posted on October 6, 2001 08:02:44 AM new
* WARNING EBAY IPIX INFECTS USERS WITH NIMDA VIRUS *
Anyone using ebaY pic services, on any of the ebaY sites, US or International, while listing on 2 and 3 October, needs to scan their computers for the NIMDA virus. using an ebaY service, that required an ActiveX download, was opening a dangerous portal into your computer. Since there are innumerable services that provide reliable pic services that do not require such a download, Once you get NIMDA cleaned off your computer, change ALL your passwords on ebaY and all other sites you use.
To check for and clean up after the NIMDA virus, go to one of these sites
The moment I read ACTIVEX was a requirement in order to use Ebay's PIX, I replied that: GREAT! Now they are asking everyone to expose their PC to a virus...
Assuming that is really the case, I wonder why it took so long
posted on October 6, 2001 10:43:15 AM new
Ahem - not meaning to be a pain about this but it IS normally required when quoting a source, to credit the source. The quote should read - "* WARNING EBAY IPIX INFECTS USERS WITH NIMDA VIRUS *
Anyone using ebaY pic services, on any of the ebaY sites, US or
International, while listing on 2 and 3 October, needs to scan their
computers for the NIMDA virus. TAG has always cautioned our subscribers
that using an ebaY service, that required an ActiveX download, was
opening a dangerous portal into your computer. Since there are
innumerable services that provide reliable pic services that do not
require such a download, we have always and continue to recommend folks
stay away from ebaY pic services. Once you get NIMDA cleaned off your
computer, change ALL your passwords on ebaY and all other sites you use.
To check for and clean up after the NIMDA virus, go to one of these
sites
http://www.microsoft.com/TechNet/security/topics/nimda.asp
http://vil.mcafee.com/dispVirus.asp?virus_k=99209
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]" TAGnotes 5 Oct 01
posted on October 6, 2001 07:35:22 PM new
I do not have a clue what systems Ebay uses...I know that "Sun" was in the picture before..
I use "Panda" anti-virus, and get a little "heads-up" everyday.
This is what I received today:
- Weekly summary -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, 6 October 2001 -- This week in Oxygen3 24h-365d, we have focused on
the following news.
-Protection against brute force attacks (10/02/01).
Brute force attacks are attacks in which all possible password combinations
are tried in an authentication system in order to gain access to systems.
One way of protecting against these attacks is to disable default user
names, especially those that have maximum system privileges (e.g.
'Administrator' in Windows NT and 2000).
-The list of critical Internet security vulnerabilities continues to grow
(10/03/01).
The list of common Internet security vulnerabilities drawn up by the SANS
Institute and the National Infrastructure Protection Institute (NIPC) now
ranks the 20 most common Internet vulnerabilities, whereas the original list
published a year ago only included 10. This highlights the increasing
difficulty involved in maintaining security on the Internet. The ranking is
available at: http://www.sans.org/top20.htm
- Cisco PIX Firewall denial of service vulnerability (10/04/01).
Cisco have reported -at
http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml - a
problem in the Cisco PIX Firewall AAA authentication system, which could
allow a denial of service attack. This vulnerability does not affect the IOS
Firewall feature set or any other Cisco products.
- Security patch for Excel and PowerPoint (10/05/01).
Excel and PowerPoint have a function that controls the execution of macros
and prevents them from being launched automatically, but a vulnerability
could trick the security framework. This problem affects Excel and
PowerPoint versions 2000 and 2002 for Windows and versions 98 and 2001 for
Macintosh. This flaw could potentially be exploited by worms and viruses,
and for this reason any users whose computers could be affected are advised
to apply the corresponding patch. The addresses for downloading these
patches are available at:
http://www.microsoft.com/technet/security/bulletin/MS01-050.asp
(*)NOTE: Depending on your e-mail client, the addresses may appear split. If
this is the case, join them on the same line (using the 'cut' and 'paste'
options)."
Just wondering if this could be related to the Ebay thing? As I said, I know NOTHING about NOTHING
posted on October 6, 2001 07:44:20 PM new
Ironically, I followed advice to disable scripting in order to protect against the Nimda virus -- and suddenly, Ebay pages are all gobbledygook, unintelligible. As of tonight, at least. Perhaps it will fix itself. So many things at Ebay do.
