Live Chat

Go Back   Pixies Place Forums > Sex Talk > General Chat
User Name
Password


Reply
 
Thread Tools Search this Thread Rate Thread Display Modes
  #1  
Old 08-13-2003, 07:01 AM
FussyPucker's Avatar
FussyPucker FussyPucker is offline
Prince of Pervs
 
Join Date: Jun 2002
Location: England
Posts: 2,612
W32.Blaster.Worm

you might have read about it but this is a pretty sneaky virus since it doesn't need you to do anything other be connected to the internet to infect you and other computers. here's the info on it.....(fix and remove tools available from mcirosoft and symantec or me)

Based on the number of submissions received from customers and based on information from the Symantec's DeepSight Threat Management System, Symantec Security Response has upgraded this threat to a Category 4 from a Category 3 threat.

W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. This worm attempts to download the msblast.exe file to the %WinDir%\system32 directory and execute it.

Block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed:


TCP Port 135, "DCOM RPC"
UDP Port 69, "TFTP"

The worm also attempts to perform a Denial of Service (DoS) on Windows Update. This is an attempt to prevent you from applying a patch on your computer against the DCOM RPC vulnerability.

Click here for more information on the vulnerability that this worm exploits, and to find out which Symantec products can help mitigate risks from this vulnerability.

NOTE: This threat will be detected by virus definitions having:
Defs Version: 50811s
Sequence Number: 24254
Extended Version: 8/11/2003, rev. 19

Symantec Security Response has developed a removal tool to clean infections of W32.Blaster.Worm.


Anyone that uses a decent firewall system should be safe enough. This virus attacks systems running Windows 2000 and Windows XP it can infect NT 4 and windows 2003 systems too.

if don't want to search through the MS and Symantec websites for the fix and removal tools I've downloaded them they'll be on my web site for a couple of days.

http://www.fluffyknight.co.uk/fix.zip
__________________
FussyPucker

There are only 10 types of people in the world: Those who understand binary, and those who don't...

Sarcasm: It's not big and it's not clever...........but it's funny as fuck!

The Special One!
Reply With Quote
  #2  
Old 08-13-2003, 07:46 AM
Lilith's Avatar
Lilith Lilith is offline
♦*♥Moderatrix♥*♦
 
Join Date: Nov 2001
Location: on top of it all
Posts: 50,568
Send a message via Yahoo to Lilith
* smooches* TY sweetie. I patched mine at a friend's suggestion yesterday. I know lots of works systems that were inundated by this slippery sucker.
__________________

The practice of putting women on pedestals began to die out when it was discovered that they could give orders better from there.~ Betty Grable

If I wanted your opinion, I'd remove the duct tape and ask you for it.~ Me
<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>
One man's dream is another man's nightmare~~~~> §¤ Lilith ¤§

~>My Scribbles<~
==>Gone Shopping<== ~Just a Quickie~ *~A Celebration Vacation~* ~Surprises~ Sleeping With the Window Open
What Did You Do Today? Self Defense Class ~Short Sweet Snippets~ § Summer Spin § Story Challenge Submission Pajamas
Reply With Quote
  #3  
Old 08-13-2003, 07:57 AM
skipthisone's Avatar
skipthisone skipthisone is offline
Bastard of Member
 
Join Date: Jun 2002
Location: Illinois
Posts: 6,029
Send a message via Yahoo to skipthisone
I have gotten it at home twice. Fixed it then got it when applying the patch. Thank god it doestn hurt anything but damn it is annoying.
__________________
Love...the slowest form of suicide.
Reply With Quote
  #4  
Old 08-13-2003, 08:12 AM
fzzy fzzy is offline
Learning to talk sexy
 
Join Date: Nov 2002
Posts: 3,264
thanks FP!!!!
Reply With Quote
  #5  
Old 08-13-2003, 09:13 AM
Belial Belial is offline
I make sexytime with you
 
Join Date: Oct 2001
Location: Australia
Posts: 1,616
Just a couple of points:

While the worm itself only exploits the DCOM RPC hole over TCP port 135, the hole can also be exploited over TCP ports 139 and 445. Block those too.

This worm is really quite stupid in a number of respects, and yet the impact it has had is enormous. An expertly written worm exploiting this flaw would be nothing short of disastrous.
__________________
I want to know everything
I want to be everywhere
I want to fuck everyone in the world
I want to do something that matters
Reply With Quote
  #6  
Old 08-13-2003, 09:38 AM
FussyPucker's Avatar
FussyPucker FussyPucker is offline
Prince of Pervs
 
Join Date: Jun 2002
Location: England
Posts: 2,612
The only thing Virus does effectively is spread istelf around. That's really the idea of it, just to highlight a flaw in Microsoft operating systems it was never meant to be destructive just an annoyance.
An anit-virus company called F-secure wanted to test how quickly this thing can spread. They set up an unprotected PC and in just over 5minutes it had been infected.........they left it running and later that day it was only taking 27 seconds to get the virus !!!

It was just a flick in the balls to Microsoft in order to get them to better check their software.
__________________
FussyPucker

There are only 10 types of people in the world: Those who understand binary, and those who don't...

Sarcasm: It's not big and it's not clever...........but it's funny as fuck!

The Special One!
Reply With Quote
  #7  
Old 08-13-2003, 01:36 PM
Sharni's Avatar
Sharni Sharni is offline
<----Snappin' Pussy
 
Join Date: Apr 2001
Location: Queensland, Australia
Posts: 106,936
Couldn't they just get a written petition...fuckin' worms....i'll give the bastards worms!!!

These ppl that make these things piss me off BIG TIME!!
__________________
Smile, it's the second best thing you can do with your mouth.

*~Sharni~*

If you go hunting tigers....be prepared when ya catch one!
Reply With Quote
  #8  
Old 08-13-2003, 01:42 PM
Ozling's Avatar
Ozling Ozling is offline
Now Seating
 
Join Date: Jun 2003
Location: USA
Posts: 531
I got it last night while i was in the chat, had to leave in the middle of a great show. XD
my virus scan seems to have crapped out on me so i just ran my comp in safe mode and did a system restore for a day before it happend, thank god I make checkpoints every 24 hours, im compulsive like that. ^.^
__________________
-Oz
Reply With Quote
  #9  
Old 08-13-2003, 01:44 PM
Ozling's Avatar
Ozling Ozling is offline
Now Seating
 
Join Date: Jun 2003
Location: USA
Posts: 531
oh yea, and for anyone who doesnt know (dunno if it was posted in posts before mine cause i didnt read'em all) what the virus does, it opens this annoying lil box that says "blah blah blah your computer has been forced a shutdown authorized by blah blah" then it gives you a 1 minute countdown timer until it dicks you. at least the person who made it gave you tiem to save what you're doing =) *tips his hat to the maker*
__________________
-Oz
Reply With Quote
  #10  
Old 08-13-2003, 01:56 PM
FussyPucker's Avatar
FussyPucker FussyPucker is offline
Prince of Pervs
 
Join Date: Jun 2002
Location: England
Posts: 2,612
LOL actually ozling if you open a DOS window and type "shutdown -a" errrr without the "s of course then it aborts the shutdown that the virus starts it may be "shutdown /L /A" on some Windows version I can't remember for the mo but I think XP pro or maybe win 200 needs you to specify L - the local machine then A - abort
__________________
FussyPucker

There are only 10 types of people in the world: Those who understand binary, and those who don't...

Sarcasm: It's not big and it's not clever...........but it's funny as fuck!

The Special One!
Reply With Quote
  #11  
Old 08-13-2003, 02:01 PM
Ozling's Avatar
Ozling Ozling is offline
Now Seating
 
Join Date: Jun 2003
Location: USA
Posts: 531
will keep that in mind next time lil annoying bastard decides to show 'imself
__________________
-Oz
Reply With Quote
  #12  
Old 08-13-2003, 02:17 PM
FussyPucker's Avatar
FussyPucker FussyPucker is offline
Prince of Pervs
 
Join Date: Jun 2002
Location: England
Posts: 2,612
Well hopfully once you've installed the microsoft hot fix it should never appear again!
__________________
FussyPucker

There are only 10 types of people in the world: Those who understand binary, and those who don't...

Sarcasm: It's not big and it's not clever...........but it's funny as fuck!

The Special One!
Reply With Quote
  #13  
Old 08-13-2003, 11:43 PM
Belial Belial is offline
I make sexytime with you
 
Join Date: Oct 2001
Location: Australia
Posts: 1,616
Quote:
Originally posted by FussyPucker


It was just a flick in the balls to Microsoft in order to get them to better check their software.

If it was then it was misguided. Microsoft patched this hole about a month ago. I'm no Microserf myself, but credit where it's due.
Reply With Quote
  #14  
Old 08-14-2003, 03:38 AM
FussyPucker's Avatar
FussyPucker FussyPucker is offline
Prince of Pervs
 
Join Date: Jun 2002
Location: England
Posts: 2,612
I found it funny that the virus contained but never displayed this bit of text..
"I just want to say LOVE YOU SAN!!
billy gates why do you make this possible ? Stop making money and fix your software!!"

The pacth for this problem was released July 16th by microsoft and since then 4 updates have been made to it. The reason I said it was a flick in the balls to MS is that despite having patched the problem the whole issue of security and bugs in MS software has been thrown in to the news AGAIN by this virus. The main problem is really with the release of information on security patches, your average home uer is unlikely to ever know about them until it's too late. There are two options to this:-

1. Software companies (not just MS) need to do more work on testing software prior to release... you have to remember that it's impossible to track down every possible bug.

2. When there is such a critical secuirty flaw discovered people need to be made aware of them so that protection can be in place before a hacker/virus writer can exploit them.

I doubt either will ever happen really since it is impossible in such complex software to track and fix every problem..... and of course it's usualy the hackers/virus writers that find these flaws first.

oh well it keeps life interesting

by the way this virus now has two variants
W32.Blaster.B.Worm
W32.Blaster.C.Worm

Now that's just silly !
__________________
FussyPucker

There are only 10 types of people in the world: Those who understand binary, and those who don't...

Sarcasm: It's not big and it's not clever...........but it's funny as fuck!

The Special One!
Reply With Quote
  #15  
Old 08-14-2003, 06:51 AM
skipthisone's Avatar
skipthisone skipthisone is offline
Bastard of Member
 
Join Date: Jun 2002
Location: Illinois
Posts: 6,029
Send a message via Yahoo to skipthisone
Skip's wife spent about 10 minutes berating him on the post it note written on July 21st reminding him to get the patch....I told her I ignored those damn things...
__________________
Love...the slowest form of suicide.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -5. The time now is 11:07 AM.


Powered by: vBulletin Version 3.0.10
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.