Worms versus Bots

Rob Nelson ronelson at vt.edu
Mon May 3 11:41:52 UTC 2004

At 11:04 PM 5/2/2004, Sean Donelan wrote:

>The antivirus vendors are bemoaning the fact the Sasser worm has been
>slow to spread.  On the other hand, most of the vulnerable computers
>seem to have already been taken over by one or more Bots days or weeks
>before the worms arrived.
>Other than the obvious, don't let a bot on get on your computer in
>the first place, are there any opinions about the best anti-bot tools
>for naive computer users?  The major virus vendors seem to be having
>a bit of trouble dealing with bots, frequently recommending  manual
>editing of files and use of regedit.  There is also a much longer
>delay between the apperance of a new bot and updates to antivirus

One of my concerns is that it's easy to download an anti-virus package 
which will most likely delete (it seems that unless it's a VBA macro virus 
the files can never be cleaned!) some of the 100% worm or virus files. The 
trojan programs, bots, and spyware stick around. It would be a wonderful 
program that scanned for and cleaned up BOTH virus and bot files...

Rob Nelson
ronelson at vt.edu

More information about the NANOG mailing list