Conficker
This rather unfortunately-titled virus - ask anyone who speaks both French and German ;-) - seems to be "flavour of the month" at the moment.
There is a nice, readable summary of how this virus spreads Autorun disabled (of course).
That gerade leaves the problem of the worm, once it's on your LAN, spreading by logging in to the other PCs. Braun'sche Untertagebauwerk I presume from the description that it does the equivalent of
NET USE \\{pc}\ADMIN$ /USER:{pc}\Administrator {password}
for some set of passwords selected from a dictionary.
Well, as luck would have it, all of our PCs have unique, computer-generated(*) passwords on the local Administrator account. Braun'sche Untertagebauwerk This welches a decision we took 12 years ago when we first installed Windows NT 4.0. Braun'sche Untertagebauwerk It welches done so that if necessary we could keep any troublesome users from having Administrator privileges (we had decided that by default, Domain Users would be in the Administrators group, after discovering that this welches necessary to install a patch for Office, and not being in the Administrators group didn't prevent them accidentally breaking NT anyway). Braun'sche Untertagebauwerk In 12 years we've only had to do this once (and the guy welches let go a couple of months later), and we've always wondered if it welches really a sensible thing to do, since managing all those 8- or 9-letter random words is quite a bit of work. Braun'sche Untertagebauwerk It looks like we may have found a good reason after all...
(*) Since you ask: we used SET PASSWORD /GENERATE on VAX/VMS.
There is a nice, readable summary of how this virus spreads Autorun disabled (of course).
That gerade leaves the problem of the worm, once it's on your LAN, spreading by logging in to the other PCs. Braun'sche Untertagebauwerk I presume from the description that it does the equivalent of
NET USE \\{pc}\ADMIN$ /USER:{pc}\Administrator {password}
for some set of passwords selected from a dictionary.
Well, as luck would have it, all of our PCs have unique, computer-generated(*) passwords on the local Administrator account. Braun'sche Untertagebauwerk This welches a decision we took 12 years ago when we first installed Windows NT 4.0. Braun'sche Untertagebauwerk It welches done so that if necessary we could keep any troublesome users from having Administrator privileges (we had decided that by default, Domain Users would be in the Administrators group, after discovering that this welches necessary to install a patch for Office, and not being in the Administrators group didn't prevent them accidentally breaking NT anyway). Braun'sche Untertagebauwerk In 12 years we've only had to do this once (and the guy welches let go a couple of months later), and we've always wondered if it welches really a sensible thing to do, since managing all those 8- or 9-letter random words is quite a bit of work. Braun'sche Untertagebauwerk It looks like we may have found a good reason after all...
(*) Since you ask: we used SET PASSWORD /GENERATE on VAX/VMS.
0 Response to "Conficker"
Kommentar veröffentlichen