Security and malware information
Malware - general information and links
Once upon a time a worm was a worm, a virus was a virus and all was nicely self-contained and could be cleaned up equally nicely if you had a good anti-virus with a current set of descriptions. This is no longer the case. The boundaries between the different sorts of malware (which the Wikipedia entry defines as: 'short for malicious software' have blurred as each type has taken samples from the repertoire of one or more of the others. So, what can we call them? Well maybe something like "Kitbotwormdoor" - see Wormbotdoorkit? Kitbotwormdoor? Trojwormrootbot? Malware by any other name . . . 2005 - the year of the rootkit? for a very interesting discussion about the different types of malware and the terminology used. Another problem with current malware is that complete removal is likely to involve more than just running an anti-virus or anti-spyware utility as, for example, human attackers exploit backdoors opened on a worm-infested system.
Cambridge documentation and information
- Computer viruses and other malware: what you need to know, including a note on hoaxes
- FAQ: How can I obtain anti-virus software?
- Windows Support's Coping with Unknown Worms, Trojans and Rootkits
- Computing Service central scanning for mail-borne malware
- Computing Service page on dealing more safely with email: Email and the Virus Threat
Other places of interest
- The Virus Bulletin: Independent Malware Advice
- Several of the anti-virus vendors have weblogs, for example F-Secure, Kaspersky Labs and Symantec are worth a read.
- SANS' malware FAQ
- Hoax Busters
Follow the Bouncing Malware
This possibly ought to carry one of those "Warning: not to be read if you are of a nervous disposition" notices.
One of the Internet Storm Centre's incident handlers, Tom Liston
"decided to try an experiment. I wondered just exactly how easy it really was to get an unpatched machine compromised, and what it would look like to "Joe Average" computer user. I set up a VMWare image of a fresh install of Windows XP Home Edition, and headed out on the internet to see just exactly what happened. My trip was an enlightening journey into the dangers lurking out on the 'net for the unwary, and along the way I've learned some interesting things about the spyware/adware industry.'
What happened (in 2004/2005) is in the following installments (the later ones tend to be the last entry in that day's diary).
- FTBM - Part I
- FTBM - Part II
- FTBM - Part III
- FTBM - Part IV
- Follow the Bouncing Malware: A Fresh Bounce
- FTBM VI: Hypnotized and EULAgized
- FTBM VII: Afterglow
- FTBM VIII: All That Glitters Is Not Gold
- FTBM IX: eGOLDFINGER
In 2006 he added one on phishing - but phishing with a nasty tweak.... Phollow the Phlopping Phish.
More editions:-