Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

W32 Blaster Worm
http://www.cert.org/advisories/CA-2003-20.html ^ | CERT

Posted on 08/12/2003 11:30:56 AM PDT by dfrussell

This thing seems to be spreading quite quickly. If you're using MS and haven't verified your system, you should.

If you're not using a firewall, you should.

http://www.sygate.com will allow you to download and install a personal firewall -- it's easy to install.

Internet Security Systems (http://www.iss.net) has released a scan tool to check for the MS03-026 patch on Windows servers.

Location:

http://www.iss.net/support/product_utilities/ms03-026rpc.php


TOPICS: News/Current Events; Technical
KEYWORDS: lovesan; mdm; ms; w32blasterworm; worm
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 next last
To: dfrussell
Had to deal with this one last night.
On Win2k Pro I just got an error about svchost.exe failing, and then my system would "wig out" on me. couldn't cut and paste and stuff.
I knew I should be running some firewall software, but just didn't get it quick enough. Shold have patched up too.
Oh well.
Interesting to note that Anti-virus software wouldn't have caught it anyway. At least Idon't think it would have.
Symantec virus scan didn't find it last night.
41 posted on 08/12/2003 12:39:18 PM PDT by NormB
[ Post Reply | Private Reply | To 1 | View Replies]

To: Incorrigible
To be safe, everyone should re-format and install Linux.
42 posted on 08/12/2003 12:46:38 PM PDT by TechJunkYard (because... so much is riding on your wires)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All
Just curious. Does anyone know how to set up Zone Alarm on a webserver? I set it up once but it blocked traffic to the web site.
43 posted on 08/12/2003 12:48:47 PM PDT by AppyPappy (If You're Not A Part Of The Solution, There's Good Money To Be Made In Prolonging The Problem.)
[ Post Reply | Private Reply | To 39 | View Replies]

To: dfrussell
Thanks. Our external internet seems to be ok, but I have found 5 vulnerable systems on our internal lan.

Freepers are the best.

44 posted on 08/12/2003 12:50:25 PM PDT by dinasour
[ Post Reply | Private Reply | To 1 | View Replies]

To: dfwgator
And if you are a network administrator and you let this worm get through, you should start looking for another job.

Hey, it's not that easy. One guy has over 100 Windows servers. He's installed the patch on all of them already buy not rebooted them all to have it take effect. Rebooting things ends services that may be mission critical. He's had about 2 weeks to take care of 100 servers and maybe 1000 workstations. Having done all that the network is still somewhat vulnerable to people docking inside the firewall who are infected. Really bad virus's are not simple to defeat. I therefore disagree with you assertion that the mere infection of a computer is a reasonable cause for termination of the sysadmin responsible for it.

45 posted on 08/12/2003 12:52:08 PM PDT by Jack Black
[ Post Reply | Private Reply | To 4 | View Replies]

To: dfwgator
And if you are a network administrator and you let this worm get through, you should start looking for another job.

Hey, it's not that easy. One guy has over 100 Windows servers. He's installed the patch on all of them already buy not rebooted them all to have it take effect. Rebooting things ends services that may be mission critical. He's had about 2 weeks to take care of 100 servers and maybe 1000 workstations. Having done all that the network is still somewhat vulnerable to people docking inside the firewall who are infected. Really bad virus's are not simple to defeat. I therefore disagree with you assertion that the mere infection of a computer is a reasonable cause for termination of the sysadmin responsible for it.

46 posted on 08/12/2003 12:52:08 PM PDT by Jack Black
[ Post Reply | Private Reply | To 4 | View Replies]

To: dd5339
Ping for post 12

Semper Fi
47 posted on 08/12/2003 12:52:35 PM PDT by dd5339 (Lookout Texas, here we freaking are!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Iowa Granny
ping
48 posted on 08/12/2003 12:52:59 PM PDT by kayak (God bless President Bush, our military, and our nation!)
[ Post Reply | Private Reply | To 15 | View Replies]

To: NormB
I had the same thing on Win 2000, except the computer continued running normally with a few functions, like file transfers disabled. Win XP just kept rebooting anywhere from 5 seconds after starting, to 15 or so minutes. What a pain. I'm getting closer to using the ultimate windows patch.
49 posted on 08/12/2003 12:53:16 PM PDT by kylaka
[ Post Reply | Private Reply | To 41 | View Replies]

To: dfrussell
SCREW THE BLASTER VIRUS!

I got this fricken thing on my home computer yesterday. Armed with more knowledge I am going home to kill the dragon and put it out of its freaking misery.

Luckily I am at work right now where my network's computers are safe and sound behind the glorious FIREWALL~!
50 posted on 08/12/2003 12:56:23 PM PDT by BaBaStooey
[ Post Reply | Private Reply | To 1 | View Replies]

To: Centurion2000
Proud firewall admin watching the lava break against my defenses.

Yup. Woohoo! No Pasaran!

Of course, merely posting this will tell the Computer Gods that I am ripe for yet another Humbling Experience. Gotta go cut a chicken in the server room...

On the serious side, I've received reports that those who don't keep their patches current - you know who you are - may find application of this fix to Win2K boxes not patched to SP2 may find a little bluescreen awaiting them. What fun!

"Yeah, boss, that's just the new company wallpaper, trust me..."

51 posted on 08/12/2003 12:58:06 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 7 | View Replies]

To: Billthedrill
...Gotta go cut a chicken in the server room...

What does that mean?

52 posted on 08/12/2003 1:00:43 PM PDT by SGCOS
[ Post Reply | Private Reply | To 51 | View Replies]

To: Jack Black
Even without the Microsoft patch, there is the little matter of the firewall, why even leave those ports open?
53 posted on 08/12/2003 1:03:30 PM PDT by dfwgator
[ Post Reply | Private Reply | To 46 | View Replies]

To: kylaka
>>I'm getting closer to using the ultimate windows patch.

NOT THAT!!!!
I refuse to use some hippy OS.
54 posted on 08/12/2003 1:07:09 PM PDT by NormB
[ Post Reply | Private Reply | To 49 | View Replies]

To: SGCOS
It means I must sacrifice to the Server Gods. People think these things run on electrons. No so. Evil spirits. Ask any SysAdmin...
55 posted on 08/12/2003 1:07:27 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 52 | View Replies]

To: TechJunkYard
what are peoples experience w/ Zone Alarm, Black Ice and other firewalls? I've been running ZA and like it. It is a little bit of a pain in the training period. I'm running the free version though, so who can complain. What are the advantages of the others? Anybody pay the $39 bux to ZA. I think I'm going to. I can afford it and it seems to work.
56 posted on 08/12/2003 1:07:35 PM PDT by Jack Black
[ Post Reply | Private Reply | To 42 | View Replies]

To: dfwgator
That's a bit harsh. All it takes is for an employee to take their laptop home, connect it to the net, get the virus and then bring the virus in-house.

Mr. FourPeas is in IT security for a Fortune 500 company. Hubby is now trying to cleanse a network at a remote location where no one seems to take it seriously. He actually is having to run a script to shut down various computers every ten minutes because the yahoos at the remote keep turning them back on even through they're known to be infected.

57 posted on 08/12/2003 1:29:21 PM PDT by FourPeas
[ Post Reply | Private Reply | To 4 | View Replies]

To: FourPeas
I will grant you that, fine. But still it should be someone's responsibility to ensure that those laptops are kept up to date with the latest Microsoft patches. This is not the first time something like this has happened. Seems to me these people are making pretty good money in this economy, they need to start being responsible for keeping their laptops up to date, or there needs to be someone on their case making sure it gets done. This costs companies way too much money to take lightly.
58 posted on 08/12/2003 1:35:42 PM PDT by dfwgator
[ Post Reply | Private Reply | To 57 | View Replies]

To: NormB
I refuse to use some hippy OS.

Which reminds me.... cut and paste is also disabled. As I do a 2 hour download of Win2000 sp4, I have visions of an OS that has more patches and hotfixes than some innertubes I used to own.

59 posted on 08/12/2003 1:39:26 PM PDT by kylaka
[ Post Reply | Private Reply | To 54 | View Replies]

To: dfrussell
Thanks for the heads-up.
60 posted on 08/12/2003 1:48:41 PM PDT by american spirit (ILLEGAL IMMIGRATION = NATIONAL SUICIDE)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson