APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

It's getting really nasty out there

The current crop of Swen worms is still pouring into my server at a rate close to one every 30 seconds. They get filtered out so I never actually see them, but the constant processing is annoying.

These are the ones that look like announcements from Microsoft about new security patches. Apparently some carry a payload and some don't: most are trapped by my virus software, but a few pass through that intact and I have to filter them out by content. I tried using the Subject: line first, but this worm is much more creative than its brethren, and keeps using different permutations. I finally said the heck with it and just trash anything that has Microsoft or MS in the From: header.

It looks like this situation is just going to keep getting worse. Too many people don't use either firewalls or anti-virus software, and those people end up sending all this crap to the rest of us. Instant Messaging could spawn a whole new crop of these.

Unfortunately, finding a few of the creators isn't enough. I've wondered previously just how much of this we can stand: if SoBig and Swen had been active at the same time, how many servers would have just died under the load? How about if a half dozen of these were all active? This is a serious worry.

There are interrelated problems here: One, Microsoft has put out a lot of really bad code that is vulnerable to viruses and worms. They issue fixes, but new holes keep being found, and too few people install the fixes anyway. Because of the general design of tcp/ip and the internet, it's not always easy to track back to the original source.

There are suggestions on all fronts. Microsoft wants to automatically update your software without your permission. I've suggested penalizing people who run vulnerable systems. Others have suggested certifying email so that you know its original source. Probably all of these and more have to be done.

I hope to look back on all this someday when it's all fixed. I'm not sure that's going to be any day soon, but we have to move in that direction or someday a concentrated barrage of this stuff will bring the internet down completely.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> It's getting really nasty out there

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Tony Lawrence

Kerio Samepage

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Your computer needn't be the first thing your see in the morning and the last thing you see at night. (Simon Mainwaring)

This post tagged: