Should you worry about CodeRed.F?

The mainstream press is whipping up fears about a new variant of the CodeRed virus/worm called CodeRed.F. I’ve already seen a few well-meaning souls post warnings implying that this new threat can strike people running any version of Windows. Well, not exactly.

As always, Symantec Security Response has a prompt and timely explanation of what CodeRed.F can and can’t do.

Here’s the bottom line: This virus, like the original CodeRed, affects only computers that are running Internet Information Services — in other words, those that are acting as Web servers. If you are using a normal desktop configuration of Windows, you need not take any special precautions.

Of course, some people actually do run IIS (or its older baby cousin, Personal Web Server), so that they can deploy their Web pages onto a local test site before going live with them. If you’ve installed IIS or PWS on your computer, you’re potentially vulnerable. (Not sure whether you’re running your own Web server? Type http://localhost in your browser. If it returns a Server Not Found error message, you’re safe.)

Of course, anyone running IIS should be especially vigilant about installing security patches for it. In particular, patch MS01-33 and patch MS01-44, both of which were released in summer 2001 (nearly two years ago!), protect against this infection. Norton AntiVirus signatures from August 2001 (and those of virtually every other leading AV software maker) also protect against it.

The real threat with this virus is that it is slowing down traffic on the Web as a whole because of all the servers around the world, especially in Europe and Asia, which have not had the proper patches installed.

Messenger pop-ups revisited

A few weeks ago, I posted an article on this site, entitled Stop those pop-ups (part 2), describing how to get rid of those nasty, obnoxious, annoying pop-up windows that seem to be afflicting just about everyone with a computer running Windows XP.

After checking in with some newsgroups, I’m now convinced that this is the #1 complaint of Windows XP users. These things seem to come out of nowhere, because the Messenger service (again, not to be confused with the Windows Messenger instant messaging program!) wasn’t a part of Windows 95/98/Me. Most people assume that they’re related to the pop-ups spawned by Web browsers. They’re not. They’re direct PC-to-PC messages from a sleazy spammer to you.

In fact, you should consider these pop-ups a great test of your PC’s security. If you’re getting these messages, your computer is dangerously exposed to hackers, crackers, and other attackers. You can shut down the Messenger service, as I outline in the article above, but that only solves the immediate symptom. To protect yourself from other, similar vulnerabilities, I highly recommend that you install a hardware router with port-blocking capabilities, or a software firewall, or both.

Become a Master Googler

I’m continually amazed at the number of people I meet who still don’t know about Google, the amazing search engine that helps you find just about anything on the Internet. Go to Google’s home page, type a word or phrase into the search box, click the Google Search button, and prepare to be amazed.

If you’ve already discovered Google, here’s how to do more with it. Go to the Google Web Search Features page and read about the advanced features available to anyone willing to roll up their sleeves. You can look up the meaning of a word, translate a word, paragraph, or entire page into another language, find phone numbers, track down a map of a street address, and do much, much more.

And don’t miss the Google Toolbar, a lightweight, easy-to-install add-in that puts a Google input box (and several more tools) into Internet Explorer, so you can search from any page…

How did we get along before Google?