Diary of a Network Geek

This is a quick and clever idea!

Okay, so you remember a week ago the Internet was supposed to melt because of all the problems with this Conficker worm? Did you even notice anything amiss at all? Yeah, me neither.
But, still, if you’re like me, you stay awake at night worrying about all the potential worms and virii that might be sitting on your computer, waiting silently, hiding from the security software that you most certainly keep updated, waiting until your guard is down to pounce! Well, okay, maybe it’s just the full-time, professional geeks like me that worry about that. And, yeah, maybe I worry about it happening on my work network more than I do at home, but, still, you get my point. So, how can you know? Well, thanks to Lifehacker, I bring you the Conficker “Eye Chart”.

The principal is simple, really. Conficker blocks access to several security sites so you can’t download updates or removal tools that would clean it from your system. The Eye Chart simply links to graphics from those sites, and several others as a control set. So, if you can’t see images from the security sites, you know that you most likely have Conficker and have to get the removal tool from somewhere else to clean your system. Pretty neat idea, I think. So, go ahead and click the link to the Conficker “Eye Chart” and check for yourself.

Now, if you do have it, I suggest going to either the Microsoft page about Conficker and its removal, or download the Symantec removal tool from another PC and then take that to your infected PC via a USB drive and run it. Though, to be honest, I think the whole thing was blown out of proportion by a few alarmists in the media. (Though not Houston’s Dwight Silverman, I might note! Which is one of the reasons I follow his blog!)

Guess what I’ve been doing today?

Well, at least for the past couple of hours. Yep, I’ve been trying to beat MyDoom into submission at my second, “part-time” consulting gig. I don’t know where they got it, how many machines have it, yet, or even how long they’ve had it, but they got it. I even did the updates via the Micro$loth Update service, but that just wasn’t good enough. So, while I type this entry, the MyDoom removal tool is downloading, as is Spybot Search and Destroy. Why both? Well, at least one of the people at this site has KaZa loaded on their machine. And, while I’m sure it’s a great program for trading perfectly legal files, it’s about the most pernicious virus infection vector I’ve ever seen. If I were making the policy here, I’d just uninstall it and tell them not to ever even consider asking about the possibility of installing it again. But, no, I’m a “consultant” so I have to be more diplomatic than that. Which, I think, I was. (My wife was there, so I think she’ll back me up on that.) Is it wrong to pray for something so small and trival like someone forbidding another to run a piece of software? Well, if it is, it’s too late for me, because I’ve already done it.
Oh, well, at least I got paid for the four hours of work by the hour, at my “on-the-side” rates…