Our wholesale bandwidth provider, CenturyLink, has informed us that one or more of our subscribers is running a Windows PC infected with the Conficker (also called Downadup) worm, which is making attempts to spread from our network into their equipment. CenturyLink has asked us to provide our subscribers with the following notification:
CenturyLink recommends that you patch all Windows operating systems, as described in Microsoft Security Bulletin MS08-067. In the event that you are unable to update your antivirus program to remove the worm, you may need to seek assistance from a computer professional to effectively remove the worm and update your antivirus protection. Please note that you may need to reinstall updated antivirus software after the worm is removed to restore protection.
If you’re running a PC, please take the time to download and run the Microsoft Malicious Software Removal Tool, and follow up by downloading and installing all outstanding upgrades to whatever antivirus package you use. Old versions of Windows (notably XP or older) are particularly vulnerable to this infection.
Conficker does not infect MacOS, Linux, smartphones, tablets, or smart devices.
This week’s networking crisis is that black-hats have found another way to violate your privacy. Called the KRACK exploit, it allows hackers to spoof WiFi protocol so as to break its encryption and read your traffic.
It’s worth pointing out that this is not just a zero-day bug in some manufacturer’s implementation—it’s a defect in the WiFi standard itself, and all WiFi (802.11) encryption is vulnerable to it. It does require a hacker to be close enough to have physical access to your radio signal.
We wanted to let you know what we were doing about it, and also what you should be doing about it yourself. Continue reading →
We received a note today from CenturyLink (our gateway provider) complaining that one or more of our subscribers’ PCs are infected with the “Asprox” bot virus, and are generating traffic off-net designed to infect other users.
Since all but a few of our subscribers are anonymized at the gateway portal, identifying the articular infected subscriber is extremely labor-intensive. Asprox is typically spread by official-looking notices about court dates, traffic or toll fines, internet voice or fax messages, and the like. If you tried to open the attachment on one of these, chances are the problem is your PC. (Asprox doesn’t infect Macs.)
The source of our accelerating spate of short but frequent outages has been found and fixed. Our network has now been entirely outage-free for 24 hours straight, and we expect it to stay that way. Continue reading →
Grand Avenue Broadband is currently being subjected to a Denial of Service attack originating in China. This is visible to subscribers as intermittent service, interrupted Netflix movies, dropped VoIP phone connections, and generally poor availability. Continue reading →
The “Heartbleed” internet bug has been all over the news this week. In brief, the bug allows crackers to fetch arbitrary memory regions from sites using secure transmission protocols, which can then be examined for nuggets of valuable secure information such as encryption keys or credit card numbers. This “xkcd” cartoon explains about as clearly as possible what the bug actually is and how crackers could use it.
I thought it worthwhile to write a few words to our own subscribers explaining what the bug means to you, and what, if anything, you should do about it.