Just a Warning

[Siphon]

Hey guys this is just a warning, you might wana update your Windows boxes and get new Service patches now if you're running 2k or XP because there are nasty scripts flying around and I've had 2 of my boxes go down already. You can read more about it here: http://www.techspot.com/vb/showthread.php?threadid=6651

 

[Korittke]

old news but its already a shitload of comps infected so better take this as a bump so more ppl would read it. btw the worm spreads by scanning ip ranges for vulnerable systems and installs itself on found comps via ftp and the dcom exploit. oh and beginning from aug 15 it will start attacking microsoftupdate.com with DoS attacks so you cant download the patch. hurry hurry.

 

[Siphon]

bump 4 more computers at work just went down cause some idiot left his computer on connected to Bank of America. BOA now has this ^_^ Might wana keep an eye on your credit card

 

[johnnq]

wut is taht? i have norton security professional...does that cover wut u posted up there? and wut does that protect-just ur copmuter in general?

 

[Siphon]

Umm I'm assuming your running Windoz (cause Gates is an asshat). There are security updates that it constantly nags you to download and install. If you havent installed the newest one you're vulnerable to this worm and you should go to the link i posted earlier to get all the details on it. You'll have to reformat or chkdsk and remove the virus if you get it which are both lengthy. =(

 

[johnnq]

ya my bro knows everything about computers (but i dont feel like asking him)...more than u guys! hes a freakin genius. u know those mind puzzles where u gotta get the ring off the contraption? he solved the most difficult 1 in 7 minutes. i guess ill dl it

 

[Siphon]

Ummm I doubt that your brother is so much a genius he can provide more help than a forum community... That's like Open Source vs Closed Source =)

 

[Ebay.God]

Thats like saying your king shit, never say you are, because there is always someone smellyer!

 

[Sicloan]

this worm attacked my ISP it was down for 25 hours with little or no connectivity! the technicions got it up and running again but this is some scary sh*t! it made the local / probably national news. there was also a message telling bill gates to fix his software :rofl anyway just a heads up on how bad this worm is!

 

[johnnq]

my bro is bein an ass about everything :\ dats all

 

[Hemophiliac]

Thanks for the heads up.

 

[laserjim]

no really... its called a worm, they have had it on the news for a long time.


Please close this line

 

[PiNk PeOn]

Plz say battleforums doesn't get attacked :S ... hell if that happened I'd go out and assisinate the guy who made this worm...

 

[Ultimate Empire]

Question: Will my firewall(s) block this worm?

 

[PiNk PeOn]

I don't know but get the update anyways at microsoft.com/downloads/search.aspx?displaylang=en

 

[Torubu]

Asnwer: Firewall's are meant to stop incoming connections, it most likely won't be able to stop a worm from doings it's work in your system.. because an active connection wouldn't be necessarily needed.

 

[seddes]

IF you stop the incoming traffic on ports TCP4444 , TCP135 , and UDP69 you wont have any problems...

 

[Hackstation]

Originally posted by seddes
IF you stop the incoming traffic on ports TCP4444 , TCP134 , and UDP69 you wont have any problems...

i love routers

 

[GhostBomber]

Ok.. just to help you all out a little. It spreads via a buffer overflow of the rpc service causing a hidden window cmd line to be active. And Korrittke, they put the files on there via tftp, not ftp. And blocking port 134 and 139? Uh, the rpc service runs through 135 guy. And yes to 69 though (tftp) - Of course, since windows has had an update out since July, if you're infected, it's your own fault. I demonstrated the ease and quickness of this on someone in the irc channel if anyone was there.. Of course, if you are behind your router, you're fairly safe unless you're an idiot who just has every port accessed on the router fowarded to the same port on your computer. And no, your firewall is not going to stop it. If you're running zonealarm and out of nowhere the scvhost.exe program asks for rights to access the local internet/act as server, deny it and count it as you being almost infected. You don't need to allow scvhost to access the net anyway.
http://www.informationweek.com/story/showArticle.jhtml?articleID=13100032 - article released as the worm started spreading. It was only a matter of time before it came out so no suprise there.

By the way johnq, just so you know, having norton is like having 5 year old virus protection. It seems to be the easiest virus scanner to avoid.

anti

 

[Hackstation]

Originally posted by GhostBomber

By the way johnq, just so you know, having norton is like having 5 year old virus protection. It seems to be the easiest virus scanner to avoid.

anti

correct u just pay for the name "Symantec .. "Norton" Antivirus its the same like Coca Cola or any noname Cola ;P


there are many unknown or even Free Antivirus Programs out there which pwn Norton 100times