Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Sasser Worm Infects Thousands of Computers Worldwide
Bloomberg ^ | May 3, 2004

Posted on 05/03/2004 8:30:21 AM PDT by FourPeas

Edited on 07/19/2004 2:14:00 PM PDT by Jim Robinson. [history]

May 3 (Bloomberg) -- A computer worm called Sasser may have infected hundreds of thousands of computers through the Internet and is still spreading, possibly disrupting business today, a security software expert said.

The worm, which is different than a virus because it doesn't need to be attached to an e-mail to spread, causes a computer to shut down and then reboot several times, apparently without causing any permanent damage, said Mikko Hyppoenen, director of virus research with Helsinki-based F-Secure Oyj. The worm was detected Saturday at 4 a.m. Finnish time, he said.


(Excerpt) Read more at quote.bloomberg.com ...


TOPICS: Business/Economy; Crime/Corruption; Culture/Society; Front Page News; News/Current Events
KEYWORDS: lowqualitycrap; microsoft; sasser; windows; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-116 last
To: sigSEGV
You can do it via NetBIOS and TCP port 139 if you block 445, but you can't do SMB over TCP/IP without 445. That's why I was wondering about the "alerts for 445 activity" bit - either they're swimming in alerts, or they're not doing SMB over TCP/IP, and can afford to block 445.
101 posted on 05/03/2004 3:41:05 PM PDT by general_re (Drive offensively - the life you save may be your own.)
[ Post Reply | Private Reply | To 100 | View Replies]

To: varina davis
Bookmark
102 posted on 05/03/2004 3:49:13 PM PDT by is_is
[ Post Reply | Private Reply | To 50 | View Replies]

To: general_re
We're blocking 445 TCP&UDP (in all directions) on our external firewalls, and on our internal firewalls to protect cross-VLAN traffic. We're also monitoring the rest of our routers and switches for traffic on those ports.

All told, it looks like our security did pretty well. The day is almost over, and that one incident seems to be the sum of todays problems. I'll knock on wood that my pager doesn't go off tonight :)
103 posted on 05/03/2004 4:07:06 PM PDT by Arthalion
[ Post Reply | Private Reply | To 99 | View Replies]

To: Arthalion
Score one for the good guys ;)
104 posted on 05/03/2004 4:13:49 PM PDT by general_re (Drive offensively - the life you save may be your own.)
[ Post Reply | Private Reply | To 103 | View Replies]

To: brownsfan
If by zealot you mean devotee, yes, I am a Mac devotee. I've never owned any other kind of computer, and frankly have no reason to own any other kind. I'm perfectly happy with the Macs I've owned over the years. I've never had service problems, viruses, or anyother troubles with my Macs. If you find something that works well for you, why change it?

I'm far from being a liberal or insecure, and I could give a rat's ass if the rest of the world thinks they're one step ahead of me. I own and use a computer for my benefit, not anyone else's.

Oh, I'm a Nissan zealot too!

105 posted on 05/03/2004 4:55:03 PM PDT by mass55th
[ Post Reply | Private Reply | To 20 | View Replies]

To: N. Theknow
"I heard a rumor that MAC users don't fall down."

Must be one of those Urban Myths. This Mac user has had a few tumbles over the years, but they haven't been on the ski slopes or off a bike. I don't do either.

106 posted on 05/03/2004 4:57:51 PM PDT by mass55th
[ Post Reply | Private Reply | To 34 | View Replies]

To: j_tull
I heard on the radio tonight that there was a patch for this a month ago. Did my co's IT folks fuck up? I couldnt do any work all day! Not sure about tomorrow.
107 posted on 05/03/2004 4:59:30 PM PDT by Huck (In the Soviet Union, the Admin Moderators ruled.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: j_tull
We couldn't patch any of our Dell C400's becuase they won't boot with the patch installed.

quick question - do you work for IP? If so, what image versions are on the C400s? If you work for IP send me Freepmail and I'll elaborate.

If not, what OS and patch level are you at on the C400s having problems? This could be a problem unique to the C400 and I have access to the "inner sanctum" at Dell and might be able to pull some resources. I'll be at the Dell Customer Council (top 25 customers) next week and this could be a REALLY interesting topic to bring up (g)

TIA

108 posted on 05/03/2004 5:09:15 PM PDT by Phsstpok (often wrong, but never in doubt)
[ Post Reply | Private Reply | To 3 | View Replies]

To: brownsfan
Ah, the Mac vs. PC thing. Word of advice to Mac users: don't bother explaining why you use a Mac. You have the competitive advantage that most people don't, and by encouraging others to switch to Mac, you'd in a sense giving up your advantage.

I'm a developer, and have 3 Macs, and 3 Windows boxes, a wireless network in my home, etc. I strongly prefer Mac, but just don't care about "The Argument" between the platforms.

FWIW, my wife has PC-Cillin on her PC. I don't have any virus software on my Mac. Never have gotten a virus, ever, in 15 years of using Macs. I even open up viruses I receive in emails, just to see what they look like. Cocky, hm?
109 posted on 05/03/2004 5:13:49 PM PDT by Theo
[ Post Reply | Private Reply | To 20 | View Replies]

To: FourPeas
Wonder when we are going to start cleaning up e-mails for viruses at the service providers. They ought to be done in both directions there. Anyone know about the feasibility of this?
110 posted on 05/03/2004 5:26:24 PM PDT by TheLion
[ Post Reply | Private Reply | To 1 | View Replies]

To: ParityErr
Norton detects this as of the 4/30 update.
111 posted on 05/03/2004 6:01:05 PM PDT by Woodman ("One of the most striking differences between a cat and a lie is that a cat has only nine lives." PW)
[ Post Reply | Private Reply | To 30 | View Replies]

To: mass55th
FWIW Windows User since 3.0. MS User for over 15 years now. I have had 1 (one) virus in all that time and it was a macro virus sent to me by the CEO in a report. He sent an email 10 minutes later telling us not to open the previous email (that I was reading at the time).

I also have over 80 PC's at work running Windows 2 (two) got hit with sasser because they had not been turned on for several weeks (things were not up to date).

Most people who get viruses are not taking the caution they should when using computers on a network. It's funny that they even remember to put oil in their cars or check the breaks every once in a while, but they expect their computers to protect them without any effort on their part.
112 posted on 05/03/2004 6:12:12 PM PDT by Woodman ("One of the most striking differences between a cat and a lie is that a cat has only nine lives." PW)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Huck
The patch (MS04-11) has been available, but has known "issues." It's possible your ITs hosed you, but it is also possible they COULDN'T load the patch; thats the situation I was in. Any one of 3 identified (I believe there are more) drivers fail to load at boot time once the patch is installed.
113 posted on 05/03/2004 7:03:38 PM PDT by j_tull ("I may make you feel, but I can't make you think.")
[ Post Reply | Private Reply | To 107 | View Replies]

To: Billthedrill
bump to self to check if have it...
114 posted on 05/03/2004 11:14:01 PM PDT by rwfromkansas ("Am I not destroying my enemies when I make friends of them?" -- Abraham Lincoln)
[ Post Reply | Private Reply | To 16 | View Replies]

To: rwfromkansas
google toolbar and Spyware Blaster seem to have kept a lot of bad guys from getting loaded - and they are both free...

I use ad-aware, spybot search and destroy, google toolbar and spyware blaster, and see a significantly lesser amt of files loading...
115 posted on 05/04/2004 5:58:35 AM PDT by bitt
[ Post Reply | Private Reply | To 69 | View Replies]

To: brownsfan
Needling aside, I see the strengths of the Mac, and the strengths of the PC. Both are simply tools. It just seems you get the Mac users who pipe up at any opportunity pontificating about their choice of tool. As if anyone who didn't share their view was not very bright. If you can't objectively examine the tools available to you, you are doomed to use the wrong one eventually.


I see your point. The rep that sold me on Apple thought he was some wiseman on the mountain. And the return customers looked like they missed the Halebop suicide by a day. They were the only drawbacks to buying the machine. BTW, Freud would have a field day with your tool analogy!
116 posted on 05/04/2004 7:51:12 AM PDT by sully777 (Our descendants will be enslaved by political expediency and expenditure)
[ Post Reply | Private Reply | To 90 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-116 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson