Jump to content
The Education Forum

SD Bot virus


Guest

Recommended Posts

My College network has recently suffered from a viral infection form a variant of the SD Bot Trojan. Our technical staff appear to be at their wits end about it and can now be found rocking quitely in their offices heads in hand.

It seems likely to me that the infection is well established and has damaged our network significantly. We have been without Internet access for several days.

There is always a tendency to "blame" on these occassions and I am concerned that the whole episode could be used to restrict student access to the Internet. I do not believe that this is the correct response.

If anyone has any sensible advice on how to rid a network of such an infection, or information on how such an infection could have occurred, or how similar events could be avoided in the future, please reply in this thread :(

Link to comment
Share on other sites

It appears that SDbot exists in various forms. Is this what you are looking for?

http://securityresponse.symantec.com/avcen...door.sdbot.html

http://securityresponse.symantec.com/avcen...r.sdbot.ae.html

http://www.2-spyware.com/remove-sdbot-trojan.html

http://www.pchell.com/virus/sdbot.shtml

I am surprised that it got into your system. Most antivirus software seems to be able to detect an invasion of SDbot, providing the data regarding new virus threats is downloaded.

Link to comment
Share on other sites

It appears that SDbot exists in various forms. Is this what you are looking for?

http://securityresponse.symantec.com/avcen...door.sdbot.html

http://securityresponse.symantec.com/avcen...r.sdbot.ae.html

http://www.2-spyware.com/remove-sdbot-trojan.html

http://www.pchell.com/virus/sdbot.shtml

I am surprised that it got into your system. Most antivirus software seems to be able to detect an invasion of SDbot, providing the data regarding new virus threats is downloaded.

So am I!

Things seem to be returning to normal now following the updating of anti virus software and a lot of hard work by our technical staff. Perhaps Graham you have some advice on the best anti virus package for a school network?

Link to comment
Share on other sites

Andy asks:

Perhaps Graham you have some advice on the best anti virus package for a school network?

I have a small home LAN, which I protect with Norton AV 2004 (Symantec). It's always worked well. The only time it let me down was around 4-5 years ago when FunLove sneaked in through a Microsoft "hole". Fun Love was the first Web-borne virus to hit me. The Web-borne viruses were fairly new at the time, and many network managers claimed that they didn't exist! Norton AV 2000 trapped FunLove but only after it had sneaked in through the hole and had already done some damage. I should have patched the hole, of course, but then Microsoft shouldn't have developed such a tacky, insecure system.

Many schools that I know use Sophos, which network managers seem to like:

Sophos: http://www.sophos.com

But you need more than just AV protection.

I use the ZoneAlarm Pro firewall - which seems very secure. If you think your system is secure from intruders then you can run a series of tests at the Gibson Research Corporation (GRC) site in the ShieldsUP! section. GRC will try to hack into your computer and report if they succeed: http://grc.com

It tried it, and GRC couldn't hack me while ZoneAlarm Pro was running.

I use MailWasher Pro to filter out email-borne viruses:

MailWasher Pro: http://www.firetrust.com

I also use SpyBot:

http://spybot.safer-networking.de - software for spotting and removing adware and spyware.

Finally, I always "wash" my system on boot-up, removing Web clutter left over from browsing sessions, cookies, etc:

Window Washer: http://www.webroot.com - a package for removing caches, cookies and other Web clutter from your computer.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...