Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: SECURITY WARNING!!!!

  1. #1
    Join Date
    May 2003
    Posts
    3,041
    Rep Power
    0

    Default SECURITY WARNING!!!!

    There is a Blaster variant on the loose.
    "The new version is nearly identical to the original, except for a new name on the executable file and a different registry key. The variant's file name is 'teekids.exe,' "

    http://www.eweek.com/article2/0,3959,1219197,00.asp

  2. #2
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    Hey tronyx... I saw it this morning.

    They are calling it the w32.blaster.B.worm


    The patch for the worms can be found Here

    The fix for the worms can be found Here


  3. #3
    Join Date
    May 2003
    Posts
    3,041
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    A permanent fix to all the blaster variants can be found here:
    www.redhat.com
    www.mandrake.com
    www.suse.com
    www.gentoo.org

  4. #4
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    [quote author=matronyx link=board=1;threadid=1565;start=0#msg14897 date=1060878047]
    A permanent fix to all the blaster variants can be found here:
    www.redhat.com
    www.mandrake.com
    www.suse.com
    www.gentoo.org
    [/quote]

    LOL..... Those will cure all your winwoes...

    If peeps are finding it hard to break out from windows... Lycoris don't seem like a bad version of linux at all for new users.

    www.lycoris.com

  5. #5
    Join Date
    Feb 2003
    Posts
    4,163
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    I should add that Lycoris is not free... I guess it pays to look like windows ;d

    I hear its good though.

    Any of you guys use it?

  6. #6
    Join Date
    May 2003
    Posts
    3,041
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    [quote author=Nastro link=board=1;threadid=1565;start=0#msg14900 date=1060878599]
    I should add that Lycoris is not free... I guess it pays to look like windows ;d

    I hear its good though.

    Any of you guys use it?
    [/quote]

    nahhh....it's too windows like for me ;D

  7. #7
    igodit Guest

    Default Re:SECURITY WARNING!!!!

    Microsoft prepares to be blasted
    Microsoft hopes to be ready when hundreds of thousands of computers infected with the MSBlast worm start pelting its Windows Update service with data requests on midnight Friday.
    The company has taken steps to try to dodge the denial-of-service attack, but it's also begun educating Windows users about other ways to get updates and patches in the event that the update service is made unavailable.

    "We are preparing," said Stephen Toulouse, security program manager for Microsoft's security research center. "We are working diligently to make sure that our customers can get the patch."

    The primary payload of the MSBlast worm, which began infecting systems Monday, is a DoS attack against the service from which most Windows users get their updates. If successful, the maneuver would frustrate efforts to patch the Windows vulnerability the worm exploits. The strategy is also a way of simply harassing the Redmond, Wash.-based software giant; the worm's code contains a message for the company's founder: "billy gates why do you make this possible? Stop making money and fix your software!!"

    Named after the msblast.exe file that contains the program, MSBlast continued to spread across the Net on Wednesday, infecting nearly 228,000 computers by midmorning, according to data gathered by security company Symantec.

    Computers infected with the worm will start sending connection requests to the Windows Update service at midnight Friday, according to the clock on a given user's computer.

    Although Toulouse was mum on the specific steps the software giant is taking to prepare for the attack, Microsoft is advertising alternative ways to get downloads and information from its site. The company has put more than 10 links on its main Web site to send people to more information and alternative channels for downloading updates.

    Toulouse also stressed that consumers can and should get the latest patches from the company's Download Center.

    Lloyd Taylor, the vice president of technology and operations Keynote Systems, which evaluates network performance, said that Microsoft's service will likely fall victim to the attack.

    "I don't think any network in the world would be accessible with the amount of traffic that is going to be thrown at it," Taylor said.

    Taylor also said that the amount of traffic directed at the Microsoft site could take down small local networks. But a similar prediction a few years ago fell flat.

    In 2001, after Code Red infected some 350,000 computers, it aimed a similar DoS attack at whitehouse.gov. The network administrators were able to move the site from the targeted Internet address and sidestep the attack. Moreover, despite hundreds of thousands of PCs flooding the Internet with data, local network outages didn't happen.

    Marc Maiffret, chief hacking officer for security software maker eEye Digital Security, said the amount of data sent from each infected computer would be small and that it would be unlikely to overwhelm any networks. Each compromised computer should send 50 packets of data every second--about 16kbps. That's quite low for such attacks.

    "I doubt Windows Update will go down," Maiffret said. "They have a big network, and it's very distributed."

  8. #8
    igodit Guest

    Default Re:SECURITY WARNING!!!!

    New variant of Blaster worm on the loose
    A modified version of the W32.Blaster worm is on the loose, according to advisories from two security firms. But users whose machines are patched against the original Blaster should be protected against the variant as well.

    Kaspersky Labs, a security firm in Moscow, this morning reported that it had detected a modified version of Blaster, also known as Lovsan, that takes advantage of the same vulnerability in the Windows interface that handles remote procedure calls (RPC).

    The only changes seem to be in the appearance of the new worm and a new text string abusing Microsoft Corp. and antivirus writers, according to the the Kaspersky alert.

    The name of the worm file has been changed from MSBLAST.EXE to TEEKIDS.EXE, according to Steven Sundermeier, a vice president at Central Command Inc., a Medina, Ohio-based vendor of antivirus software. The variant also uses a different code-compression method than the original, he said.

    An official at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh said the center had not heard of any variants so far. But given the amount of exploit code available that can take advantage of the RPC vulnerability, the reported appearance of variants isn't surprising, said Art Manion, an Internet security analyst at CERT.

    Meanwhile, the original worm still appears to be spreading, but at a slower pace. At this point, "it's more of a slug than a worm really," said Russ Cooper, an analyst at TruSecure Corp., a security vendor in Herndon, Va., and moderator of the NTBugTraq mailing list. "It's crawling along at a very slow rate."

    So far, TruSecure's servers have recorded attacks from about 471 unique Internet Protocol addresses -- or about 13 new ones every hour, Cooper said. About 88% of the attacks on TruSecure's servers are from new IP addresses.

    CERT estimated the number of infected systems worldwide as being "in the low hundreds of thousands," Manion said.


  9. #9
    igodit Guest

    Default Re:SECURITY WARNING!!!!

    Worm pushes Microsoft to change default Windows security
    Microsoft said Wednesday that it planned to change the way it distributes its flagship Windows XP operating system software, in response to a ``worm'' that has spread over the Internet in recent days attacking tens of thousands of personal computers by exploiting vulnerabilities in Windows.

    Dissemination of the worm, a virus-like program, slowed Wednesday as network administrators and individual computer users around the world took steps to protect their machines, even as Microsoft's critics stepped up their complaints that the company's industry-dominant software puts its customers at risk of such outbreaks.

    In at least a partial answer to its critics, Microsoft said it would begin shipping the consumer and business versions of Windows XP with the protective network firewall completely activated, to make PCs less vulnerable to attacks.

  10. #10
    Join Date
    Nov 2002
    Posts
    5,713
    Rep Power
    0

    Default Re:SECURITY WARNING!!!!

    [quote author=matronyx link=board=1;threadid=1565;start=0#msg14897 date=1060878047]
    A permanent fix to all the blaster variants can be found here:
    www.redhat.com
    www.mandrake.com
    www.suse.com
    www.gentoo.org
    [/quote]


    I was just about to laugh after u when I realized what u are acturally saying...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •