 
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA | Just goes to show No matter what OS you run, you can't disregard service bulletins...especially when they've been out for weeks and weeks and weeks and... | |
|
 | 
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| Re: Just goes to show said by oliphant5  :
No matter what OS you run, you can't disregard service bulletins...especially when they've been out for weeks and weeks and weeks and...
Half truth...
TRUTH:
"No matter what OS you run, If you run a Microsoft product, you WILL be running with the *WORST* default policies in the industry."
-m-
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | vrapp
join:2000-02-29
Park Ridge, IL
| Re: Just goes to show said by ikarus1 :
TRUTH:
"No matter what OS you run, If you run a Microsoft product, you WILL be running with the *WORST* default policies in the industry."
You may think so only because nobody is really interested in blasting anything but Microsoft. If the day comes when Linux or anything else begins to approach Microsoft by the popularity, rest assured, it won't take long to direct the efforts to them. Do you really think those other systems are made by some significantly different hands? | |
|
| | | 
AthlGrond
Premium,MVM
join:2002-04-25
Aurora, CO
 ·Comcast
| Re: Just goes to show said by vrapp :
Do you really think those other systems are made by some significantly different hands?
TRUTH:
No, we are all human. | |
|
| | |
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| said by vrapp :
said by ikarus1 :
TRUTH:
"No matter what OS you run, If you run a Microsoft product, you WILL be running with the *WORST* default policies in the industry."
You may think so only because nobody is really interested in blasting anything but Microsoft. If the day comes when Linux or anything else begins to approach Microsoft by the popularity, rest assured, it won't take long to direct the efforts to them. Do you really think those other systems are made by some significantly different hands?
That is the standard line... "We're the most popular so we are the ones they are after, if they were after you, things would be different."
Microsoft definately has the worst default security policy in the industry. It (Microsoft) refuses to fix that policy because of marketing pressure. They want someone who knows little more than how to stick a CD in the drive to be able to update the system or to install software. They want anyone who downloads an exe on one of their boxes to be able to just click it and install it. They want you to be able to send macros in your DOC files, and execute programs in your browser... but they DO NOT want to require you to use a user account by default. Therein lies the problem. It is just that simple. The problem is that Microsoft trades market share for default security policies.
Yes, they are the most popular because they are the least secure by default... The hooks are in their systems to protect the system. They just don't turn them on by default.
YOU may think that a Linux/BSD/Mac-OS workstation with no services enabled is as vulnerable as a Windows workstation with no services enabled and YOU WOULD BE RIGHT ---- IF AND ONLY IF THE USER WAS DOING EVERYTHING AS ROOT. On Microsoft boxes, the user IS doing everything as the default Administrator (root).
That is socially irresponsible.
And THAT is the TRUTH.
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | | |
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA
| Re: Just goes to show said by ikarus1 :
On Microsoft boxes, the user IS doing everything as the default Administrator (root).
That is socially irresponsible.
And THAT is the TRUTH.
Wrong...the latest iterations of NT DO NOT have the default user as an Administrators, the are so-called "power users". NT handles users just like Linux...you are given the options at time of installation to set up an administrator and default user account. With XP the distinction is even more prevalent with most users even knowing that an administrator account exists until they attempt to install something to find they don't have write access to the registry and must run the install as an administrator in order to complete the installation.
It's amazing how many brainwashed *NIX users just have these preconceptions about NT without knowing the facts.
[text was edited by author 2003-08-13 11:16:04] | |
|
| | | | | |
| | | | | |
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| Re: Just goes to show Yep, Linux is less than nothing to Gates... That's why SCO (owned by Microsoft) is in court in an attempt to get *ROYALTIES* from the Linux/BSD users. He isn't afraid of Linux or BSD. He is afraid of the whole free software movement.
You know there Woodbridge, it is great to live in a gated community but it can insulate you from reality. Clearly that has happened to you, I'm sorry.
Look I'll take my linux servers over our Microsoft based servers *ANY* day. I literally can run three times as much traffic on 1/2 the CPU, in 1/3 the ram. I've been building servers for about ten years now, all kinds, IRIX, Solaris, NT, 2000, Linux, BSD... nothing performs as poorly, behaves as strangely, or uses resources as in efficiently as a Redmond product... Don't try to tell me it is all the security checking going on under the hood, ok?
Microsoft's update servers are very spotty out here on the East coast today.... You don't suppose that is because the user base you are so proud of are out there finally doing their updates, do you? Microsoft failed to plan for the capacity... If they can't build a decent update network, what does that say for the operating systems themselves?
Believe what you want whether it is only as much as you can see from your gated community, or it is reality, you are indeed welcome to believe whatever you want.
I'll believe what I SEE. I SEE Microsoft's update site had problems during the last patch/worm/patch cycle. I SEE Microsof's update site is again having problems during this cycle and in three days the worm is going to whack them... People can't update because the update site is flakey (loaded) and the worm is busily trundeling about the network from one Microsoft box to another... At least cannibals only eat one another in this scenario.
Tell you what though, I'll make you a deal. I'll sell you a better OS at 1/2 the price and I'll give you the source code as well... ALL YOU HAVE TO DO IS LEARN HOW TO USE IT.
-m-
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | | | |
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| The "latest" iterations... perhaps... perhaps...
Why did it take so long???
Social irresponsibility driven by a profit over security motive...
-m-
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | 
NotSoDumb
@eds.net | Linux and other OS's are just as unsecure... I know this from experience. It is just the fact that Windows is exploited more and is the choice of would be kiddies... | |
|
Bobcat
Premium
join:2001-02-04
Bedminster, NJ |  Stupid people
| |
|
| 
tomsprat
Draw Me A "Cold One"
Premium,ExMod 2002-04
join:2000-11-03
Fort Lauderdale, FL
clubs:
| Re: Stupid people Speaking of "stupid people", how about the idiots who waste their time dreaming up these worms & viruses, then implementing them? Rather than looking forward to a paycheck for accomplishing something beneficial, they'll be looking over their shoulders every day, wondering if they'll get "nabbed". Great way to screw up your future!
--
Anything that ever was, was once a dream... | |
|
| | bigbeartech
Goo?
join:2001-09-23
Saint Louis, MO
| Re: Stupid people well, this worm was to prove a point...
Patch your systems.
In fact, I read somewhere that it says within the code
"Mr Billy Gates why do you continue to release crappy OSes instead of securing your current ones?"
Or something to that effect.
The worm was ment to demoralize and demonize Microsoft. As its only purpose was to self propogate and annoy.
Generally, todays viruses do not want people to know that they are there. Its a pivitol key to the mystery of your question.
--
guycad: It may take you days and large clumps of hair to get it to work,CyberSchnook:I am so screwed--I haven't had large clumps of hair for years.  | |
|
| | | 
cameron119
1lt
join:2002-12-03
Morristown, TN | Re: Stupid people If it weren't for assholes that did this we wouldn't need to patch. All software would be cheaper as a result. | |
|
| | | | kr4mm
join:2001-04-19
Lagrange, GA
| Re: Stupid people Now THAT'S demonstrating ignorance! It's like saying "If it weren't for people who steal, we wouldn't need locks on our doors." Microsoft isn't just leaving the doors unlocked, it's leaving them standing wide open. Do you really want us to all wake up one day in the middle of a war and find that every computer you own has been wiped clean? Do you want all of your private medical information posted to the public? Do you want your bank account accessible to whoever feels the urge to just walk in to the bank system and take your money?
This worm is merely a demonstration of what COULD happen. It doesn't DO anything other than show you that it COULD have done ANYTHING. It also demonstrates that once a small door allows in a small worm, it can then open the garage and allow the whole world to enter your system as they please. Microsoft needs to rewrite their code with a completely different mindset. Linux isn't exempt, either. I patch both OSes religiously because I've seen first-hand what happens when you turn a blind eye to the need to keep up with technology. This is what I do for a living.
That being said, NOBODY should directly attach their PC to the Internet. Even a cheap firewall/NAT Router will do wonders for your security. Use the builtin WinXP firewall, use a software firewall like ZoneAlarm, but use SOMETHING. Treat the Internet like what it is: a disease ridden cesspool of information. Don't go into it looking for what you want without some protection. Every system on the Internet is a stranger just waiting to infect you. Doesn't matter if you know the person who runs it or not, because you are merely trusting their technical competence. Think of it as one big orgy: there's no telling what you'll catch and you can't trust anyone to be infection-free, so use protection. Excuse the bad analogies. | |
|
| | | | | |
| | | | | | 
tcp1
Premium
join:2000-04-17
Herndon, VA | Re: Stupid people Oh jeez. | |
|
| | | | | | | mc5w
join:2002-06-14
Independence, OH
| Re: Stupid people So far, I have had only one bad update from Maxisquash that they had posted about a year ago and then replaced with another. Put the kabosh on building a Windows 98se machine because I had to reload the OS.
On the other hand, I am not rich enough to dick around with Windows server products, so maybe I am just lucky. I also avoid ME and XP. | |
|
| | |
|
Billy9
@attbi.com
| Actually Windows updates fail fairly often. If a person relies on Microsoft's Auto Update and is not aware of this, they can unknowingly miss an important update and be affected the target exploit. One of my co-workers, a network technician, did just that. In fact he was infected the same day that he ran the updates. Some of us are not anal retentive, and do not care to spend a lot of time working on our personal systems. We have a life, you know. Well, in this case, since the payload is relatively light, it doesn't matter. Cleanup, one is infected, is easy. Fortunately the authors of this thing did not chose to do something really terrible! | |
|
| | |
|
BuzzLightYear
@mts.net | I'd have to agree, many don't know to install updates. Its pretty sad. | |
|
| |
| scomps
join:2001-06-05
Utica, NY
| said by Bobcat :
Stupid people deserve what they get when they don't keep up with security updates.
Ya know.. it's attitudes like this that sock the internet down. It's not just the "stupid people" that are getting boned over this. It's everyone on the net period. The traffic this shit generates is WAAAAY over the top. I'd recommend that you brush up on the subject before inserting your witty conjecture.
Yes, stupid people deserve to be beaten with lead pipes for not keeping up with security updates, virus definitions etc so on and so forth, but fixing the problem is the goal and getting their crap traffic off the backbones should be the priority.
No this isn't a flame. It just torques me right off when people pull this ignorant crap like "oh fine, they got a virus, they're screwed, they should have run antivirus hahahaahaha" yeah well.. it affects all of us.
--
Scott Johnson -- developer of MWall. Contact me for more information. | |
|
| | 
Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
clubs:
| Re: Stupid people Agreed scomps. Just because you don't know how to use a computer or don't know how to update it doesn't meen you are stupid. Not everyone who bought a computer uses it as much as me and others. They go online, check their e-mail. IM mom back home and then shut down. They don't tweak, update, or any of that stuff because they don't know that much about computers and not knowing that much about computers is perfectly fine. It doesn't make you stupid.
--
"Knowhutimean, Vern?" - Ernest P. Worrell »www.maxolasersquad.com | |
|
| 
Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY
 ·Qwest.net
| I had forgotten what a resource Steve Gibson is in the security area. He has security fixes for a bunch of problems, including the MSBlast worm. and most all of them are freeware. His Leak Test firewall tester is one of the best and very simple to use. He has to be doing something right. I think if Microsoft could figure out a way for Steve to be abducted by space aliens and disappear they would, they really don't like the man he is a constant thorn in their sides. His site is fascination.
»grc.com/default.htm
--
low Brass Rules!
Irish Terriers do to!!!
[text was edited by author 2003-08-14 04:00:24] | |
|
| | FatFrank5
join:2002-11-19
Draper, UT
| Re: Gibson Research Corporation All I can say is OS X / Free, Open, Net BSD/ Linux. Attacks are designed around Microsoft for a reason. It's not just their OS's it's everything. IE compared to other browsers for example, has a whole lot of security risks. You SHOULD be able to spend your hard earned money on a computer that is DESIGNED to go on the internet and feel safe. Would you drop $30,000 into a car that has no airbags, seatbelts and firestone tires? Microsoft just doesn't implement enough security into their software plain and simple. In todays world with technology computers will be the targets for all sorts of things. Computers run banks, records just about everything. Imagine a Sept. 11 in a cyber sense. Scarry isn't it. It would be nice to know that Windows is safe enough for you to use, but it isn't. And that's scary.. | |
|
| | |
boo-urns
@emhril.ameritech
| Re: Gibson Research Corporation windows isn't a major target because of it's design..it's a major target because it is the majority. and when there's the majority, that's where the casual, non techy users come in. and where the casual non tech users come in, that is like chumming for malicious coders. that's why the codes keep uh comin. | |
|
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
 ·Site5.com
·AT&T Midwest
·Comcast
| *sigh*
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
All I can do is *sigh*.
--
My Domain
Nightfall's Hockey and Life Journal | |
|
|
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA
| Re: *sigh* Exactly...if *nix had the market that Microsoft does we would be seeing the lengthly list of *nix vulnerabilities exploited more often. Desktops are the easiest and most plentiful target and if you are going to write a worm what are you going to target...the 92% of the market (Windows) or a splinter of the remaining 8%. | |
|
| | 
Dewi
Premium
join:2001-09-28
united kingd
| Re: *sigh* Is this pure speculation, or backed by facts? You could take the stand that most servers are *nix based, and have the most valuable payloads that they would be the primary target no? But then again most servers are *nix based for a reason I suspect; chief among them the genesis for this article. | |
|
| | |
See 12 replies to this post |
|
| |
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| Oh, please... we've already had that discussion. It has *NOTHING* to do with *nix or Winbloze... IT HAS TO DO WITH STUPID, ASSININE, BRAIN FREAKIN' DEAD DEFAULT POLICIES...
We (*nix) has known since 1970 that the default user is not supposed to have administrative authority... You would have us believe that Microsoft is too stupid to understand that. The TRUTH is Microsoft doesn't care about much other than the BOTTOM LINE and THAT *IS* the problem.
It is this brain dead policy, among others, that gives Winbloze their 92% market share. When the public figures that out, the problem will go away.
God! I fail to understand the brainwashed, Redmond type.
-m-
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | |
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA
| Re: *sigh* Default user issues are a matter of laziness by the sysadmin. Modern WinNT releases don't give the default user Admin rights either. I suppose Sun doesn't give a crap about their bottom line.
I fail to understand how all these brainwashed *NIX users live with the fantasy that *NIX doesn't have vulnerabilities. | |
|
| | | | 
reub2000
Premium
join:2001-12-28
Evanston, IL
| Re: *sigh* said by oliphant5 :
Default user issues are a matter of laziness by the sysadmin. Modern WinNT releases don't give the default user Admin rights either. I suppose Sun doesn't give a crap about their bottom line.
I fail to understand how all these brainwashed *NIX users live with the fantasy that *NIX doesn't have vulnerabilities.
You can't expect every aohell user to know how to secure their computer. If every user took 5 minutes to dl and install zone alarm, msblaster wouldn't be an issue. But 90% of the internet doesn't know about adminstative users and firewalls. | |
|
| | |
tcp1
Premium
join:2000-04-17
Herndon, VA | The term "winbloze" is no longer clever or funny. It's dumb. | |
|
| | | |
ikarus1
Premium
join:2002-10-23
Urbanna, VA
| Re: *sigh* said by tcp1 :
The term "winbloze" is no longer clever or funny. It's dumb.
Still works for me... but then I never cared whether I offended an "luser" or not... google for it, you'll figure it out.
--
FAVORITE ANSWERED QUESIONQ: I want to add an antenna to my wireless device, any suggestions?A: »www.freeantennas.com | |
|
| | | | |
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA | Re: *sigh* Sorry, we don't waste time memorizing the AV Nerd Dictionary. It's dumb. | |
|
| 
Scott W
Premium
join:2003-08-09
Beaverton, OR
| said by Nightfall :
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
Yes, I saw this at my place of employment. I wrote in to ask why we let this happen to ourselves when patches had been out for months, and basically recieved a self-congratulatory message from the IT guys bragging about how well they had handled SQL Slammer despite not having patched all our systems and letting it bring all our networks down for a couple days. Yeah, way to go, guys. I'd hate to see what they have to do before they think they screwed up. | |
|
| |
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
·Site5.com
·AT&T Midwest
·Comcast
| Re: *sigh* said by Scott W :
said by Nightfall :
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
Yes, I saw this at my place of employment. I wrote in to ask why we let this happen to ourselves when patches had been out for months, and basically recieved a self-congratulatory message from the IT guys bragging about how well they had handled SQL Slammer despite not having patched all our systems and letting it bring all our networks down for a couple days. Yeah, way to go, guys. I'd hate to see what they have to do before they think they screwed up.
I hear ya. Being an IT person requires you to think ahead. When exploits like this are released, the idea is to be proactive. Something a lot of IT people suprisingly don't know how to do.
While they are bragging about how well they handled the SQL Slammer, my company didn't miss a beat. While they were fixing the problem, I was taking the weekend off. My time invested in this was minimal, about 30 minutes to install the patch and reboot the server. They spent about 3 hours?
--
My Domain
Nightfall's Hockey and Life Journal | |
|
| | |
Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY |  Re: *sigh*
--
low Brass Rules! | |
|
| vic102482
Premium
join:2002-04-30
Upper Marlboro, MD
| said by Nightfall :
No offense, but I already had this patch installed not a week after it was released. I had already gotten all the computers at work installed with this patch just in case. Yes, the firewall protects both my computers at home and at work. However, it is better safe than sorry.
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
All I can do is *sigh*.
The patch didnt work for everyone......
--
10,000+ Posts and counting. You aint gonna stop me!!!!w00t!! | |
|
| |
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
·Site5.com
·AT&T Midwest
·Comcast
| Re: *sigh* said by vic102482 :
said by Nightfall :
No offense, but I already had this patch installed not a week after it was released. I had already gotten all the computers at work installed with this patch just in case. Yes, the firewall protects both my computers at home and at work. However, it is better safe than sorry.
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
All I can do is *sigh*.
The patch didnt work for everyone......
The patch didn't work for everyone who was already infected and applied it. You are right, it didn't work for everyone who didn't clean their system first. Otherwise, I haven't seen one official documented RPC worm that can bypass that patch. You know of one? Post a link here so I can read it.
--
My Domain
Nightfall's Hockey and Life Journal | |
|
| 
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
| Exactly my sentiments. Those Sysadmins who ignored warnings
from security experts and even the Department of Homeland
Security have no one to blame for the spread of this worm
but themselves.
--
"Kayura or Badamon, whichever you are, you should know that I will never give up this battle. By the will of the Ancient, I shall succeed!" - Shuten (Anubis) from the Ronin Warriors. | |
|
| WolfJaguar
join:2003-03-20
Portland, OR | Well it depends on the corporation, my company runs mostly win boxes, with a few linux boxes for flavor. | |
|
| rotbau
join:2000-08-24
Minneapolis, MN
| said by Nightfall :
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
In general I have to agree, but there are reasons some people don't update their patches the second the come out. Mainly - MS patches often KILL programs working on servers. I can't even count how many times one of MS's patches stopped a RRAS or IIS server from working correctly once it was applied. This is the same reason that people disable the autoupdate feature. In a work environment it is suicide to let MS update itself.
The reason people bash MS is because they ship their product with every conceivable service activated. RPC on a home machine....why? | |
|
| |
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
·Site5.com
·AT&T Midwest
·Comcast
| Re: *sigh* said by rotbau :
said by Nightfall :
The thing that irritates me is a patch is released in a timely fashion. Yet, no one updates their system. Then, when something like this happens, they blame Microsoft. It is bunk in my opinion. The same goes for Nimda, Code Red, and so on. There are still thousands of people with infected web servers out there today.
In general I have to agree, but there are reasons some people don't update their patches the second the come out. Mainly - MS patches often KILL programs working on servers. I can't even count how many times one of MS's patches stopped a RRAS or IIS server from working correctly once it was applied. This is the same reason that people disable the autoupdate feature. In a work environment it is suicide to let MS update itself.
The reason people bash MS is because they ship their product with every conceivable service activated. RPC on a home machine....why?
This patch has been out for weeks. How much time do people need? The fix for IIS was out for months. Once again, how much time do people need?
I don't apply patches the day they come out, but I do within a week. It is the safest thing to do. If there are going to be documented problems, they are going to happen within a week.
Sorry, while I do take precautions before I apply a patch such as a full backup, I have NEVER killed a server by applying a patch. Maybe it is because I read the documentation on every patch. Maybe it is because I take good care of the servers under my control.
I just don't agree with that arguement, especially a month after a patch is released and people get burned. That is shoddy administration, not the fault of MS.
And patches often kill servers and programs? Please. I know many different admins that patch the same way I do or similiar fashion and have zero problems. If any of the people I know had problems with a patch killing a server or application, I would have heard about it. Especially if it was a common occurance. Yes, there are some people who have isolated problems. Would you believe that 50% of those problems are due to people not reading the instructions? Such as not patching in the right order? In the young days of windowsupdate.com, there were a lot of servers that went to crap. Dumb admins would just queue all the updates and install, but when the server bombed, it was Microsoft's fault. It doesn't take a rocket scientist to take a moment to read the instructions and keep up with the updates.
I think you are blowing things out of proportion.
--
My Domain
Nightfall's Hockey and Life Journal
[text was edited by author 2003-08-13 11:11:55] | |
|
| | |
oliphant5
Got Identity?
Premium
join:2003-05-24
Corona, CA | Re: *sigh* It's just amazing how many lazy ass admins would consider your prudent procedures excessive. | |
|
| | |
ikarus1
Premium
join:2002-10-23
Urbanna, VA | No... this is a NEW patch... pay attention.
-m- | |
|
| | | | |
| | | BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
| neither have i and i have done lots of work in previous years on edu servers running windows.... if they read the documentation it might produce a brain cell growth and spur them from being lazy.
--
Need a web host try us at www.servercentral.net... message me directly and we can make you some killer deals. | |
|
Eat Me
join:2002-09-25
Sussex, NJ | This is going to be bigger than code red Code red depended on the machines having IIS installed.
Lovesan depends on just having netbios enabled, which practically all machines have. | |
|
|
See 6 replies to this post |
|
|
|
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI | Re: MS How so?
That patch hasn't changed and so far it is a deterant for all the RPC worms out there right now from what I see. You have official word from some source? | |
|
|
|
See 26 replies to this post |
|
|
Mr Natural
join:2003-03-30
Hallandale, FL
| MS takes the blame
Mr. Natural | |
|
|
See 6 replies to this post |
|
LBDSL
Lightning Bolt
VIP
join:2002-01-07
Auburn Hills, MI | no worries The joy of running Mac OS X. No worms to worry about! | |
|
|
See 29 replies to this post |
|
devrandom
I got a pot, full of random stuff here
Premium
join:2003-06-28
| The DMV? Thats interesting how it could take out the DMV office in Maryland. Makes you think how many other exploits are available in Microsoft sofware (and *nix machines, don't forget, people root linux machines too!) that could be dug up by just anybody and used to disrupt services run even by governmental powers.
I'm suprised that government machines aren't more isolated from the internet and protected from such attacks.
Almost everything relies on the internet..everything hooked..to internet...there is no failover for some things that we do
--
Throwing your used Pentium into the ocean only makes the fish smarter. | |
|
simkar
join:2002-09-30
Monroe Township, NJ | gfgfg "The joy of running Mac OS X. No worms to worry about!"
Because everyone feels sad for Mac users as it is. | |
|
|
devrandom
I got a pot, full of random stuff here
Premium
join:2003-06-28
| Re: gfgfg Every security geek has probably heard the words "no system uncrackable". That applies to Apple too. I've had my fair share of doing things to my friend's Apple (not remotely) after he said that it was 'totally' locked down.
--
Throwing your used Pentium into the ocean only makes the fish smarter. | |
|
| |
unixnoob
join:2002-09-11
Odessa, FL
|  lowest bidder
Mark my words!!!
--
"There is no market for personal computers." Kenneth Olson (CEO Digital Equipment Corp.) | |
|
| todd2473
join:2003-07-03
North Vernon, IN
| Re: lowest bidder OK true no mac Os x worm lol no mac os x games no mac os x software no mac os x anything but patches so it can run games ment for microslut operating systems lol and linux guys it wont happen to you your to smart hell you rebals without a pause prolly wrote it LMAO yeah we all know your a buncha happa'nen guys real popular with the ladys and such hell the regular joe nobody goes to buy a pc in a store is he offered linux no wanna know why LOL cause it dont sell.... sometimes theres a reason things are free LOL microsoft got attacj boo whooo hey win guys grow up people are always taken shots at the biggest thing on the block cause they cant get there themselfs LMAO | |
|
| youngmoore
join:2001-03-16
Marietta, GA | I'm SOOOO with you on that one!!!!!
ym | |
|
| 
Horus2
Premium
join:2001-10-07
Nutley, NJ
| said by unixnoob :
America is going to reap the effects of all of the outsourcing of IT functions to offshore, disinterested, underpaid and braindead third party contractors!!!
Mark my words!!!
Because there are too many lazy Windows "point and click" Admins... and BTW India, China, etc, etc are getting hit just as hard...
--
~~ Woot ~~ | |
|
| | |
BrooklynZoo
For Everthing Else, There's Mastercard
join:2001-04-01
Atlanta, GA
| I see it trying to hit me in my Zone Alarm log.... I see IP addresses looking for Port 135. I think this is the port that the virus tries to get to your computer on. Thank God for the patch, firewall, anti-virus and a Linksys router.
--
"If the door won't open, lookout because I am coming back to take the hinges off!" - Les Brown, Motivational Speaker | |
|
pcdebb
RIP dadkins
Premium
join:2000-12-03
Tampa, FL
clubs:
| lost jobs in its wake? I hope the network admin(s) of the Maryland DMV has a polished resume. For any company that was wide open to this attack should have classified ads in the paper today. If I can be unaffected and protected as a home user, I would think a business would be locked down even tighter than a nun's unmentionables.
--
I want to die in my sleep like my grandfather...not screaming and yelling like the passengers in his car ... (posts) ... AIM ... | |
|
| kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| Re: lost jobs in its wake? I'm thinking a lot of companies got hit because they had laid off a lot of IT staff and there wasn't enough resources available to patch their systems. That's what happened where I work... one can hope that an outbreak like this would be a wake-up call that ultimately results in the creation of jobs. Oh well, in my perfect fantasy world anyway... | |
|
| 
grunteled
Puffy And Prickly
Premium
join:2001-06-13
Kansas City, MO
clubs:
| Nobody but the folks at that DMV know the staffing and workload situation. Trying to keep a few hundred windows workstations updated in a controlled manor without the aid of software to push updates is all consuming. I know our desktop folks are swamped. On top of OS issues there are the endless IE exploits as well as third party mess. It's not always laziness that leads to such things.
Software is starting to become more of a liability than anything else. | |
|
lotsofplstic
join:2003-04-02
Parsons, KS
| I checked logs I found over a hundred ip's looking for port 135.
The IP address are form all over the world including Mexico most are from here in the states.
Thank god I have my Linkys and patched my systems.
--
Amd Athlon XP 2200+ mated to a FIC AU13 based on the nVidia nforce2 chipset 512MB of pc2700 DDR Geforce 3 mated to a Hansol 720A monitor 40GB IBM harddrive an Artec 52x CDRW Sony 16x DVD | |
|
| wtansill
Ncc1701
join:2000-10-10
Falls Church, VA | Re: I checked logs Yep. SMC Barricade router + Zone Alarm here. Lots of hits showing in my logs, but not intrusions...
--
That which does not kill me merely prolongs the agony. | |
|
| Bytezboy
join:2001-05-17
New York, NY | I see a lot of dropped TCP packets for the 23,000 range. | |
|
| kdroop
join:2001-08-26
Morgan City, LA | Hell I've had to adjust my log file size twice this is getting plain freakin ridiculous.I wish some of these machines would just die already damn. | |
|
|
ikarus1
Premium
join:2002-10-23
Urbanna, VA | NAT is your friend... TOO BAD Microsux don't do NAT...
-m- | |
|
dmd8605
join:2001-12-13
West Milton, OH | This thing is getting around Just looking at my 100 most recent log entries, 56 (!) are scans by this. Scary. Thank God for ZA. | |
|
P8ntball Guy
join:2003-08-10
Buffalo, NY
| This is it. Here is what it will look like. I got this from a friend that got hit.
[text was edited by author 2003-08-12 22:51:07] | |
|
BrooklynZoo
For Everthing Else, There's Mastercard
join:2001-04-01
Atlanta, GA
| Just look at my logs....
MSBLAST log |
--
"If the door won't open, lookout because I am coming back to take the hinges off!" - Les Brown, Motivational Speaker | |
|
soulburner
join:2002-09-23
Pahrump, NV
| Now I'm pissed... Ok, yesterday I couldn't care what was happening to the Windows people. Didn't affect me, so why should I care?
I tried to play DoD earlier today, and my favorite servers were VERY laggy. I gave up trying to play, and decide to browse some websites. Figure I'll check what's going on on dslreports news page. I click this topic... and see that the pie chart indicates this causes traffic to Half-Life ports. Now I'm pissed. *sigh*
Attack the Windows people all it wants... but don't screw with my gaming. | |
|
| |
| Angrychair
join:2000-09-20
Jacksonville, FL | Re: Yeah, but... Maybe it's just time you moved on to a better game? | |
|
| |
soulburner
join:2002-09-23
Pahrump, NV | Re: Yeah, but... Sorry, I don't consider these 99% eyecandy 1% gameplay "games" that people are releasing to be a "better game". So yes, when a better game does come out, maybe I'll move to it. It hasn't happened yet though. | |
|
| | | Angrychair
join:2000-09-20
Jacksonville, FL | Re: Yeah, but... Sorry, but if you're looking for better gameplay along the lines of counterstrike get ghost recon or one of it's ilk. Or maybe it's time to upgrade your PC, too? | |
|
Matt
Take me down to the paradise city
Premium
join:2003-07-20
Jamestown, NC | RoadRunner Locked Down It appears RoadRunner locked their network down, (at least where I am) around 11:30pm EST last night (8-11-2003).
I haven't gotten a single Port 135 probe since. | |
|
| |
|
|
|
·
·
·
I'd hate to be the Maryland State IT Director....
