Skip to comments.
New Virus hitting hard and furious!!!
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html ^
| 08/11/03
| self
Posted on 08/11/2003 2:33:46 PM PDT by STFrancis
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-80 ... 301-308 next last
1
posted on
08/11/2003 2:33:46 PM PDT
by
STFrancis
To: STFrancis
Thanks I am on it.!!!!!
2
posted on
08/11/2003 2:35:56 PM PDT
by
CHICAGOFARMER
(Citizen Carry)
To: STFrancis
Sounds bad.
3
posted on
08/11/2003 2:37:21 PM PDT
by
cmsgop
(If you Spinkle When You Tinkle,...Be a Sweetie and Wipe the Seatie......)
To: STFrancis
Bump for IT folks !
4
posted on
08/11/2003 2:38:00 PM PDT
by
Ben Bolt
To: STFrancis
5
posted on
08/11/2003 2:38:25 PM PDT
by
STFrancis
To: STFrancis
thanks!
To: STFrancis
From my focus-virus list this nugget:
message follows...
*****
i've just got a copy of this Windows DCOM Worm from a nice fellow on another
list.
it matches the MD5 at
http://isc.sans.org/diary.html?date=2003-08-11 of
5ae700c1dffb00cef492844a4db6cd69. that's the EXE's MD5, not the unpacked
EXE version or the MD5 of the ZIP i received it in. i have not launched it
yet, but i did note it made its way past three layers of virus protection
without being detected.
yes, we do use the same AV for all parts of our network, but that's 'cause
we're a small company with limited resources. so don't bitch at me about
it. :)
we've got NAV Corporate 8.00.0.9374 with scan engine 4.1.0.15 and
definitions of 06/08/2003 rev. 4 (the most current at this time) and it is
not detected.
****
7
posted on
08/11/2003 2:40:48 PM PDT
by
STFrancis
To: STFrancis; *tech_index; Salo; MizSterious; shadowman99; Sparta; freedom9; martin_fierro; ...
8
posted on
08/11/2003 2:45:25 PM PDT
by
Ernest_at_the_Beach
(All we need from a Governor is a VETO PEN!!!)
To: STFrancis
BTTT...thanks for the info!!
9
posted on
08/11/2003 2:49:15 PM PDT
by
Brad’s Gramma
(fREE rEPUBLIC iS nOT aDDICTIVE, fREE rEPUBLIC iS nOT aDDICTIVE, fREE rEPUBLIC iS nOT aDDICTIVE, fREE)
To: STFrancis
Thanks for the heads-up!
10
posted on
08/11/2003 2:56:09 PM PDT
by
petuniasevan
(Cat toys: Anything not nailed down, and some that are.)
To: STFrancis
OH MY GOD!!!!!!! Another virus!!!! What do I do?!?!?!?!? Oh wait, I have a Mac. Nevermind.
11
posted on
08/11/2003 3:00:34 PM PDT
by
SengirV
To: STFrancis
New Virus hitting hard and furious!!! You really should have included the word computer in the title......I thought my ex-wife was on the loose again.
To: STFrancis
I just finished cleaning my computer of this stupid virus. What a P.I.T.A. that was.
13
posted on
08/11/2003 3:08:11 PM PDT
by
ironwill
To: SengirV
It's a good thing that you use a computer that only five other people use.
*weg*
14
posted on
08/11/2003 3:09:25 PM PDT
by
LenS
To: STFrancis
Thanks. Saint Francis pulls through again.
To: STFrancis
OK. Can someone translate this to a techno-idiot? Can I search for a file or something? Should I install the patch from MS? Will this require duct tape and my old cans of Spam?
To: STFrancis
here's the fix for it
Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability
A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficient bounds checking of client DCOM object activation requests. Exploitation of this issue could result in execution of malicious instructions with Local System privileges on an affected system.
This issue may be exposed on other ports that the RPC Endpoint Mapper listens on, such as TCP ports 139, 135, 445 and 593.
Resolution for Windows XP
Shut down PC
Unplug Cable Modem.
Start up PC
Click Start -> Settings -> Control Panel
Double Click Network Connections
Right Click the Local Area Connection used to access Internet. Example: Local Area Connection 1
Select Properties
Click the Advanced Tab
Enable the Windows XP Firewall
Click OK, Close out of open windows.
Plug in the Cable Modem.
Ensure Block Sync is established.
Open Internet Explorer
Go to the following URL:
http://www.microsoft.com/technet/default.asp Click the Link toward the middle of the page titled: Action: Read Security Bulletin MS03-026 and Install the Security Patch Immediately
Scroll Down Page about half way to Patch Availability
Click Windows XP 32 bit Edition
Click Download in the upper right of the screen.
Save the file to the desktop
Run the downloaded file.
The patch will install and prompt the customer to reboot.
Once the patch is installed and the computer rebooted, the Windows XP firewall can be disabled and the customer can surf normally.
Temporary Resolution for Windows 2000 Users
Have them go to
http://download.microsoft.com/download/0/1/f/01fdd40f-efc5-433d-8ad2-b4b9d42049d5/Windows2000-KB823980-x86-ENU.exe and install the file from there. URL is not case sensitive.
17
posted on
08/11/2003 3:20:21 PM PDT
by
LynnHam
To: STFrancis
Odd, port 4444 is the port that
AdSubtract uses.
AdSubtract is a popular program for removing ads, pop-ups, sound, ect from your surfing.
18
posted on
08/11/2003 3:21:21 PM PDT
by
LowOiL
(Jesus Christ offers more that a thrill ride..)
To: myprecious
Never, I repeat NEVER, use duct tape. It leaves fingerprints. The old can of Spam OTOH....
19
posted on
08/11/2003 3:23:26 PM PDT
by
FourPeas
To: STFrancis
Yup. Mr. FourPeas is working fast and furious. What a nice 'welcome home' on his first day back from vacation.
20
posted on
08/11/2003 3:24:18 PM PDT
by
FourPeas
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-80 ... 301-308 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson