Yet Another Bulletin Board

Welcome, Guest. Please Login or Register.
Nov 26th, 2024, 7:36pm

Home Home Help Help Search Search Members Members Member Map Member Map Login Login Register Register
Clusterheadaches.com Message Board « W32.Blaster.Worm »


   Clusterheadaches.com Message Board
   New Message Board Archives
   2003 Posts
(Moderator: DJ)
   W32.Blaster.Worm
« Previous topic | Next topic »
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print
   Author  Topic: W32.Blaster.Worm  (Read 390 times)
The  mad viking
CH.com Alumnus
New Board Hall of Famer
Norway 
*****




Always Look on The Bright Side of Life

  svennthorn2003@yahoo.no  
WWW Email

Gender: male
Posts: 3135
W32.Blaster.Worm
« on: Aug 12th, 2003, 9:54am »
Quote Quote Modify Modify

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm .html
 
A new bastard is out
 
SHIT   SadSadSadSad
 
better update your antivirus&firewalls friends
 
 
Svenn
« Last Edit: Aug 12th, 2003, 9:54am by The  mad viking » IP Logged

Always Look on The Bright Side of Life
Big Dan
CH.com Alumnus
New Board Hall of Famer
USA 
*****




SMASH BRAIN!

  Danboyceccg   DanielNBoyce
Email

Gender: male
Posts: 1513
Re: W32.Blaster.Worm
« Reply #1 on: Aug 12th, 2003, 9:59am »
Quote Quote Modify Modify

Thanks for the update, Bro...
 
Already on it...
 
 
 
-Big Dan
IP Logged

Not going anywhere for a while?...

... Grab a Snickers, Fatass.
fubar
CH.com Alumnus
New Board Hall of Famer
USA 
*****





   
Email

Gender: male
Posts: 1933
Re: W32.Blaster.Worm
« Reply #2 on: Aug 12th, 2003, 11:05am »
Quote Quote Modify Modify

Actually there are several new ones out.  Blaster is an interesting one... designed to infect your system with an attack against windowsupdate.com.  On the 1st and 16th of every month (and every day in the months of September to December) it will flood windowsupdate.com with attack traffic.
 
My guess is they are getting ready to exploit YET ANOTHER flaw in windows that there is not a patch for yet.
 
Folks, listen to me very carefully... I know there is a known flaw that Microsoft will be releasing a patch for, but right now it is a race.  If the hackers can flood windowsupdate before the patch comes out, then people will have an incredibly hard time getting the patch.  This means a LOT of systems will be hacked.  A lot.
 
Keep your eyes open for a patch from microsoft, and DO NOT HESITATE to install it.  You may not get more than one chance to install it.
 
I know this directly from microsoft.
 
-Fu
IP Logged

"He who has a why to live for can bear almost any how." -- Friedrich Nietzsche
jminmilwaukee
New Board Old Timer

****





   


Gender: male
Posts: 384
Re: W32.Blaster.Worm
« Reply #3 on: Aug 12th, 2003, 12:08pm »
Quote Quote Modify Modify

Yes, get the update!!!!
 
Funny, seems someone tried to warn this board about a week or so ago to do just that!  
 
Could it be.......SATEN!!!! (Church lady quote for those who don't know)  Grin
 
Anyway, although I could say "told ya so" it just does not seem right at this point.
 
Do yourself and the internet a favor and patch that puppy!
 
jmin
IP Logged
fubar
CH.com Alumnus
New Board Hall of Famer
USA 
*****





   
Email

Gender: male
Posts: 1933
Re: W32.Blaster.Worm
« Reply #4 on: Aug 12th, 2003, 1:13pm »
Quote Quote Modify Modify

hmmm... jmin not only mentions SATAN (spelling corrected) in his post... he has, for his graphic, a painting called 'son of man', which is also another name for, er, SATAN.
 
Are you the church lady?
IP Logged

"He who has a why to live for can bear almost any how." -- Friedrich Nietzsche
Kirk
CH.com Alumnus
New Board Hall of Famer
USA 
*****




VINIMUS, VIDIMUS, DOLAVIMUS

161860987 161860987   kirk_jones511   krkevrtt
Email

Gender: male
Posts: 1914
Re: W32.Blaster.Worm
« Reply #5 on: Aug 12th, 2003, 1:26pm »
Quote Quote Modify Modify

I thinkyou mean my post jmin. I don't think I'm SATAN
It is also known as:
 
Lovsan
Poza
 
It is an RPC DCOM Worm.
 
TTFN
IP Logged

Mark C
CH.com Alumnus
New Board Hall of Famer
USA 
*****




Onward through the fog.

   
Email

Gender: male
Posts: 2660
Re: W32.Blaster.Worm
« Reply #6 on: Aug 12th, 2003, 2:06pm »
Quote Quote Modify Modify

Even our network at work is infected at the moment....and we have a pretty good IT dept.  Undecided
 
This is getting ridiculious...
 
http://www.cert.org/advisories/CA-2003-20.html
 
http://www.washingtonpost.com/ac2/wp-dyn/A49575-2003Aug12?language=print er
 
http://www.dslreports.com/shownews/31258
 
http://www.zone-h.org/en/news/read/id=3220/
 
 
 
 
 
Scan your computer ports here. Make sure ports 135 & 139 are stealthed or closed, if open you need a firewall.
 
One of my favorite sites, http://grc.com also has some good security tools including a easy scanner to check port 135 here
 
 
Go here to update Windows...bear in mind its having a bunch of traffic right now but it was working as of 3:00 PM Tuesday.
 
I think I am going yo unplug my CAT 5 cable and go fishing till this crap is over...fucking script kiddies  Angry
 
Holler if you need help,
 
PFDAN's
Mark
IP Logged


Click The Flag
Kirk
CH.com Alumnus
New Board Hall of Famer
USA 
*****




VINIMUS, VIDIMUS, DOLAVIMUS

161860987 161860987   kirk_jones511   krkevrtt
Email

Gender: male
Posts: 1914
Re: W32.Blaster.Worm
« Reply #7 on: Aug 12th, 2003, 2:37pm »
Quote Quote Modify Modify

This will probably be a bit quicker.
  www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03- 026.asp
 
Yea herd thinners get ta movin hubba hubba go get em while they're hot.
 
Sorry to hear about the probs your IT department is having Marc. Tell them they have my sympathy. We are still trying to get M$ users covered under the ADA. Hang in there until then. We're pulling for ya!
 
TTFN
 
Kirk
 
Beer it's just not for breakfast anymore.
IP Logged

Ueli
Guest

Email

Re: W32.Blaster.Worm
« Reply #8 on: Aug 12th, 2003, 3:04pm »
Quote Quote Modify Modify Remove Remove

Yeah, traffic got heavy lately.
 
My firewall intercepted 180 attempts on port 135 in the last 12 hours, but hardly any up to yesterday.
 
Get a fucking firewall !
 
Ueli
IP Logged
Azrael
New Board Hall of Famer
USA 
*****




Sometimes... Being good just ain't worth it.

27810130 27810130   kennkurr  
WWW Email

Gender: male
Posts: 1786
Re: W32.Blaster.Worm
« Reply #9 on: Aug 12th, 2003, 3:39pm »
Quote Quote Modify Modify

Damn... Update anti-virus, install patch, get a firewall... A shitload of things to do... How'd I find the time... Oh wait... Nevermind.  Already done... ;D
 
PFDAN.................................. Drk^Angel
IP Logged

"Hello police? I would like to report a robbery. Someone stole all my beer while I was drunk."
jonny
Guest

Email

Re: W32.Blaster.Worm
« Reply #10 on: Aug 12th, 2003, 4:13pm »
Quote Quote Modify Modify Remove Remove

Thanks Mark and Svenn,
 
All ports scanned are stealthed, even 135 and 139 ;D
 
..............................jonny
IP Logged
eyes_afire
New Board Hall of Famer
USA 
*****





   
Email

Gender: male
Posts: 1227
Re: W32.Blaster.Worm
« Reply #11 on: Aug 12th, 2003, 5:19pm »
Quote Quote Modify Modify

Okay folks, excuse my ignorance but...
 
WTF are ports 135 & 139 and why should I care?
 
A firewall is beyong my reach at this time, it would probably cost more than my computer is worth.
 
--- Steve, still in the bronze age...
IP Logged

Still around... in a brand new world now...
jonny
Guest

Email

Re: W32.Blaster.Worm
« Reply #12 on: Aug 12th, 2003, 5:23pm »
Quote Quote Modify Modify Remove Remove

Steve Bro,
 
Free firewall here
http://www.zonelabs.com/store/content/home.jsp
 
Its what I use and ive never been violated....(Let me rethink that)....LMAO ;D
 
...........................jonny
IP Logged
jminmilwaukee
New Board Old Timer

****





   


Gender: male
Posts: 384
Re: W32.Blaster.Worm
« Reply #13 on: Aug 12th, 2003, 6:02pm »
Quote Quote Modify Modify

Kirk, the post below that I entered on July 31st is the one I am speaking of.
 
Saten, satan, tomato, tomoto.....yeah yeah. I make up for my lack of good grammer with charm and wit!  Grin
 
Serious, This is no minor deal. Berkley shut down their entire network on monday and said it will be up to 4 days before they are back online. I am currently securing a 5000 node network as we speak.
 
See below for my previous warning. And cheers. Cool
 
For The Non Believer - Comp Related
« on: Jul 31st, 2003, 11:31am »  Quote  Modify  Remove  
 
------------------------------------------------------------------------ --------
http://www.cnn.com/2003/TECH/internet/07/31/internet.atttack.ap/index.ht ml  
 
Better safe than sorry and don't say I did not warn you.  
 
jmin  
 
 
IP Logged
eyes_afire
New Board Hall of Famer
USA 
*****





   
Email

Gender: male
Posts: 1227
Re: W32.Blaster.Worm
« Reply #14 on: Aug 12th, 2003, 10:03pm »
Quote Quote Modify Modify

Thanks Jonny, I'll have to check it out.
 
--- Steve
IP Logged

Still around... in a brand new world now...
Opus
New Board Hall of Famer
USA 
*****




(Insert witty comment here)

  pjbgravely   pjbgravely
WWW Email

Gender: male
Posts: 2509
Re: W32.Blaster.Worm
« Reply #15 on: Aug 13th, 2003, 5:11pm »
Quote Quote Modify Modify

Here is a patch to stop one fatal flaw, I bet MS will come out with it's own in a coulple years but it will be a 5 meg download.
 
To patch a fatal hole in most windows OS's use this program. 95-XP
 
http://grc.com/UnPnP/UnPnP.htm
 
check out there other software, I havn't tested any.
 
http://grc.com/freepopular.htm
 
 
Opus/Paul
IP Logged

Zed-Zed-nine plural-Zed alpha,

There is no place like home.
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print

« Previous topic | Next topic »


Clusterheadaches.com Message Board » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.


©1998-2010 Web Vision Enterprises All rights reserved. All information on this site is protected by international copyright laws. You may not re-distribute any information from this site without written permission from Web Vision Enterprises and the webmaster of this site. Violators will be prosecuted.
You may view our privacy policy and financial disclosure statement here

test rss