Skip to comments.
New Virus hitting hard and furious!!!
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html ^
| 08/11/03
| self
Posted on 08/11/2003 2:33:46 PM PDT by STFrancis
All,
Here a scoop to Freepers which is just now hitting us security pro's.
There is a first vulnerability that uses the MS Bug that MS addressed with MS 03-026 two weeks ago.
It is calling itself MSBLAST.exe and is spreading in the wild unbelievably fast. http://isc.sans.org/diary.html?date=2003-08-11
A first advisory from McAffee has just been published: http://us.mcafee.com/virusInfo/defa...&virus_k=100547 Once it finds a vulnerable system, it will spawn a shell on port 4444 and use it to download the actual worm via tftp. The exploit itself is very close to 'dcom.c' and so far appears to use the "universal Win2k" offset only.
In other words we need to make sure port 4444 is blocked inbound AND outbound.
Of course this is in addition to the MS03-026 patch being installed which Microsoft released two weeks ago (more info regarding the patch here: http://www.microsoft.com/technet/tr...n/MS03-026.asp.
Another advisory was JUST posted by Symantec: http://www.symantec.com/avcenter/ve...aster.worm.html
Just thought everyone ought to know.
Thanks...
TOPICS: Breaking News; News/Current Events; Technical
KEYWORDS: blaster; computer; firewall; internet; macuserlist; microsoft; msblast; techindex; virus; vulnerability; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 221-240, 241-260, 261-280 ... 301-308 next last
To: bellas_sister
(I love a man in a uniform)I'll go get my spiderman uniform.... ;^)
To: zeugma
Why not download a copy of RedHat, Mandrake, Debian, or SUSE Linux and install it instead of windows. I've been Windows-free for nearly 4 years. All of my servers run FreeBSD, my security devices run OpenBSD and my desktops run RedHat Linux.
I'm only commenting on this subject because I'm a security engineer by profession and I tend to have accurate and timely information on these subjects near to hand.
To: Timesink
Aren't something like 30% of PC owners still running Win98? This sort of piss-poor journalism can cause these people a lot of grief as they run around looking for patches to their systems that are not needed and, indeed, do not exist. Far be it from me to stick up for presstitutes, but I have to give them a pass on this one.
Microsoft issued a press release that was rather vague about what versions were affected. It took some digging to get to the truth.
To: Kozak
Yeah lucky you Apple's market share is too small for anyone to bother. ;-0Is it Apple's market share, or the fact that windows is soo insecure that any script kiddy can write a virus to take Window's down?
244
posted on
08/12/2003 10:55:27 AM PDT
by
SengirV
To: Ted
Anybody who thinks OS X, Unix, Windows, or any other OS is basically safe out of the box is naive. Thus spaketh he who knows not.
I would have no problem dropping a fresh OpenBSD, Trusted Solaris or OSF/1 box onto the raw Internet.
Any of them would be impervious to the typical traffic on the Internet.
Just because Windows is a rickety, rat-infested tenement building doesn't mean that's the way that everyone lives.
To: SengirV
Face it it's apple's market share.
246
posted on
08/12/2003 11:03:40 AM PDT
by
Kozak
(" No mans life liberty or property is safe when the legislature is in session." Mark Twain)
To: All
I suppose it's fun to trash those of us who are infested with this thing. But I have to say, it's quite frustrating to those of us who are frantically searching for directions on how to download 3 hours worth of patches in less than 10 minutes, to read all this nit picking.
And if anyone knows how to accomplish the task I just mentioned, please post to me, and I'll be back in after the computer reboots.
I cannot get the patches to install. The computer won't let me. We've located the virus, but the computer won't let us quarentine it. Any solutions out there?
it's closing down, sorry for typso not time to correct
To: Iowa Granny
248
posted on
08/12/2003 11:27:47 AM PDT
by
eyespysomething
(You've a loose screw. Can I tighten that for you?)
To: Knitebane
I've been Windows-free for nearly 4 years. All of my servers run FreeBSD, my security devices run OpenBSD and my desktops run RedHat Linux.SCO has an invoice for you.
249
posted on
08/12/2003 11:30:26 AM PDT
by
Lazamataz
(PROUDLY POSTING WITHOUT READING THE ARTICLE SINCE 1999!)
To: Iowa Granny
I'm sorry to hear of your troubles. I worked in hi-tech for twenty-three years, and I've used every platform you could imagine. I also used Winblows machines for about ten years. I now use only Apple computers, and instead of worrying about the latest bug/virus/update/problem/crash/config error/hangup/hiccup/freeze/crash/etc.etc.etc I just get a lot of work done.
My heartfelt advice to you is to get a Mac.
To: Iowa Granny
I had the same problem, the puter kept shutting down before I could d/l the whole patch... eventually I did get it to work, though.
Livius in post 78 did spell out a way to prevent the computer from shutting down, this may help you!
Here's what to do: (I got this from a poster named Antigrok at a site called the Tech Support Guy, a great site)
Run services.msc
In the right hand list, right click on "remote procedure call" and select "properties."
Click on the "recovery" tab.
Change first, second and subsequent failures to "Take No Action."
Click Apply, then OK.
Now you can download the security patch, which is available here:
http://microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC-9532-3DE40F69C074&displaylang=en Install it (it may take awhile), and then reboot.
Don't forget to go back to services.msc and change the settings to "Reboot the Computer."
251
posted on
08/12/2003 11:32:52 AM PDT
by
Tamzee
(I was a vegetarian until I started leaning toward the sunlight...... Rita Rudner)
To: Iowa Granny
Open a command prompt. In Windows 2000, it's in Start/Accessories. Then issue this command
shutdown /a
Do this everytime your system starts the countdown to shutdown. It will cancel the shutdown.
252
posted on
08/12/2003 11:33:58 AM PDT
by
AppyPappy
(If You're Not A Part Of The Solution, There's Good Money To Be Made In Prolonging The Problem.)
To: Iowa Granny
Another method. When you get a Shutdown countdown, change your system clock back a year. That gives you a year before the computer shuts down.
253
posted on
08/12/2003 11:36:27 AM PDT
by
AppyPappy
(If You're Not A Part Of The Solution, There's Good Money To Be Made In Prolonging The Problem.)
To: Elliott Gigantalope
Elliott GigantalopeCongressman BillyBob, I didn't know you were in hi-tech!
Everyone, meet the new screen name of Congressman BillyBob.
254
posted on
08/12/2003 11:37:45 AM PDT
by
Lazamataz
(PROUDLY POSTING WITHOUT READING THE ARTICLE SINCE 1999!)
To: Nettie
You're not picked on because you're (MAC) an insignificant target. How man PCs in the world vs Macs?
255
posted on
08/12/2003 11:38:33 AM PDT
by
GigaDittos
(I can hear the distant whine about wine in France.)
To: AppyPappy
Wow... I wish I had talked to you prior to wasting hours on useless download attempts LOL
Thanks for helping us more software challenged folks :-)
256
posted on
08/12/2003 11:38:47 AM PDT
by
Tamzee
(I was a vegetarian until I started leaning toward the sunlight...... Rita Rudner)
To: Lazamataz
Let me guess. You used to get beat up a lot in school?
To: AppyPappy
Wow, what good advice! I got this virus on one of my computers (the one not behind a firewall) and a magnificent person on FR helped me out before there were updates on the virus.
258
posted on
08/12/2003 11:44:05 AM PDT
by
diotima
(So it's sorta social, demented and sad, but social.)
Comment #259 Removed by Moderator
To: Iowa Granny
I suppose it's fun to trash those of us who are infested with this thing. But I have to say, it's quite frustrating to those of us who are frantically searching for directions on how to download 3 hours worth of patches in less than 10 minutes, to read all this nit picking. Amen to that, Granny. Try #17 and 78. I think I managed to kill the thing by following those instructions.
Navigation: use the links below to view more comments.
first previous 1-20 ... 221-240, 241-260, 261-280 ... 301-308 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson