APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

It's getting really nasty out there

© September 2003 Tony Lawrence

The current crop of Swen worms is still pouring into my server at a rate close to one every 30 seconds. They get filtered out so I never actually see them, but the constant processing is annoying.

These are the ones that look like announcements from Microsoft about new security patches. Apparently some carry a payload and some don't: most are trapped by my virus software, but a few pass through that intact and I have to filter them out by content. I tried using the Subject: line first, but this worm is much more creative than its brethren, and keeps using different permutations. I finally said the heck with it and just trash anything that has Microsoft or MS in the From: header.

It looks like this situation is just going to keep getting worse. Too many people don't use either firewalls or anti-virus software, and those people end up sending all this crap to the rest of us. Instant Messaging could spawn a whole new crop of these.

Unfortunately, finding a few of the creators isn't enough. I've wondered previously just how much of this we can stand: if SoBig and Swen had been active at the same time, how many servers would have just died under the load? How about if a half dozen of these were all active? This is a serious worry.

There are interrelated problems here: One, Microsoft has put out a lot of really bad code that is vulnerable to viruses and worms. They issue fixes, but new holes keep being found, and too few people install the fixes anyway. Because of the general design of tcp/ip and the internet, it's not always easy to track back to the original source.

There are suggestions on all fronts. Microsoft wants to automatically update your software without your permission. I've suggested penalizing people who run vulnerable systems. Others have suggested certifying email so that you know its original source. Probably all of these and more have to be done.

I hope to look back on all this someday when it's all fixed. I'm not sure that's going to be any day soon, but we have to move in that direction or someday a concentrated barrage of this stuff will bring the internet down completely.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> It's getting really nasty out there

Inexpensive and informative Apple related e-books:

Take Control of Automating Your Mac

Sierra: A Take Control Crash Course

Take Control of Apple Mail, Third Edition

iOS 10: A Take Control Crash Course

Take Control of iCloud

More Articles by © Tony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

Principles have no real force except when one is well-fed. (Mark Twain)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode