30.4.05

Tres Gusanos

En el post anterior prometí escribir sobre un gusano que anda por la red, y que a diferencia de todos los otros gusanos (Worms) que andan por allí, éste es bueno y combate al gusano Santy.

Es un gusano que usa Google para buscar sitios con una instalación de phpBB vulnerable. Lo que hace "bueno" a este gusano es que no intenta aproveharse de esta vulnerabilidad como lo hace le gusano Santy, sino que instala un parche que soluciona el problema.
Los sitios afectados ahora muestran el mensaje "viewtopic.php secured by Anti-Santy-Worm V4. Your site is a bit safer, but upgrade to ->= 2.0.11.". Por otra parte, en el sitio web de PHP se atajan (*), y aseguran que el gusano en si no tuvo que ver con ningún problema de seguridad en PHP, según se difundió, sino con la falta de validación de los datos de entrada en phpBB, un problema del que, por desgracia, adolecen una gran cantidad de aplicaciones en PHP.

Por otro lado ha aparecido un gusano que borra los archivos MP3. El hambriento gusano se apoda Nopir B, y se difunde a través de redes P2P disfrazado como un programa para "crackear" las protecciones digitales de los DVDs. El gusano, en un principio parecía estar haciendo justicia borrando archivos MP3 obtenidos ilegalmente, pero en realidad borra todos los MP3, hasta los adquiridos en descargas legales o pagas. Se informó que el gusano, cuando se ejecuta, despliega una leyenda "antipiratería", de allí la idea de que era un gusano justiciero.

Otro gusano "malo" que anda por la red, es el Ahker-F (W32/Acker-F), que se propaga vía e-mail mediante el mensaje: "Watch Angelina Jolie and Brad Pitt cought on TAPE! SEXY CLIP! WTCH IT!". Cuando el archivo adjunto "Clip.zip" se ejecuta, el gusano intenta propagarse a otros ordenadores vía e-mail y redes de intercambio de archivos, utilizando nombres como: PORNO.exe, XXX.exe, Naked WWE Divas.exe, Naked Britney.exe, Naked Celebrity.exe, y Celeb uncensored.exe. También intentará llevar a cabo un ataque de denegación de servicio contra el sitio web de las actualizaciones de seguridad de Microsoft. Como si eso fuera poco, el virus intentará desactivar los programas antivirus o de seguridad del sistema en ordenadores con Windows y también bloquear el acceso a sitios web de empresas antivirus. No obstante, la empresa Sophos ha manifestado que manteniendo los Antivirus actualizados y defendiéndose del spam, en forma combinada, las PCs estarán seguras.

* "se atajan": Expresión cordobesa (Córdoba-Argentina) que quiere decir "tomar precauciones para defenderse o esconderse, generalmente ocultando algún hecho u obrar incorrecto o inapropiado, o demostrando tener la conciencia sucia". La expresión "Atajate nomás!" es equivalente a decir "Hacete el tonto vos!... que ya te vimos!" o "No te hagas el tonto que ya te vimos!.-

3 comentarios:

  1. Computer news

    analysis: Microsoft, Yahoo Take Aim At IM Competition

    Microsoft Corp. and Yahoo Inc. on Wednesday said they would let instant-messaging subscribers communicate across their networks for the first time, a move seen as a response to competitive pressures building from market leader America Online Inc., EBay Inc. and Google Inc.

    Microsoft and Yahoo said they would provide customers in the second quarter of next year with the basic communication services of text communication, computer-to-computer voice calls and presence, which is the ability to see who is available on the network. The deal does not apply to higher-level services, such as tying IM to search, online music or photo sharing; nor do the companies plan to enter an advertising agreement.

    Instead the deal focuses on providing consumers with the ability to communicate across two of the top three instant-messaging networks. Instant-messaging subscribers have long complained about the inability to chat across networks, unless someone is willing to join multiple services.

    "It's about providing a service that users really want," Dan Rosensweig, chief operating office for Yahoo, said in joint news conference with Microsoft.


    As to why the companies didn't provide interoperability sooner, the complexity of linking two networks with 10s of millions of subscribers was one hampering factor, as well as the business implications of opening up a network of customers to a competitor, the companies said.

    Keeping customers on a closed network creates a captured audience for online advertising and makes it easier to lure subscribers to other services.

    Nevertheless, company officials insisted that more open instant messaging has been a longtime desire by Microsoft and Yahoo, which expect the combined network to make their IM services more valuable to each other and customers.

    "This is a situation were one and one will equal three," Blake Irving, corporate vice president for Microsoft MSN communication services, said.

    Nevertheless, the deal is seen more as a result of a changing market in Internet communications. For one, AOL, a division of Time Warner Inc., is firmly established as the market leader in instant messaging in the United States, which is the world's largest consumer market, with 49.2 million subscribers in August, according to web metrics firm ComScore Networks. MSN was second with 24.4 million and Yahoo third with 22 million.

    In addition, online auctioneer EBay has agreed to acquire Internet telephony vendor Skype Technologies SA for $2.6 billion. Skype's voice over Internet protocol software has been downloaded 163 million times worldwide. EBay competes with Yahoo and Microsoft in online retail.

    Google, on the other hand, launched in August its own instant-messaging service Google Talk, which includes PC-to-PC voice calls. As the new kid on the block, Google has a tiny portion of the IM market. Nevertheless, Microsoft has identified Google as a top competitor on the Internet.

    "The most important objective for an Internet portal is to make itself attractive to advertisers: the bigger your base of registered users, the bigger is the audience that you can offer to advertisers," John Delaney, analyst for market researcher Ovum, said in a research note. "By combining their IM user bases, MSN and Yahoo ‘raise the bar’ that Google would need to clear to establish dominance as an IM provider, to a very high level."

    With all the major web portals offering web mail, Internet telephony and instant messaging, experts also believe they are gradually building a communications platform that could one day seamlessly integrate email, voicemail and IM, making it all accessible through multiple devices.

    The heart of such a communications hub would be the contacts directory, experts say. Besides grouping people by their relationship with the IM subscriber, such as a family member, friend or colleague, the directory also establishes whether they are reachable. That could one day be expanded to add how the person wants to be reached, by PC, cellular phone or some other device.

    Knowing whether people are available, how to reach them and where they are could one day open up a lucrative advertising market.

    Microsoft and Yahoo, however, appear to be taking a cautious approach, since the deal does not go beyond basic services. Also, the deal essentially creates a larger proprietary network, and will not, on its own, lead to an open system, such as email.

    "I would not say this is a sign of great openness," Joe Wilcox, analyst for JupiterResearch, said. "It's more like establishing diplomatic relations between two countries, rather than opening borders."

    As the market leader, AOL's next move is important. The company has refused to open its IM network in the past, but is also in talks with Microsoft to combine their Internet operations, according to the Wall Street Journal.

    "Assuming there may have been, or may be, talks between AOL and Microsoft, the timing of the (Yahoo-Microsoft) announcement may have been intentional to influence those presumed discussions," Wilcox said. "AOL has to decide does it want to work with the Microsoft camp, go its own way or form a strategic alliance with someone else."

    AOL did not return calls for comment.

    Customers of Yahoo and Microsoft are expected to be able to sign in with one user ID and password for either network, and automatically have access to subscribers of both companies. The combined service is expected to use session initiation protocol, or SIP, a protocol for real-time communications.

    Security on the larger network, however, is expected to be more problematic, since the two companies would not have the same level of control as with their own networks, Jon Sakoda, chief technology officer for IM security firm IMlogic, said. With the combined networks, virus writers will have an easier path in reaching more people.

    "These are real-time communication networks that are on disparate technology standards," Sakoda said. "There are some significant challenges."

    About the Author: By Antone Gonsalves, TechWeb News
    Copyright © - 2005 Entireweb

    =============================================
    AntiSpyware

    ResponderEliminar
  2. Anónimo7:40 p.m.

    Hello - Great blog on mcafee virusscan slows windows 98. I also have a mcafee virusscan slows windows 98 site that I think would interest your readers. Stop by if you get a chance

    ResponderEliminar
  3. Este blog ha sido eliminado por un administrador de blog.

    ResponderEliminar