ME does not require win.com or command.com-many trojans target these two files-delete them.Also rename regedit.exe to reg.com to stop registry attacks

Sobering thoughts and timely too, it pays to be vigilant when it come to security and the entire online community is done a service by bringing these flaws out in the open. Thanks for bringing this to our attention.

I found the grcdos article to be an EXCELLENT read, from beginning to end. I dont know much about how packets work, but i understand DDoS's a little bit better, and how hackers operate. Kind of unfolds like a movie actually...Gibson gets right into the base of operation of the Zombie/bots.

Also, in the XP/DoS article, while I agree that a integrated firewall will help offset the problem of DoS attacks, I think either Microsoft will take ease of use over effectiveness, and leave little user intervention of it, possibly letting an easy leak, or make it actually effective, which requires a bit of user intervention, in which a novice user can screw up. For instance, if you installed ZoneAlarm on everyones comp, there are some people who would just check always and yes for anything and everything, assuming it has to do with some program on thier computer they are using, especially a cryptic looking filename such as one made by this zombie/bot trojan.

Also they explain how BlackICE didn't do anything to stop the trojan while ZoneAlarm blocked it just fine. Something to think about for those still defending BlackICE Defender.

Is Steve Mel's brother?

hehe - sorry I couldn't resist...


get it? Gibson... ah never mind..... he says fading back into obscenity..er I mean obscurity.... fade to black

[This message has been edited by CMonster (edited 06-02-2001).]

What an article! That's a must read for everyone here I think