Hi Frank and Dominic and Douglas, thank you for terrifying us, especially
those like me who still have Windows '98 and tried to download the safety
pack Windows 2000 -which is the closest- but does not work. What should we
Do? I use the Norton AntiVirus Self-Protect system which automatically
updates every couple of days, just to show off a bit.
Thank you and take care, anny
From: "Frank Parker" <[log in to unmask]>
> "...and although the worm currently doing the rounds is just a dumb
> causer-of-nuisance..." - Dominic
>
> I'm afraid it is far more than a nuisance, Dominic (and anyone else
> listening). I work at a call center for a large (no, huge) international
> internet service provider. I take calls from members in the Windows
> Technical division who have problems. I had more than a few calls from
> people whose computers boot, shut-down , reboot, shut down, and reboot in
an
> endless loop (mostly broadband users using any broadband provider with
> WinXP; the only solution is to unplug the broadband connection entirely).
> But, I also talked to one elderly gentlemen today who had unpacked his
brand
> new Dell computer only yesterday and was using dial-up that got fried by
the
> same virus (an "error message" appears stating that there's some sort of
> "NT" error just prior to shut-down). I also spoke with a Win98 user whose
> computer was toasted. This poor guy had his Windows wallpaper left and
> that's all. No mouse, no icons, no system-tray, no nothin'.
>
> We have some really bad ass security (firewalls, etc.) and the worm
> penetrated our facility. Our engineers were able to patch our servers
> though. We all had to shut down and reboot to the new configuration.
Notice
> was sent out that anyone receiving an RPC error message was to notify OPS
so
> their computer could be reimaged.
>
> The pisser is, this worm scans for an open port (135, 139, 445 being most
> sought but it's an opportunist and will test all ports) to gain entry. The
> old way of getting a virus via an executable in email has been trumped.
>
> The Windows Security Patch, updated virus software and a hell strong
> firewall are the only edge I know of. That or don't log-on to the
internet.
>
> ************
> Frank Parker
> [log in to unmask]
> http://frankshome.org
>
> -----Original Message-----
> From: Poetryetc provides a venue for a dialogue relating to poetry and
> poetics [mailto:[log in to unmask]]On Behalf Of Dominic Fox
> Sent: Wednesday, August 13, 2003 3:24 PM
> To: [log in to unmask]
> Subject: Re: The new virus for XP and NT
>
>
> This one is for real - it's a buffer-overrun attack on the DCOM RPC
server,
> and although the worm currently doing the rounds is just a dumb
> causer-of-nuisance (which seems to have been designed to launch a Denial
Of
> Service attack on the Microsoft security patch downloads site on the 16th)
> the vulnerability could potentially enable an attacker to execute
arbitrary
> code, with full system privileges, at a command prompt. Which is quite
> scary...
>
> Dominic
|