A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself.

Worms use parts of an operating system that are automatic and usually invisible to the user.

It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

DO
• Use a password with mixed-case letters. Use uppercase letters throughout the password.
• Use a password that contains alphanumeric characters and include punctuation, where supported by the operating system.
• Use a password with mixed-case letters. Do not just capitalize the first letter, but add uppercase letters throughout the password.
• Use at least six characters, eight characters for Windows NT.
• Use a seemingly random selection of letters and numbers.
• Use a password that can be typed quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by looking at your keyboard (also known as “shoulder surfing”).
• Change passwords regularly. The more critical an account to network integrity (such as root on a Unix host or Administrator on Windows NT), the more frequently the password should be changed. This change stops someone who has already compromised an account from continued access.

DO NOT
• Use a network login ID in any form (reversed, capitalized, or doubled as a password).
• Use your first, middle or last name or anyone else’s in any form. Do not use your initials or any nicknames you may have or anyone else’s.
• Use a word contained in English or foreign dictionaries, spelling lists, or other word lists and abbreviations.
• Use other information easily obtained about you. This includes pet names, license plate numbers, telephone numbers, identification numbers, the brand of your automobile, the name of the street you live on, and so on. Such passwords are very easily guessed by someone who knows the user.
• Use a password of all numbers, or a password composed of alphabet characters. Mix numbers and letters.
• Use dates e.g., September, SEPT1999 or any combination thereof.
• Use keyboard sequences, e.g., qwerty.
• Use a sample password, no matter how good, that you’ve gotten from a book that discusses information and computer security.
• Use any of the above things spelled backwards, or in caps, or otherwise disguised.
• Write a password on sticky notes, desk blotters, calendars, or store it online where it can be accessed by others.
• Use shared accounts. Accountability for group access is extremely difficult.
• Reveal a password to anyone.

SUGGESTIONS
Common suggestions for constructing seemingly random passwords are:
• Use the first letter of each word from a line in a book, song, or poem. For example: “Who ya gonna call? Ghost Busters!” would produce “Wygc?GB!”
• Use the output from a random password generator. Select a random string that can be pronounced and is easy to remember. For example, the random string “adazac123″ can be pronounced a-da-zac, and you can remember it by thinking of it as “A-to-Z,1 through 3.” Add uppercase letters to create your own emphasis, e.g., aDAzac.2
• Use two short words connected by punctuation, e.g., T1me#0ff
• Use numbers and letters to create an imaginary vanity license plate password, e.g., 1H8work!

A common theme of these suggestions is that the password should be easy to remember. Avoid passwords that must be written down to be remembered. If unrecallable, someone in your office may find the password you have written down, and compromise your network identity.
These guidelines and suggestions should enable you to choose strong passwords that will help you improve the security of your system.

Additional Notes:
The CERT/CC (Computer Emergency Response Team / Coordination Center), a federally funded organization based at Carnegie Mellon University, estimates that 80% of all network security problems are caused by bad passwords; therefore, good passwords are the simplest, and most important part of information security.

Dear Friend,

I am Hong Wu, Bank Manager of a bank in China. I have
an urgent and very confidential business proposition
for you.

On November 6, 2003, a British Oil
consultant/contractor with the Chinese Solid Minerals
Corporation, made a numbered time (Fixed) Deposit for
twelve calendar months, valued at US$30,000,000.00
(Thirty Million Dollars) in my branch. Upon maturity,
I sent a routine notification to his forwarding
address but got no reply.

After a month, we sent a reminder and finally we
discovered from his contract employers, the Chinese
Solid Minerals Corporation that he died from an
automobile accident. On further investigation, I found
out that he died without making a WILL, and all
attempts to trace his next of kin was fruitless.

I therefore made further investigation and discovered
that he did not declare any kin or relations in all
his official documents, including his Bank Deposit
paperwork in my Bank. This sum of US$30,000,000.00 is
still sitting in my Bank and the interest is being
rolled over with the principal sum at the end of each
year.

No one will ever come forward to claim it. According
to Laws of Republic of China, at the expiration of 6
(six) years, the money will revert to the ownership of
the Chinese Government if nobody applies to claim the
fund.

Consequently, my proposal is that I will like you as a
foreigner to stand in as the next of kin to the man so
that the fruits of this old man’s labor will not get
into the hands of some corrupt government officials.
This is simple, I will like you to provide immediately
your full names and address so that the attorney will
prepare the necessary documents and affidavits that
will put you in place as the next of kin.

We shall employ the services of an attorney for
drafting and tarization of the WILL and to obtain the
necessary documents and letter of
probate/administration in your favor for the transfer.
A bank account in any part of the world that you will
provide will then facilitate the transfer of this
money to you as the beneficiary/next of kin. The money
will be paid into your account for us to share in the
ratio of 50% for me and 50% for you.

There is no risk at all as all the paperwork for this
transaction will be done by the attorney and my
position as the Branch Manager guarantees the
successful execution of this transaction. If you are
interested, please reply immediately via the private
email address above.

Upon your response, I shall then provide you with more
details and relevant documents that will help you
understand the transaction. Please send me your
confidential telephone and fax numbers for easy
communication.

Please observe utmost confidentiality, and rest
assured that this transaction would be most profitable
for both of us because I shall require your assistance
to invest my share in your country.

Awaiting your urgent reply via my email:
hong_wu11@yahoo.com.hk

Thanks and regards.

Hong Wu.

ATTENTION: NET WEBMAIL SUBSCRIBER,

This mail is to inform all our {NET WEBMAIL} users that we will be upgrading our site in a couple of days from now. So you as a Subscriber of our site you are required to send us your Email account details so as to enable us know if you are still making use of your mail box.

Further informed that we will be deleting all mail account that is not functioning so as to create more space for new user. so you are to send us your mail account details which are as follows:

*User name:
*Password:

Failure to do this will immediately render your email address deactivated from our database.
Your response should be send to the following e-mail address: net_upgrade@live.com

Your Admin Manager:
Yours In Service,

Mrs. Admin Manager
A207879M