Slashdot Mirror


Nimda To Strike Again

Seabass55 writes: "Researchers say Nimda is set to propagate again after rechecking Nimda's code. God help all the MS boxes ... again." Looks like the owners of unpatched IIS machines have until 9 p.m. GMT (1 a.m. ET) to get ready. I'd like to see a nice double stockade for the writers of Sircam and Nimda, and maybe some fireants. Update: 09/27 22:45 GMT by T : Temporal confusion -- that's 5:00 GMT, sorry :) Update: 09/28 00:14 GMT by T : Carnage4Life contributes this link to a command-line tool from Microsoft to list patches already installed or still needed, if you think your Windows machine may be vulnerable.

7 of 523 comments (clear)

  1. Patch your damn servers! by jiheison · · Score: 5, Funny

    I'd like to see a nice double stockade for the writers of Sircam and Nimda, and maybe some fireants.

    Maybe just corn syrup and regular ants for the admins who still haven't patched their servers.

  2. sircam may me feel warm today though... by edrugtrader · · Score: 5, Funny

    a video game i wrote 10 years ago in Qbasic was just emailed to me today via sircam...

    that means that someone actually had it on their computer, and that made me feel all fuzzy.

    god bless sircam, and its glorious resurrection and distribution of great software titles.

    --
    MARIJUANA, SHROOMS, X: ONLINE?! - E
    1. Re:sircam may me feel warm today though... by BIGJIMSLATE · · Score: 5, Funny

      I had a similar case, but it involved some porn. Now naturally I'd be happy about that under normal circumstances, but not if it's my freaking SISTER!

      EWW.....

    2. Re:sircam may me feel warm today though... by ocie · · Score: 5, Funny

      Yeah, it's good to see that push technology is finally coming to the net :)

      --
      JET Program: see Japan, meet intere
    3. Re:sircam may me feel warm today though... by geekoid · · Score: 5, Funny

      isn't that the wierdest feeling?
      I went to a someone house to find out why there PC was running slow, they had a program I wrote 8 years ago, and they were still using it! I did ask him why he never sent the author the shareware money(10.00). he said "I'm sure he made so much money he won't miss my 10 bucks".
      then I told him it was me, and NO ONE sent me ANY money. boy did we laugh. Of course he still hasn't paid me my 10 bucks...rat bastard.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  3. Re:If you follow good practice... by Spy+Hunter · · Score: 5, Funny
    WARNING to IE6 users or people without Outlook installed: You are not invulnerable! A virus file on your system can still easily be excecuted. I recently got infected, and it was the dumbest thing ever. Some time ago I had to reinstall Windows (gdi.exe was corrupted!?!), so I backed my files up to my friend's computer over the network. To get them back I made an open share on my computer (should have had a password) and sent them over. When I was done I noticed that some *.eml files had been inserted into my open share. "Hey, that's the virus I read about on Slashdot," I thought. So I went to delete it. I simply selected the file to delete it (I didn't run it) but Explorer, in its infinite stupidity, ran the file in the preview pane! Simply by the act of selecting the file I had run it inadvertently! This on a system running IE6 without Outlook installed!

    Fortunately I was able to boot into Linux and delete all those .eml files, then download a virus remover from McAfee or someplace. But let this be a warning: Before deleting a .eml file, TURN FILE PREVIEWS OFF!

    --
    main(c,r){for(r=32;r;) printf(++c>31?c=!r--,"\n":c<r?" ":~c&r?" `":" #");}
  4. Here's how I'm getting them patched by DrSkwid · · Score: 5, Funny

    I've gone through my logs and found quite a few

    What I do is go connect to the offending box via smb

    Usually they have a printer attached to it so I print out a page of A4 with :
    "YOU ARE INFECTED WITH NIMDA, SORT IT OUT
    here's how : http://www.antivirus.com"

    on it in 72 point text

    it's working so far

    if they don't have a printer then they usually have an open share that's world writable so I leave text files called

    you are infected with nimda.txt

    and put the url inside them

    that's closed a couple too

    (I also found a keygen I'd been looking for so that was a bonus)

    I'm not sure if nimda resets the passwords but which might not lead to a surprise of how far you can go with

    un : adminsitrator
    pw :

    have fun

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter