[Yr7-10it] Conficker, April the First.

Hysen, David D hysen.david.d at edumail.vic.gov.au
Wed Mar 25 15:01:05 EST 2009


It's hard enough to keep up with everything that's happening. I
appreciate someone with the time to hunt out a few juicy bits, keeps me
ahead of the kids and alerts me to what might be worth further
investigation. I delete as much as I read but I prefer to keep the
option. Keep sending!

Cheers
 
David Hysen
Teacher/ICT Manager/Daily Organiser
Thornbury High School
238 Collins Street
THORNBURY VIC 3071
Mob: 0448 241121 
Ph. Direct: 03 9458 6116/Switch 03 9480 4066
Fax: 03 9480 1314
email: hysen.david.d at edumail.vic.gov.au
	
	
  
 
-----Original Message-----
From: yr7-10it-bounces at edulists.com.au
[mailto:yr7-10it-bounces at edulists.com.au] On Behalf Of Robert Minato
Sent: Wednesday, 25 March 2009 8:23 AM
To: Year 7 - 10 Information Technology Teachers' Mailing List
Subject: Re: [Yr7-10it] Conficker, April the First.

I'm also in favour of Stephen. How easy is it to delete his emails or  
if you really don't want them, have them automatically deleted.

Rob

Robert Minato
Technology Domain
Catholic College Wodonga
02 6043 5546 w
0431 936 226 m






On 25/03/2009, at 7:43 AM, Reid, Cam C wrote:

> Stephen covers a broad range of topics, most of which I wouldn't come
> across in my normal browsing. He has highlighted, research, new  
> products
> and many usable sites which have helped me keep up to date with what  
> is
> happening out there. While some topics may not be related to a
> particular list, I would hate to see Stephen give up sharing his
> findings. As with any emails, the delete button is easy to hit without
> even opening the message. From my point of view, keep up with your
> considerable research Stephen, I look forward to reading your posts.
>
> Cameron Reid
> Shepparton High School
>
> -----Original Message-----
> From: yr7-10it-bounces at edulists.com.au
> [mailto:yr7-10it-bounces at edulists.com.au] On Behalf Of Hutchison,
> Geoffrey G
> Sent: Tuesday, 24 March 2009 10:07 PM
> To: Year 7 - 10 Information Technology Teachers' Mailing List
> Subject: RE: [Yr7-10it] Conficker, April the First.
>
> Pl....lease!
>
> Mods, delete this guy!
>
>
> cheers,
> Geoff Hutchison,
> IT Manager/Coordinator,
> McGuire College,
> Shepparton, Vic
>
>
>
> -----Original Message-----
> From: yr7-10it-bounces at edulists.com.au
> [mailto:yr7-10it-bounces at edulists.com.au] On Behalf Of
> stephen at melbpc.org.au
> Sent: Tuesday, 24 March 2009 10:00 AM
> To: oztl_net at listserv.csu.edu.au; oz-teachers at rite.ed.qut.edu.au;
> sofdev at edulists.com.au; yr7-10it at edulists.com.au
> Subject: [Yr7-10it] Conficker, April the First.
>
> Hi all,
>
> This is an important matter. The following NYTimes article is a little
> scary, but it raises matters that should receive WIDE attention by all
> net users. One would suggest you raise it with colleagues and  
> students.
>
> As you will probably know, there is a powerful virus called  
> 'Conficker'
> currently on the loose, and, apparently, has already infected many PCs
> including for example thousands of UK Government machines. It's set to
> 'go off' on April the First. And, as this NT Times article below  
> notes,
> no one knows exactly what will happen.
>
> Although the article does not mention that apparently Linux etc and  
> Mac
> machines are not a target, only Windows machines, as you will read,  
> for
> the sake of all of us Internet users, it is a GREAT idea for Win  
> people
> to make sure you have updated your anti-virus software and have  
> scanned
> machines recently. Please folks, google 'Conficker' and see what i  
> mean.
>
>
> Computer Experts Unite to Hunt Worm
>
> By JOHN MARKOFF www.nytimes.com March 19, 2009
>
>
> An extraordinary behind-the-scenes struggle is taking place between
> computer security groups around the world and the brazen author of a
> malicious software program called Conficker.
>
> The program grabbed global attention when it began spreading late last
> year and quickly infected millions of computers with software code  
> that
> is intended to lash together the infected machines it controls into a
> powerful computer known as a botnet.
>
> Since then, the program's author has repeatedly updated its software  
> in
> a
> cat-and-mouse game being fought with an informal international  
> alliance
> of computer security firms and a network governance group known as the
> Internet Corporation for Assigned Names and Numbers.
>
> Members refer to the alliance as the Conficker Cabal.
>
> The existence of the botnet has brought together some of the world's
> best
> computer security experts to prevent potential damage.
>
> Last month, Microsoft announced a $250,000 reward for information
> leading
> to the capture of the Conficker author..
>
> The inability of the world's best computer security technologists to
> gain
> the upper hand against anonymous but determined cybercriminals is  
> viewed
>
> by a growing number of those involved in the fight as evidence of a
> fundamental security weakness in the global network.
>
>
> An examination reveals that the zombie computers are programmed to try
> to
> contact a control system for instructions on April 1.
>
>
> There has been a range of speculation about the nature of the threat
> posed by the botnet, from a wake-up call to a devastating attack.
>
> Researchers who have been painstakingly disassembling the Conficker  
> code
>
> have not been able to determine where the author, or authors, is
> located,
> or whether the program is being maintained by one person or a group of
> hackers.
>
> The Conficker program is built so that after it takes up residence on
> infected computers, it can be programmed remotely by software to serve
> as
> a vast system for distributing spam or other malware.
>
> Several people who have analyzed various versions of the program said
> Conficker's authors were obviously monitoring the efforts to restrict
> the
> malicious program and had repeatedly demonstrated that their skills  
> were
>
> at the leading edge of computer technology.
>
> For example, the Conficker worm already had been through several
> versions
> when the alliance of computer security experts seized control of 250
> Internet domain names the system was planning to use to forward
> instructions to millions of infected computers.
>
> Shortly thereafter, in the first week of March, the fourth known  
> version
>
> of the program, Conficker C, expanded the number of the sites it could
> use to 50,000.
>
> That step made it virtually impossible to stop the Conficker authors
> from
> communicating with their botnet.
>
> "It's worth noting that these are folks who are taking this seriously
> and
> not making many mistakes," said Jose Nazario, a member of the
> international security group and a researcher at Arbor Networks, a
> company in Lexington, Mass., that provides tools for monitoring the
> performance of networks. "They're going for broke."
>
> A report scheduled to be released Thursday by SRI International, a
> nonprofit research institute in Menlo Park, Calif., says that  
> Conficker
> C
> constitutes a major rewrite of the software.
>
> Not only does it make it far more difficult to block communication  
> with
> the program, but it gives the program added powers to disable many
> commercial antivirus programs as well as Microsoft's security update
> features.
>
> "Perhaps the most obvious frightening aspect of Conficker C is its  
> clear
>
> potential to do harm," said Phillip Porras, a research director at SRI
> International and one of the authors of the report. "Perhaps in the  
> best
>
> case, Conficker may be used as a sustained and profitable platform for
> massive Internet fraud and theft."
>
> "In the worst case," Mr. Porras said, "Conficker could be turned  
> into a
> powerful offensive weapon for performing concerted information warfare
> attacks that could disrupt not just countries, but the Internet  
> itself."
>
> The researchers, noting that the Conficker authors were using the most
> advanced computer security techniques, said the original version of  
> the
> program contained a recent security feature developed by an M.I.T.
> computer scientist, Ron Rivest, that had been made public only weeks
> before.
>
> And when a revision was issued by Dr. Rivest's group to correct a  
> flaw,
> the Conficker authors revised their program to add the correction.
>
> Although there have been clues that the Conficker authors may be  
> located
>
> in Eastern Europe, evidence has not been conclusive ..
>
> --
>
> Cheers,
> Stephen
>
>
> Message sent using MelbPC WebMail Server
>
>
>
> _______________________________________________
> http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
> Year 7 - 10 IT Mailing List kindly supported by
> http://www.vcaa.vic.edu.au - Victorian Curriculum and Assessment
> Authority and
> http://www.vitta.org.au  - VITTA Victorian Information Technology
> Teachers Association Inc
>
> Important - This email and any attachments may be confidential. If
> received in error, please contact us and delete all copies. Before
> opening or using attachments check them for viruses and defects.
> Regardless of any loss, damage or consequence, whether caused by the
> negligence of the sender or not, resulting directly or indirectly from
> the use of any attached files our liability is limited to resupplying
> any affected attachments. Any representations or opinions expressed  
> are
> those of the individual sender, and not necessarily those of the
> Department of Education and Early Childhood Development.
>
> _______________________________________________
> http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
> Year 7 - 10 IT Mailing List kindly supported by
> http://www.vcaa.vic.edu.au - Victorian Curriculum and Assessment
> Authority and
> http://www.vitta.org.au  - VITTA Victorian Information Technology
> Teachers Association Inc
>
> Important - This email and any attachments may be confidential. If  
> received in error, please contact us and delete all copies. Before  
> opening or using attachments check them for viruses and defects.  
> Regardless of any loss, damage or consequence, whether caused by the  
> negligence of the sender or not, resulting directly or indirectly  
> from the use of any attached files our liability is limited to  
> resupplying any affected attachments. Any representations or  
> opinions expressed are those of the individual sender, and not  
> necessarily those of the Department of Education and Early Childhood  
> Development.
>
> _______________________________________________
> http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
> Year 7 - 10 IT Mailing List kindly supported by
> http://www.vcaa.vic.edu.au - Victorian Curriculum and Assessment  
> Authority and
> http://www.vitta.org.au  - VITTA Victorian Information Technology  
> Teachers Association Inc
>
>



"CONFIDENTIALITY and PRIVACY NOTICE

This e-mail and any files transmitted with it may confidential
information. If you are not the intended recipient, any use, disclosure
or copying of the email is unauthorised. If you have received this email
in error, please notify the sender immediately by reply email and delete
all copies of this transmission together with any attachments.

DISCLAIMER

The contents of this e-mail represent the views of the sender and do not
necessarily represent the views of Catholic College Wodonga."

_______________________________________________
http://www.edulists.com.au - FAQ, resources, subscribe, unsubscribe
Year 7 - 10 IT Mailing List kindly supported by
http://www.vcaa.vic.edu.au - Victorian Curriculum and Assessment
Authority and
http://www.vitta.org.au  - VITTA Victorian Information Technology
Teachers Association Inc

Important - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Early Childhood Development.



More information about the Yr7-10it mailing list