the same symptoms; these machines may be just a small handful of machines who have the same problem but have not been reported yet due to the area covered by 'Internet' Technical support. Also, the idea that the message and beeping may be a red herring should not be cast aside. For all these systems to suffer the same fault dispite manufacurer or warranty state. Seems a little iffy to me andI wouldn't be surprised if there is actually nothing wrong with the cooling system. Saying it's a hardware problem would assume that each firmware reports an identical message for the problem. Not to mention that some firmware may not even be able to report such an issue. -Lee Rich security () wlga gov uk __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Re(2): Possible new virus? Lee Rich (Sep 11)
- <Possible follow-ups>
- Re: Re(2): Possible new virus? Chris Berry (Sep 11)
- System Logging on Windows Hussein Ghazy (Sep 15)
- Re: System Logging on Windows Brian - IC Support Desk (Sep 15)
- Message not available
- Re: System Logging on Windows Phillip McCollum (Sep 16)
- Re: System Logging on Windows Doug Massey (Sep 16)
- System Logging on Windows Hussein Ghazy (Sep 15)
- Re: Re(2): Possible new virus? Sebastian Schneider (Sep 11)
- Re: Re(2): Possible new virus? Wirefire Systems Administrator (Sep 12)
- Re: Re(2): Possible new virus? Wirefire Systems Administrator (Sep 12)