Information Security News
mailing list archives
FBI, computer industry join forces against viruses, worms
From: InfoSec News <isn () c4i org>
Date: Tue, 2 Oct 2001 04:30:20 -0500 (CDT)
Monday, Oct. 1, 2001
WASHINGTON (AP) -- The FBI is teaming up with the computer industry to
help American companies and regular Internet users prevent the 20
worst computer threats -- from the Code Red worm to the Melissa virus.
The FBI also announced Monday it is putting computer security tips for
home users on the National Infrastructure Protection Center's Web site
with the intention of making it a one-stop shop for home users
confused by most security terms.
``The challenge right now is that (home users) either go to a vendor,
or they go to a site that's too techie for them, so they give up,''
said Alan Paller, research director at the Sans Institute, working
with the government on the project.
For regular users
``This is a site that's designed for people that are regular users,
and it isn't trying to sell them anything,'' he said. The tips include
using updated antivirus software and being suspicious of e-mail
All the recent Internet viruses took advantage of well-known program
vulnerabilities, and the government hopes to get users and companies
to patch them before the next virus appears.
The list, compiled with the help of more than 50 computer security
experts, addresses software bugs in Unix and Microsoft Windows
operating systems, as well as many common mistakes. These include
using simple passwords and not backing up critical data.
The all-purpose fix will help counter the thousands of hacking tools
that scan through the Internet looking for vulnerable computers.
``It lets (computer administrators) know the things these scanning
programs are looking for, and it will protect them the instant they
put the machine on the Internet,'' Paller said.
Sans Web site
Both the list and the fixes can be found on the non-profit Sans
Institute Web site. The institute's Paller said the Top 20 scanner can
be obtained for free by sending an e-mail to the Center for Internet
Security, using instructions found on the Sans Institute Web site at
Paller said the fix eventually will be distributed on a CD-ROM as
Security experts long have said computer users should download
regularly new software fixes, known as patches, but the practice is
frequently overlooked at large companies and universities.
Many individual users are unaware of vulnerabilities in their
computers and find installing software updates tedious and difficult.
In July, the FBI and industry groups joined in a campaign to tell
computer users how to protect themselves from the Code Red worm
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
- FBI, computer industry join forces against viruses, worms InfoSec News (Oct 02)