[70145] in North American Network Operators' Group
Re: Worms versus Bots
daemon@ATHENA.MIT.EDU (Mike Lewinski)
Mon May 3 15:52:05 2004
Date: Mon, 03 May 2004 13:51:35 -0600
From: Mike Lewinski <mike@rockynet.com>
To: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0405022251070.24652@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
Sean Donelan wrote:
> Other than the obvious, don't let a bot on get on your computer in
> the first place, are there any opinions about the best anti-bot tools
> for naive computer users? The major virus vendors seem to be having
> a bit of trouble dealing with bots, frequently recommending manual
> editing of files and use of regedit. There is also a much longer
> delay between the apperance of a new bot and updates to antivirus
> packages.
I personally stick with the BCP "backup, reformat and reinstall from
your original media". That goes for worms and bots.
Just because a machine has a bot/worm/virus that didn't come with a
rootkit, doesn't mean that someone else hasn't had their way with it.
Then again, I've seen businesses who had sensitive client financial data
on compromised systems completely ignore this advice, so it's generally
given without much hope, esp. where the stakes are lower.
