Jump to content

Recommended Posts

Posted

The Blaster Virus is due to be triggered tomorow morning to attack Micro$oft on 16/8/03 Saturday.

It will also slow down the net and create all the typical virus symptoms on Home computers as well.

 

DO NOT download the patch on the MS site, it will get in that way!

a Google search for "Blaster Virus" will tell you more than I can.

Posted

Actually, the net will be faster tomorrow than it has been for a long, long time. If you want to be able to capitalise on that, do get the patch.

 

Being owned is what you get for not keeping Windows up-to-date, and not keeping an eye on the IT security press :P

 

Go MSblast! Funniest and most productive worm for months. I will explain later - gotta catch the bus home in a few minutes.

Posted

Right- I'm not (a) at work or (b) drunk now, so...

 

The RPC protocol vulnerability was first identified in June and it is a really big deal, because of the scope for potential attacks. Businesses have been patching and preparing since then precisely because it was known that worms such as MSblast would start appearing.

 

However, home users are notorious for not knowing what windows update is, much less using it, and for not using AV or a firewall.

 

MSblast was therefore designed to scan for Windows installations running the RPC protocol without the patch. Because this protocol enables NT systems to move information between ports (a bit like FTP) MSblast is able to copy itself to the target PC in a matter of seconds, and then of course it starts scanning again for new targets.

 

The payload MSblast carries is only designed to launch a DDoS attack on the windows update servers. An unexpected side-effect was the periodic shut-downs on XP machines, due to MSblast accidentally interfering with the RPC process. The only reason this shuts down the machine is due to XP being stupid.

 

So the net effect today is that a lot of infected people will be unable to use their computers, and in theory nobody can update because the update site will be down or busy (although i see it's running fine at the minute).

 

Ho ho ho.

 

If you have been infected, and got rid of the worm, you must apply the M$ patch to stay free of similar problems in the future. There WILL be other worms that attack RPC vulnerabilities.

Posted

well as far I know now, it was mostly contained before it did what it was supposed to anyway. I personaly didn`t notice any difference myself, Symantec(sp) the guys who make ZoneAlarm I think it is, have the patch on their site bug free IF anyone is worried about it anyway :)

All should be OK now anyway, sorry if it was a false alarm to anyone, but it could have swung either way!

 

All the best :)

Posted

I used services.msc to make it so the computer doesn't shut down when the RPC crashes, so now I'll reinstall MSBlast and let it attack MS :)

  • 2 weeks later...
Posted

He`ll be another one they make an example of, according to the news here, it only hit 7000 PCs and not the 200,000 + that they originaly stated.

oh well... pays yer money, Takes yer chance I guess!

Posted

HA! hahaha

that's too dang funny

 

knew the guy was caught, didn't think he'd put the wrong address in the thing though

;)

wasn't he some kid from seattle or something? I dunno..can't remember..communist..

  • 3 weeks later...
  • 1 month later...
Guest fazeeee
Posted

what up with all the uk people

Posted

I would love to support that argument, but I, too, must merely reply with

 

huh?

 

on second thought, with the "huh" intact, I second fazeeee's question too

Posted

to which I in turn respond with `doudle HUH?`

 

and hereafter await Sayanora to reply with " Yeah, what he said"

 

erm.... is this thread actualy GOING anywhere? LOL :)

Posted

I'll counter that doudle with "what the freak is doudle?"

 

and ban fazeeee, so I can steal his argument

 

of course this is going somewhere. UK people are everywhere

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.