Page 1 of 15 12311 ... LastLast
Results 1 to 10 of 147

Thread: RPC Shutdown

  1. #1
    Join Date
    May 2003
    Posts
    896
    Rep Power
    0

    Default RPC Shutdown

    I have been getting this error on my PC since last night. I was online with some other people and then my machine dtarted a 1 minute shutdown timer.

    I have noticed that all the machines are WIn XP.

    Linux Anyone???

    Will post a screenshot soon or if anyone can beat me to it that would be good.

  2. #2
    Join Date
    Aug 2002
    Posts
    1,257
    Rep Power
    0

    Default Re:RPC Shutdown

    DUDE YOU GOT HACKED!!!

    Basically there are two Exploit Code for the DCOM/RPC Flaw.........

    Version 1 Will issue a error message Stating Dcom was terminated .........PC will reboot in 60 secs.....

    You need to run the patch for this Flaw...

  3. #3
    Join Date
    May 2003
    Posts
    896
    Rep Power
    0

    Default Re:RPC Shutdown

    So whats Version 2?


    Microsoft patches here:

    http://microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=en]http://microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=en)http://microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=en[/url]

    ****************
    Info on Worm here:
    ****************

    http://securityresponse.symantec.com...ster.worm.html

  4. #4
    Join Date
    Jan 2003
    Posts
    3,004
    Rep Power
    0

    Default Re:RPC Shutdown

    guys the thing is, how can somebody with this problem download any patch or virus definitions if when they log on, they get only 60 seconds to reboot??????

  5. #5
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:RPC Shutdown

    I wonder who did that to Devnull.... I guess sometime we should listen to you eh GURU....

    Port 4444 is used by direct access by a user of the dcom exploit....

    TCP/IP Port 135 is used by the blaster worm.... which funny enough attacks the same hole. The funny case senario is, if you are infected by the worm, persons trying to used the direct approach of the dcom exploit will have no access to the machine. The worms can do various damage ranging from DOS (Denial Of Service) to Data Munching.


    Nastro
    I love learning!!!

  6. #6
    Join Date
    Jan 2003
    Posts
    3,004
    Rep Power
    0

    Default Re:RPC Shutdown

    guys read igodit post "Please install MS03-026 patch NOW!" it has all the vital info, this is also the patch needed to prevent this rpc thing from happening.

    i am glad i use a firewall, i am gonna go download the patch now.

  7. #7
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:RPC Shutdown

    [quote author=<<MiTcHiE>> link=board=5;threadid=1532;start=0#msg14559 date=1060698398]
    guys the thing is, how can somebody with this problem download any patch or virus definitions if when they log on, they get only 60 seconds to reboot??????
    [/quote]

    Mitchie...60 seconds is more than enough time for the intruder to leave a "backdoor" the he or she me return to your machine whenever he or she pleases. I should tell you that with a good backdoor in place even if the machine is firewalled and/or patched, the intruder will be back.


  8. #8
    Join Date
    Jan 2003
    Posts
    3,004
    Rep Power
    0

    Default Re:RPC Shutdown

    i read that it does a dos attack to windows update, so that infected users cant get to update.

  9. #9
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:RPC Shutdown

    [quote author=<<MiTcHiE>> link=board=5;threadid=1532;start=0#msg14564 date=1060698983]
    i read that it does a dos attack to windows update, so that infected users cant get to update.
    [/quote]

    This is a case senario with one of the worms. Funny enough, Dcom can be turned off manually without the use of a patch or update.

  10. #10
    Join Date
    Jan 2003
    Posts
    3,004
    Rep Power
    0

    Default Re:RPC Shutdown

    [quote author=Nastro link=board=5;threadid=1532;start=0#msg14565 date=1060699221]
    This is a case senario with one of the worms. Funny enough, the dcom can be turned of manually without the use of a patch or update.
    [/quote]
    how so?????

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •