Yet Another Bulletin Board

Welcome, Guest. Please Login or Register.
Nov 26th, 2024, 7:27pm

Home Home Help Help Search Search Members Members Member Map Member Map Login Login Register Register
Clusterheadaches.com Message Board « MS Blaster Update »


   Clusterheadaches.com Message Board
   New Message Board Archives
   2003 Posts
(Moderator: DJ)
   MS Blaster Update
« Previous topic | Next topic »
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print
   Author  Topic: MS Blaster Update  (Read 178 times)
Mark C
CH.com Alumnus
New Board Hall of Famer
USA 
*****




Onward through the fog.

   
Email

Gender: male
Posts: 2660
MS Blaster Update
« on: Aug 15th, 2003, 7:06pm »
Quote Quote Modify Modify

Friday, August 15th
 
Day Five: Microsoft Dodges the MSBlast
 As expected, Microsoft has shut down the "windowsupdate.com" domain at which the MSBlast worm's forthcoming attack was aimed. Since the Windows operating systems use the domain "windowsupdate.microsoft.com" rather than simply "windowsupdate.com", Microsoft has been able to preempt the worm's intended Distributed Denial of Service (DDoS) attack merely by abandoning the "windowsupdate.com" domain.
 
 Analysis of the worm's attack code suggests that its use of the "wrong" domain may have been deliberate: The worm uses Windows' Raw Sockets to generate a spoofed source IP SYN flood attack, but it does so with deliberate gentleness. Each instance of the worm emits only 50 SYN packets per second, deliberately and significantly throttling each machine's contribution to the attack.
 
We can only speculate what was in the mind of the worm's author(s). But if the 200,000 instances of this worm had chosen to target "windowsupdate.microsoft.com" or even "microsoft.com" with an unthrottled Raw Socket SYN flood, a very different scenario would be playing out today and tomorrow: Microsoft.com would be gone.
 
But the worm's originator(s) appear to have been more interested in making a point, than in taking Microsoft.com permanently off the Internet — which they could have easily done.  
 
 
 
As we have with previous Windows security vulnerabilities, we are developing a new free tool to fully address and cure "the DCOM problem", since Microsoft has not.  
 
 
 
http://grc.com/default.htm
 
 
I have removed or at least assisted in the removal of at two dozen cases of this worm......whew! My arms are tired!
 
;D
 
 
IP Logged


Click The Flag
jonny
Guest

Email

Re: MS Blaster Update
« Reply #1 on: Aug 15th, 2003, 7:19pm »
Quote Quote Modify Modify Remove Remove

on Aug 15th, 2003, 7:06pm, Mark C wrote:
But the worm's originator(s) appear to have been more interested in making a point, than in taking Microsoft.com permanently off the Internet ? which they could have easily done.

 
I have a problem with this, why scare when you can kill?
 
......................................jonny
IP Logged
forgetfulnot
Guest

Email

Re: MS Blaster Update
« Reply #2 on: Aug 15th, 2003, 7:24pm »
Quote Quote Modify Modify Remove Remove

Quote:
But the worm's originator(s) appear to have been more interested in making a point, than in taking Microsoft.com permanently off the Internet — which they could have easily done.

 
I'm not a computer geek like you seem to be, however I doub't this could be done "taking Microsoft.com permanently off the Internet". A guy named Gate's has a few bucks to track these a$$holes down along with the FBI and others. These guys are fucking with the wrong folks, don't give them so much credit.
 
Lee
IP Logged
forgetfulnot
Guest

Email

Re: MS Blaster Update
« Reply #3 on: Aug 15th, 2003, 7:31pm »
Quote Quote Modify Modify Remove Remove

jonny, ya beet me again and I was using four fingers, gata learn how to type Roll Eyes
 
Lee
IP Logged
Mark C
CH.com Alumnus
New Board Hall of Famer
USA 
*****




Onward through the fog.

   
Email

Gender: male
Posts: 2660
Re: MS Blaster Update
« Reply #4 on: Aug 15th, 2003, 8:04pm »
Quote Quote Modify Modify

Microsoft Purchases Evil From Satan

 
 Grin   ;D
 
IP Logged


Click The Flag
forgetfulnot
Guest

Email

Re: MS Blaster Update
« Reply #5 on: Aug 15th, 2003, 8:19pm »
Quote Quote Modify Modify Remove Remove

So they will become richer, buy some stock, many new millionaires already have, why miss out, everything is about money. Don't think so? Miss a payment on your electric bill, they will show you how it works.
 
Lee  
IP Logged
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print

« Previous topic | Next topic »


Clusterheadaches.com Message Board » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.


©1998-2010 Web Vision Enterprises All rights reserved. All information on this site is protected by international copyright laws. You may not re-distribute any information from this site without written permission from Web Vision Enterprises and the webmaster of this site. Violators will be prosecuted.
You may view our privacy policy and financial disclosure statement here

test rss