Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Worm Virus Info & Links

Reply
Thread Tools

Worm Virus Info & Links

 
 
Robert Mathews
Guest
Posts: n/a
 
      08-13-2003


Here is the Info


Info on the Virus that is on the News


http://securityresponse.symantec.com...oval.tool.html

MS Patch

http://www.microsoft.com/technet/tre...n/MS03-026.asp




 
Reply With Quote
 
 
 
 
T-Boy
Guest
Posts: n/a
 
      08-13-2003
In article <(E-Mail Removed)>,
http://www.velocityreviews.com/forums/(E-Mail Removed) says...

<garbage deleted>

Microsoft's updated info on it is the best I've seen - by miles
- check it out:

http://www.microsoft.com/security/incident/blast.asp

--
Duncan
 
Reply With Quote
 
 
 
 
karl
Guest
Posts: n/a
 
      08-13-2003
Its freeky that ASB Bank was infected with this..


 
Reply With Quote
 
Howard
Guest
Posts: n/a
 
      08-14-2003
Nicholas Sherlock wrote:
> "karl" <(E-Mail Removed)> wrote in message
> news:3f3ac6ee$(E-Mail Removed)...
>> Its freeky that ASB Bank was infected with this..

>
> It's appalling. A (properly configured) firewall takes care of it and
> the operating systems SHOULD be patched regulary.


Firewalls yes. MS Patches less so.

As several wise fellows have already said in this ng, too many of them have
broken an otherwise working system and they also have an amended and less
favourable EULA.

Virus checkers also should be added to the list, albeit it would not have
saved the day against blaster. Firewalls alone are insufficient. While IT
depts might like to prevent sharing of files between organisations &/or from
home, it's still the way most work gets done.


 
Reply With Quote
 
lily
Guest
Posts: n/a
 
      08-14-2003
Howard wrote:

> Nicholas Sherlock wrote:
>
>>"karl" <(E-Mail Removed)> wrote in message
>>news:3f3ac6ee$(E-Mail Removed)...
>>
>>>Its freeky that ASB Bank was infected with this..

>>
>>It's appalling. A (properly configured) firewall takes care of it and
>>the operating systems SHOULD be patched regulary.

>
>
> Firewalls yes. MS Patches less so.
>
> As several wise fellows have already said in this ng, too many of them have
> broken an otherwise working system and they also have an amended and less
> favourable EULA.
>
> Virus checkers also should be added to the list, albeit it would not have
> saved the day against blaster. Firewalls alone are insufficient. While IT
> depts might like to prevent sharing of files between organisations &/or from
> home, it's still the way most work gets done.
>
>

The tools are still there in XP, a firewall, a VPN client and server.
Perhaps microsoft should have released a "UPDATE YOUR SYSTEM NOW !!!" worm.
I'm an XP user, I connect through an inexpensive firewall and keep my
stuff backed up to an inexpensive Debian samba server.
Its a must have Windows accessory.

I have no trouble clicking through the Microsoft EULA, and accepting all
their updates.
But I feel very sad for those that depend on Microsofts assurances, and
have lost their homework, uni work, family photo album, music
collection, home finance budget etc, their small business tax and gst
records and have to go through the technofear trauma and hours of
inconvenience of rebuilding their systems.
They deserve a heartfelt apology from Microsoft and a promise to
implement better systems in future.
Critical Update notification should be installed by default.

 
Reply With Quote
 
Nicholas Sherlock
Guest
Posts: n/a
 
      08-14-2003
"lily" <(E-Mail Removed)> wrote in message
news:srF_a.11411$(E-Mail Removed)...
> But I feel very sad for those that depend on Microsofts assurances, and
> have lost their homework, uni work, family photo album, music
> collection, home finance budget etc, their small business tax and gst
> records and have to go through the technofear trauma and hours of
> inconvenience of rebuilding their systems.


Er.. what? This worm doesn't do *any* permanent damage.

Cheers,
Nicholas Sherlock


 
Reply With Quote
 
M
Guest
Posts: n/a
 
      08-14-2003

"Nicholas Sherlock" <(E-Mail Removed)> wrote in message
news:bhfc79$umt$(E-Mail Removed)...
> "lily" <(E-Mail Removed)> wrote in message
> news:srF_a.11411$(E-Mail Removed)...
> > But I feel very sad for those that depend on Microsofts assurances, and
> > have lost their homework, uni work, family photo album, music
> > collection, home finance budget etc, their small business tax and gst
> > records and have to go through the technofear trauma and hours of
> > inconvenience of rebuilding their systems.

>
> Er.. what? This worm doesn't do *any* permanent damage.
>
> Cheers,
> Nicholas Sherlock
>


Except that it opens up a backdoor on port 4444 that ANYONE can do anything
they like through.

It is extremely dangerous.


 
Reply With Quote
 
Nathan Mercer
Guest
Posts: n/a
 
      08-14-2003
"Nicholas Sherlock" <(E-Mail Removed)> wrote in message
news:bhfc79$umt$(E-Mail Removed)...
> > But I feel very sad for those that depend on Microsofts assurances, and
> > have lost their homework, uni work, family photo album, music
> > collection, home finance budget etc, their small business tax and gst
> > records and have to go through the technofear trauma and hours of
> > inconvenience of rebuilding their systems.

>
> Er.. what? This worm doesn't do *any* permanent damage.


This one apparently. Patch before the next one that does.


 
Reply With Quote
 
lily
Guest
Posts: n/a
 
      08-14-2003
Nicholas Sherlock wrote:

> "lily" <(E-Mail Removed)> wrote in message
> news:srF_a.11411$(E-Mail Removed)...
>
>>But I feel very sad for those that depend on Microsofts assurances, and
>>have lost their homework, uni work, family photo album, music
>>collection, home finance budget etc, their small business tax and gst
>>records and have to go through the technofear trauma and hours of
>>inconvenience of rebuilding their systems.

>
>
> Er.. what? This worm doesn't do *any* permanent damage.
>
> Cheers,
> Nicholas Sherlock
>
>

So easily dismissed when its someone elses problem.
This is what I mean.

How do you know which version of whatever worm has exploited this
particular vulnerability ?
There are a whole bunch of variants on their way.
The security advisories suggest that you should clean rebuild and patch.
Many home users don't have access to another box to even investigate a fix
It might mean nothing to a young know it all geek like you, but its a
major pain in the arse to Joe Average User.

 
Reply With Quote
 
Nicholas Sherlock
Guest
Posts: n/a
 
      08-14-2003
"lily" <(E-Mail Removed)> wrote in message
news:sZI_a.11472$(E-Mail Removed)...
> Nicholas Sherlock wrote:
>
> > "lily" <(E-Mail Removed)> wrote in message
> > news:srF_a.11411$(E-Mail Removed)...
> >
> >>But I feel very sad for those that depend on Microsofts assurances, and
> >>have lost their homework, uni work, family photo album, music
> >>collection, home finance budget etc, their small business tax and gst
> >>records and have to go through the technofear trauma and hours of
> >>inconvenience of rebuilding their systems.

> >
> >
> > Er.. what? This worm doesn't do *any* permanent damage.
> >
> > Cheers,
> > Nicholas Sherlock
> >
> >

> So easily dismissed when its someone elses problem.
> This is what I mean.
>
> How do you know which version of whatever worm has exploited this
> particular vulnerability ?
> There are a whole bunch of variants on their way.
> The security advisories suggest that you should clean rebuild and patch.
> Many home users don't have access to another box to even investigate a fix
> It might mean nothing to a young know it all geek like you, but its a
> major pain in the arse to Joe Average User.
>


That's why everyone reccomends that you
A. Have antivirus installed.
B. Have a firewall installed
C. GO TO WINDOWSUPDATE!

Having any *one* of these would stop the problem.

Cheers,
Nicholas Sherlock


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Experts Warn of Kama Sutra Worm (yet another MS worm) Imhotep Computer Security 4 01-30-2006 01:53 PM
Worm\Spybot (P2P-Worm.Win32.SpyBot.a) Danny Computer Information 0 08-14-2005 01:09 PM
worm/spybot.17.t (worm spybot 17t) detected by AVG code_wrong Computer Security 0 05-15-2004 04:40 PM
Antigen found VIRUS= I-Worm.Sobig.f (Kaspersky,CA(InoculateIT)) worm ANTIGEN_ML-MAIL Ruby 0 09-09-2003 07:11 PM
New anti-blaster worm attempts to fix RPC/DCOM vuln - W32/Nachi.worm Lord Shaolin Computer Security 6 08-20-2003 10:39 PM



Advertisments