Oh, one more thing...
Egghead (or anyone else using a similar setup),
It goes thru port 135. Block that and your cool.
Hex
Oh, one more thing...
Egghead (or anyone else using a similar setup),
It goes thru port 135. Block that and your cool.
Hex
I think it broadcasts on port 4444 as well. and it is recommended to block 137-139 while you are at it.
I don't think you've hurt anyones feelings Hex,all you did was make a valid point that when a security update is released,especially when it's rated as "critical",it should be installed immediately.Originally posted by Hex
Sorry if I hurt anyones feelings, just take the time to understand why you got infected, and you may just understand where I'm coming from.
Peace out,
Hex
I guess I was lucky it took Comcast down. I was not patched until BB sent it to me last night (had a small window of online then nothing all night). I could not even get the patch myself because I had no connection to MS or TZ. No connection, no worm. On the other hand, maybe Sygate blocked access to that port anyway.
Ok, not to beat a dead horse into the ground, but something that may be of interest to those who may or may not have this virus, if you go to start>run, then type "shutdown.exe -a", no quotes of course, that stops the shutdown in 60 seconds countdown. From there removing it is easy, norton has a removal tool at www.symantec.com.
Peace out ( for real this time)
Hex
This was on today's Screen Saver show. This worm is credited in infecting 100,000 computers in the last 24 hours.
***********
Blast the 'Blaster' Worm (also called LovSan and Poza)
By Patrick Norton
You updated Windows yesterday when we told ya, right?
You remember our warning about the W32.Blaster.Worm (also called "Blaster," "LovSan," or "Posa") that takes advantage of the DCOM RPC vulnerability in Windows. We told ya about that back in July. Refresh your memory.
You downloaded the Windows update, didn't ya? (All you had to do was fire up Internet Explorer and go to http://windowsupdate.microsoft.com.)
Cuz if you didn't...
Then you're in the same boat as a few of our staffers (cough cough *Sarah* cough cough *Prager*). They caught the Blaster worm.
In the first version of Blaster, a countdown clock face pops up and your system gets seriously unstable and restarts (a lot). Some reports say Blaster will launch a denial-of-service attack on the Windows Update website on August 16. Other reports say the attack will happen immediately.
The obnoxious thing about this worm? It'll load itself onto your system if you don't have the patch and you're not running a firewall. Forget about opening attached files online. This one can get ya if you simply go online.
The really nasty thing? The worm can run any code it wants to on your system. That could get ugly. Think total data loss.
The really, really nasty thing? Experts have told our Kevin Rose that the first Blaster worm wasn't written well. New versions of the worm with updated code are already out there. That counts for everybody running Microsoft Windows NT 4.0, NT 4.0 Terminal Services Edition, 2000, XP, or Server 2003.
Stop the worm
If you've already run the update or have a firewall between you and the Internet, you won't get infected.
Is Blaster on your system? Symantec has a Blaster removal tool along with instructions for removing the worm manually. Check the website of your antivirus software manufacturer if you have a program other than Symantec's.
Stop the countdown
TSS associate producer David Prager found a way to stop the countdown Blaster launches.
1. Go to the command line interface by clicking on the Start button and selecting Run. Type "command" (without quotes) and click OK.
2. At the command prompt, type "shutdown -a" (without quotes). This effectively orders the computer to abort shutdown.
3. Run your antivirus tools and download patches to remove the worm.
Linux Mint Debian Edition
Hex,Originally posted by Hex
Ok, I'm sorry but I have to say something here that is not meant as a flame, but I feel really needs to be said. If you got the Blaster worm, IT IS ALL YOUR FAULT !!! I'm in no way a proponent of Microsoft in any way shape or form, but the fact of matter is, if you choose to run a windows OS, you MUST stay current with the critical updates! Yes, Windows has more holes in it than a block of swiss cheese, yes, it's buggy as hell and drives all of us crazy at some point or another, but to put the blame all on Microsoft is just lame. That's like buying a Ford, never changing the oil, then *****ing about it breaking down after a while and calling Ford a bunch of twats. You choose to run Windows, so just like oil changes, you need to periodiclly check the critical updates to see if your vulnerable to these kinds of attacks or not. And guess what, you have to do that for any OS. I know of a handful of diffrent exploits on linux and MAC that could cause issues similar to this if not patched. The only reason why you don't see things like this on those OSs is that hardley anyone runs mac or linux, and those who do are usually smart enough to safeguard themselves by patching any known holes. In turn, the other 90% of PC users use windows, the majority of which have no clue what windows update even is, or don't check for critical updates on a regular basis. (Hmmmm, where have I seen this before...)
There's been a patch for this hole for about 3 weeks or so. If you've seen this update and had any clue how seriouis of an exploit this was, you would have done the critical update. You may say, "I've seen some updates cause problems on my OS, so I just don't load updates anymore." Look, if you've had that issue before, create a restore point befor installing the update of get some imaging software like Norton Ghost to create a good backup, but don't ignore the critical updates. I agree this is a pain in the ass, but it's the reality you must live with as a windows user. If you don't like it, switch to RedHat and then you can ***** and complain about how hard it is to learn and use.
So learn how to use your computer, go get an oil change, and stop complaining about a problem that was perpetuated by your own ignorance.
Hex
Right, now i've had enough sleep to actually read your little rant, which i might add, should seriously have been broken up into more readable paragraphs so it’s easier to read, I’ll get on with my reply.
This is clearly a case of Internet Rage, some know it all, yet again, failing to read All the information in front of him correctly.
Now before you got your knickers in a twist hex, because it's so obvious you cannot tolerate what you think, are ignorant know it all newbies having a rant at big companies you respect.
You should of read in my posts, that i reported i had No signs of the virus, and only experienced the symptoms.
That doesn't actually mean i had or ever had the virus, but only that i suffered the same problems by coincidence, what people all around the world have suffered, due to a virus.
I have checked my whole system over and over again, with all my *update to date* Anti-viruses and tried scanners made for detection of the virus in mind, i've also manually checked for MSblast.exe in every folder in my computer, yet i still can't come up with any evidence of it's existence.
Not even a single entry in my registry can be found.
This still feels odd to me since I am very weary of coincidences, i will continue to try to find traces of the virus, but i believe i'll always come up empty handed.
Because i haven't found any evidence that the virus caused my problems in the first place, i can only assume (which might not be right, like in everything a human says) a fault in Microsoft's programming, one that in my case, was fixed with a simple change to the way Windows runs itself, which to me, seemed utterly stupid to do and should have been a default setting in my opinion, so i ranted at Microsoft, BIG DEAL, get over it.
I ain't no silly newbie you seem to think i am, just by judging the theme of the whole of your flame, i am in fact quite an experienced computer user, who ranted at Microsoft, like a million other people do every day.
I usually update every program/file on my computer on a daily basis, but i admit i have fell behind badly due to difficult circumstances in my life, forcing me to lose concentration, yet alone spend time on the internet, so yeah i am out of date.
The problem i faced, didn't help matters, and since i had only 60 seconds everytime i logged onto the internet, i felt i had not enough time or energy to search out an explaination of the cause and a cure, so like i am so pleased to do, nicely asked my friends over here at TechZonez to kindly help an old-timer like me out.
I was frustrated by the problem at hand, and like a normal human being, vented my frustration at a target that i knew\made sure wouldn't get hurt or upset about my comments, yet i would still feel slightly better then i did before.
So before you go off ranting again, i would think the next time you post an attack like that, make sure you have all the facts, and the right audience to direct your attack at, because your argument is valid, just it wasn't meant for someone like me, so why don't you just keep that lovely anger you have there bottled up and vent it on someone who gives a shit.
Better yet, don't flame anyone at all, be positive, if you have nothing good to say, then don't say anything at all.
Sorry if i'm being very unfriendly here Rever, i'm not a happy bunny about life at the moment, and the last thing i need is aggression towards me.
Last edited by GimieGimieGimie; August 13th, 2003 at 23:14 PM.
Hey no probs Gimie,you're just speaking your mind and using your right to reply.Thats what these forums are for.Originally posted by GimieGimieGimie
Sorry if i'm being very unfriendly here Rever, i'm not a happy bunny about life at the moment, and the last thing i need is aggression towards me.
Heh, i couldn't just let that one pass over my head, it would have been criminal to do soOriginally posted by Reverend
Hey no probs Gimie,you're just speaking your mind and using your right to reply.Thats what these forums are for.
See you around!
hey gimie I was biting my tongue on this one too. I will not flame or direct this to anyone but members have to realize that this community is made up of many different experience levels and you have to sometimes dumb down your explainations so the more novice user can understand.
If you do have a problem with a particular thread dont visit/or reply to it. But like rev illiterated on everyone here has their right to their opinion and should not feel like they will get flamed for it.
Alot of the info here is up-to-date and should be used like any other reference on the net for troubleshooting. The staff here prides ourselves on the information you can get and also other sites come here to get info.
hey Gimie...justified bro
To tell you the truth..I expected it sooner.
Ah, you know, these things take time, thinking power, preperation, a clear headOriginally posted by SupaStar
hey Gimie...justified bro
To tell you the truth..I expected it sooner.
All which i was serverly lacking last night before i got my 8 hours!
Last edited by GimieGimieGimie; August 13th, 2003 at 23:18 PM.
Originally posted by efc
This was on today's Screen Saver show. This worm is credited in infecting 100,000 computers in the last 24 hours.
***********
Blast the 'Blaster' Worm (also called LovSan and Poza)
By Patrick Norton
You updated Windows yesterday when we told ya, right?
You remember our warning about the W32.Blaster.Worm (also called "Blaster," "LovSan," or "Posa") that takes advantage of the DCOM RPC vulnerability in Windows. We told ya about that back in July. Refresh your memory.
You downloaded the Windows update, didn't ya?
http://windowsupdate.microsoft.com.)
Cuz if you didn't...
In the first version of Blaster, a countdown clock face pops up and your system gets seriously unstable and restarts (a lot). Some reports say Blaster will launch a denial-of-service attack on the Windows Update website on August 16.
The obnoxious thing about this worm? It'll load itself onto your system if you don't have the patch and you're not running a firewall. Forget about opening attached files online. This one can get ya if you simply go online.
The really nasty thing?
The worm can run any code it wants to on your system. !!!!!!!!!!!
If you've already run the update or have a firewall between you and the Internet, you won't get infected.
Stop the countdown
1. Go to the command line interface by clicking on the Start button and selecting Run. Type "command" (without quotes) and click OK.
2. At the command prompt, type "shutdown -a" (without quotes). This effectively orders the computer to abort shutdown.
3. Run your antivirus tools and download patches to remove the worm.
I think we should all thank the virus writer for being such a prankster and not sending a format command down to all the new or vulnerable people of the internet who would be devistated to loose any valuable computer data.
this tells me that my old xp cd is dangerous wthout an update on install.
cheers
for the info guys
egghead
Surely this fact would urge M$ to hurry up with SP2 so we can slipstream that CD and all be safe. I dont think this virus will be going away that quick, it only takes on PC to start it all againthis tells me that my old xp cd is dangerous wthout an update on install.(except the ones that patched
--- 0wN3D by 3gG ---
Posting Permissions
Reply With Quote
Bookmarks