Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Microsoft Worm

Reply
Thread Tools

Microsoft Worm

 
 
Dean Palladino
Guest
Posts: n/a
 
      08-14-2003
Okay, answer this one for me: Why do people continually get attacked by
these worms? If you and I could create a firewall with the solutions
that were posted here, why is it that people are still getting attacked
successfully.

I have a LinkSys Wireless-B 4 port router/switch, and I use Zone Alarm
(save the spyware issues for another post). I wasn't even phased by the
worm.

To my surprise, Comcast was affected by it and it was very detrimental.
Why? Where is the network administrator and why is Comcast not securing
their network. If hackers can't see you, they can't hurt you, right?

Okay, so its a bit of naivette on my part, but that does hold true in
most cases regarding Internet security.

What is the opinion of the security professionals in a.c.s.?

Dino
 
Reply With Quote
 
 
 
 
kaptain kernel
Guest
Posts: n/a
 
      08-14-2003
Dean Palladino wrote:

> Okay, answer this one for me: Why do people continually get attacked by
> these worms? If you and I could create a firewall with the solutions
> that were posted here, why is it that people are still getting attacked
> successfully.


Because Windows doesn't ship with a personal firewall turned on BY DEFAULT,
that's why.


> I have a LinkSys Wireless-B 4 port router/switch, and I use Zone Alarm
> (save the spyware issues for another post). I wasn't even phased by the
> worm.
>


There's some variant code kicking around that by-passes Zone Alarm. You
ain't seen nothing yet. This worm was just a warning...


> What is the opinion of the security professionals in a.c.s.?


Use a Mac or Linux.



 
Reply With Quote
 
 
 
 
Leythos
Guest
Posts: n/a
 
      08-14-2003
In article <(E-Mail Removed)> ,
http://www.velocityreviews.com/forums/(E-Mail Removed) says...
> Okay, answer this one for me: Why do people continually get attacked by
> these worms? If you and I could create a firewall with the solutions
> that were posted here, why is it that people are still getting attacked
> successfully.


Most people get hacked because they think of the internet as they do
their toaster - it's there and it works and I don't have to know more
about it.

In reality I would place most of the blame on the ISP's - they know that
people are easy targets and that for about $50 they could provide them
with simple NAT Routers that would block most of the attempts. If they
provided them with NAT Router and Antivirus software it would fend off
most of the hacks out there.

As for this worm, anyone having a simple NAT Router would have been
safe. People with personal firewall software, where they didn't
misconfigure it, would be safe.

Most people have no clue about their computers, their software, and even
less about dial-up connections.

--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
Jeff Umbach
Guest
Posts: n/a
 
      08-14-2003
People who pay regular attention to windows update would be safe as well.

--
Jeff Umbach

"Leythos" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In article <(E-Mail Removed)> ,
> (E-Mail Removed) says...
> > Okay, answer this one for me: Why do people continually get attacked by
> > these worms? If you and I could create a firewall with the solutions
> > that were posted here, why is it that people are still getting attacked
> > successfully.

>
> Most people get hacked because they think of the internet as they do
> their toaster - it's there and it works and I don't have to know more
> about it.
>
> In reality I would place most of the blame on the ISP's - they know that
> people are easy targets and that for about $50 they could provide them
> with simple NAT Routers that would block most of the attempts. If they
> provided them with NAT Router and Antivirus software it would fend off
> most of the hacks out there.
>
> As for this worm, anyone having a simple NAT Router would have been
> safe. People with personal firewall software, where they didn't
> misconfigure it, would be safe.
>
> Most people have no clue about their computers, their software, and even
> less about dial-up connections.
>
> --
> --
> (E-Mail Removed)
> (Remove 999 to reply to me)



 
Reply With Quote
 
Dean Palladino
Guest
Posts: n/a
 
      08-15-2003
In article <3f3b81fc$0$18274$(E-Mail Removed)>,
(E-Mail Removed) says...

> Because Windows doesn't ship with a personal firewall turned on BY DEFAULT,
> that's why.
>


Windows shouldn't ship with a personal firewall turned on by default.
However Windows Server 2003 does install locked down by default.

OS should only be that: an OS.
 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      08-16-2003
In article <(E-Mail Removed)>, tpacpl1220
@netscape.net says...
> The real question should be, " Why do people continue to use such crap
> software like Microsoft?"


You've got it wrong - the real question is why don't ISP's provide a NAT
device or personal firewall for ANYONE connecting to their services?

The MS Bashers seem to forget the weekly vulnerabilities found in Linux
and the others found in non-MS OS's.

If the ISP's were to provide some instruction and blocked ports that
don't need to be exposed to the internet for the common OS's it would
prevent most of the problems. Blame the ISP's, not MS - if every ISP
would block ports 135~139 and a hand full of others, the net would be a
much nicer place.

--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
Frode
Guest
Posts: n/a
 
      08-16-2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bit Twister wrote:
>> If the ISP's were to provide some instruction and blocked ports that
>> don't need to be exposed to the internet for the common OS's it would
>> prevent most of the problems. Blame the ISP's, not MS - if every ISP
>> would block ports 135~139 and a hand full of others, the net would be a
>> much nicer place.

> Yes, it is the ISP's fault for not blocking ports for services
> that Micro$loth should have disabled on install.


I hate M$ as much as anybody, but the same is true of a good number of
Linux distributions. It may have changed recently but last time (a year or
two ago I guess) I fired up vmware to have a peek at a few distributions
they all had tons of crap in startup scripts and inetd.conf enabled that
shouldn't be.

There's pretty much two very simple things Microsoft have been slow in
doing. Fixing its email clients to not automatically execute every freakin
scripting language supported by the OS when simply previewing a message,
and firewall enabled by default. It is getting there. Real slow.


- --
Frode

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBPz5yPeXlGBWTt1afEQLm5gCgk2lbKq0hJ3j64NsD+7/kAk7WqucAniHa
vsP79wh00LYgZi4vjtE81jxE
=mW81
-----END PGP SIGNATURE-----


 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      08-16-2003
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> In article <(E-Mail Removed)>, tpacpl1220
> @netscape.net says...
> > The real question should be, " Why do people continue to use such crap
> > software like Microsoft?"

>
> You've got it wrong - the real question is why don't ISP's provide a NAT
> device or personal firewall for ANYONE connecting to their services?
>
> The MS Bashers seem to forget the weekly vulnerabilities found in Linux
> and the others found in non-MS OS's.
>
> If the ISP's were to provide some instruction and blocked ports that
> don't need to be exposed to the internet for the common OS's it would
> prevent most of the problems. Blame the ISP's, not MS - if every ISP
> would block ports 135~139 and a hand full of others, the net would be a
> much nicer place.


Again you miss the point - MS uses ports 135~139 for network traffic -
they use it as a base part of the OS so that it makes life easier for
networking in LAN/WAN environments. While the flaw in RPC is not
something I defend, the fact that ISP's have know about RCP traffic on
their networks for years and have done nothing about it is the root of
the problem.

I'm not a MS Lover, I don't care about the company. I have MS NT4, 2000,
XP, AIX, SCO and a couple other OS's here.

ISP's should be responsible for installing a NAT router at the least for
every customer - for business accounts they should require a firewall.
This will keep the broadcasts and inbound traffic down and prevent
ignorant users from being compromised.

You will find that 135~139 is needed in a normal business network - it's
part of the OS. There is NO NEED to allow 135~139 outbound or inbound
from a personal or business network. If you want remote access you
create a VPN connection.

So, don't bitch about MS, they provided a patch before this hit.

If they disabled everything by default 90% of the users would never be
able to us their computers and then you would be bitching about that
too.

People use MS because it's got TONS of support, works well, is as easy
to use as the next OS, supports more hardware/software than any other
OS, and is cheap.



--
--
(E-Mail Removed)
(Remove 999 to reply to me)
 
Reply With Quote
 
Bit Twister
Guest
Posts: n/a
 
      08-16-2003
On Sat, 16 Aug 2003 19:14:49 GMT, Leythos wrote:

> ISP's should be responsible for installing a NAT router


I do not want MS stupidy costing me money to us a service.
Now, if the ISP makes it a requirement for NAT routers for
MS users, ok I go along with that.

> Again you miss the point - MS uses ports 135~139 for network traffic -
> they use it as a base part of the OS so that it makes life easier for
> networking in LAN/WAN environments. While the flaw in RPC is not
> something I defend, the fact that ISP's have know about RCP traffic on
> their networks for years and have done nothing about it is the root of
> the problem.


Nope, there is no good excuse for shipping product with the services
enabled. MS has plenty of wizards to allow the user to turn them
on if required.

Third Party Software install wizard can ask user if user wants
port opened if required.
 
Reply With Quote
 
Bit Twister
Guest
Posts: n/a
 
      08-16-2003
On Sat, 16 Aug 2003 20:20:43 GMT, Leythos wrote:

> Do you hammer the Open Source community and Red Hat when they provide
> products that have holes in they too or do you just slam MS?


That is a related problem.

> Thanks for the conversation, it was good to chat about this, but we have
> two different views on the causes of internet related problems and how
> they could easily be corrected.


Yes, I just cannot see why everyone else has to limp when Microsoft's
leg is broke.

You would think that with the history of viruses/worms MS would
implement basic security settings during install.

They finaly bought a firewall product. Was it enabled during install
on Home XP. Why have they not put those in products and Service Packs
to clean up basic security holds on current products. They updated
Internet Explorer for 98.

Yes the User has to load the SP. MS needs to at least _start_ putting
out the forest fire instead of hauling logs to the fire.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSE 4 11-15-2006 02:40 AM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola Microsoft Certification 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSD 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM



Advertisments