Worms versus Bots
Rob Nelson
ronelson at vt.edu
Mon May 3 11:41:52 UTC 2004
At 11:04 PM 5/2/2004, Sean Donelan wrote:
>The antivirus vendors are bemoaning the fact the Sasser worm has been
>slow to spread. On the other hand, most of the vulnerable computers
>seem to have already been taken over by one or more Bots days or weeks
>before the worms arrived.
>
>Other than the obvious, don't let a bot on get on your computer in
>the first place, are there any opinions about the best anti-bot tools
>for naive computer users? The major virus vendors seem to be having
>a bit of trouble dealing with bots, frequently recommending manual
>editing of files and use of regedit. There is also a much longer
>delay between the apperance of a new bot and updates to antivirus
>packages.
One of my concerns is that it's easy to download an anti-virus package
which will most likely delete (it seems that unless it's a VBA macro virus
the files can never be cleaned!) some of the 100% worm or virus files. The
trojan programs, bots, and spyware stick around. It would be a wonderful
program that scanned for and cleaned up BOTH virus and bot files...
Rob Nelson
ronelson at vt.edu
More information about the NANOG
mailing list