« previous next »
Pages: [1]

Author Topic:  (Read 1047 times)

Offline Harley

  • Trade Count: (0)
  • Major General
  • *****
  • Posts: 2254
    • View Profile
(No subject)
« on: August 12, 2003, 12:54:34 PM »
You can download a patch for this virus here.

http://www.microsoft.com/technet/treevi ... 03-026.asp
« Last Edit: December 31, 1969, 05:00:00 PM by Harley »
Logged
\"Just because you\'re paranoid, doesn\'t mean they\'re not out to get you!\"

\"Have Gun - Will Travel\"

Offline azsarge

  • Trade Count: (0)
  • General
  • *****
  • Posts: 9999
    • View Profile
(No subject)
« Reply #1 on: August 12, 2003, 03:34:39 PM »
thanks for the heads up, John!
« Last Edit: December 31, 1969, 05:00:00 PM by azsarge »
Logged

Offline Paco

  • Trade Count: (0)
  • Brigadier General
  • *****
  • Posts: 1507
    • View Profile
(No subject)
« Reply #2 on: August 12, 2003, 03:40:34 PM »
Nope, not battling it at all.  The only networks that got this worm (not a virus, but a worm) are those that have no System Admins, or System Admins who aren't doing their job properly.  The fix for the hole that this worm exploits was released almost a month ago and was posted on all the major news sites with a link to DL and install it and is also on WinUpdtSvc.  I patched our machines on our network and satellite networks almost 2 weeks ago.  If ASU's network is fighting it, I bet they haven't upgraded their Cisco IOS's on their hardware/routers either (to 12-17a).  Cisco revealed a gaping hole in ALL previous IOS's that needs to be upgraded.

The reason it will hit home users harder is that at least SOME corporate networks employ firewalls to block port 135 (UDP/TCP) and also keep up to date on hotfixes and patches.  Unfortunately, 90% of home users do NOT keep up to date, but then again, there's also a large percentage of Network/Sys Admins who don't keep their networks up to date.

If you can't tell, when it comes to network security, I'm quite the stickler.  Those admins who don't secure networks and computers only help to propogate these sort of attacks.
« Last Edit: December 31, 1969, 05:00:00 PM by Paco »
Logged

Offline Harley

  • Trade Count: (0)
  • Major General
  • *****
  • Posts: 2254
    • View Profile
(No subject)
« Reply #3 on: August 12, 2003, 04:48:45 PM »
You still had to patch all your work stations though, correct?  When I say battling it, that's what I'm referring to.  You have to take into consideration that we have thousands of computers and only so many techs to service them.  

One of the problems with working for a university is we can't lock things down too tight even though we'd like to.  Don't ask me why, but apparently it's policy to not restrict access to university resources.  All it does it make more work for the rest of us.  I believe port 135 is the one our Exchange server runs off, which would make sense why they didn't block it.  Oh well.
« Last Edit: December 31, 1969, 05:00:00 PM by Harley »
Logged
\"Just because you\'re paranoid, doesn\'t mean they\'re not out to get you!\"

\"Have Gun - Will Travel\"

Offline Harley

  • Trade Count: (0)
  • Major General
  • *****
  • Posts: 2254
    • View Profile
VERY Nasty computer worm attack....
« Reply #4 on: August 12, 2003, 12:27:18 PM »
There is a very nasty computer wor,  that has hit us hard at ASU.  Jason, I'm sure you're battling it there as well.  Here's some info for the uninformed.  This virus will hit more home users than corporate they say.

http://story.news.yahoo.com/news?tmpl=s ... ws_worm_dc
« Last Edit: December 31, 1969, 05:00:00 PM by Harley »
Logged
\"Just because you\'re paranoid, doesn\'t mean they\'re not out to get you!\"

\"Have Gun - Will Travel\"
Pages: [1]
« previous next »