You're right, this is just the penis32.exe variant
on
Blaster Writer Caught
·
· Score: 1
The WSJ says as much this morning (paid subscription required): The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that struck two days earlier; experts said its author made a few changes, including renaming the infecting-file from "MSBlast" to an anatomical reference.
>>*In fact, I was hit with MSBLAST 2 weeks ago. What did NAV do for me then? Nothing, apart from costing me an hour of my time.
That's because it's not a firewall, you dipshit. If you'd bothered to apply the free Windows patch you wouldn't have had a problem. Nobody but yourself to blame.
I'm sure most people here assume the opposite, but Outlook 2002 and 98/2000 with the security update applies are completely immune to this attack. They automatically strip executable attachments. Very recent Outlook Express versions also do this, although I'm not sure this is the default setting.
Think about how long it's been since there has been a large Outlook attack. It's been at least a couple of years. This tells me that the people spreading Sobig not only have no antivirus protection, they're using ancient and unpatched software.
Not true. It uses 135 and 4444. It's possible for an attack on the same buffer overflow to be invoked through a port 80 attack, but this worm doesn't do that.
I can appreciate problems like this. I haven't been responsible for server admin in a large organization since before security became such an issue. But I would think there would be a plan to patch internet-facing systems first with a package like HFNetChk or PatchLink or whatever.
Most patches can be put off because of other safety practices which can block the attack, but others, like this one, really need to be given priority.
This isn't strictly true. "Windows 2000 SP2 can install MS03-026." See http://www.ntbugtraq.com/default.asp?pid=36&sid=1& A2=ind0308&L=ntbugtraq&F=P&S=&P=33 56 for details.
This was one of the great sloppy lines of logic on which the trial was built. You might have noticed that Internet Explorer versions 1, 2, and basically 3 were failures, even though they too were bundled with Windows. THis was because they sucked. Microsoft products succeed when they do what customers want.
It's called intellectual property, and many of us make a living selling it. Artists, writers, musicians, programmers. They're selling ideas and expressions of ideas, and if you say they can't control their creations you're saying they have no right to make a living.
>>Actually Windows(tm) NT(tm) from version 3.1 through 3.51 the device drivers ran outside of kernel space in a different ring (one or two I think).
Not true at all. Windows NT has never used more than two privilege levels. Remember, those versions of NT also ran on the MIPS, PPC and Alpha chips, which have only user and supervisor modes.
A friend of mine has two of these solid ink lasers. She has to buy ink from them at normal prices, but she gets all the black ink she wants for free. Service included. You have to qualify in terms of how much of various types of docs you print.
Absolutely a quality company. I've been a customer for years and I get the feeling they care about the quality of the service they provide.
We've had a lot of problems lately coming out of their NYC POP, mostly because of (what Speakeasy says are) DOS attacks. But they're still the best deal out there by a mile.
For those of you who think modern Windows command prompts are the equivalent of DOS 5's prompt you're very wrong. See this MSDN page for the command reference for Windows XP. And I dare to say that the shell scripting capabilities are unparallelled if you consider Windows Script Host, which has been standard in Windows for many years.
If you give others the power to make derivative works you're giving up any power over the code. It's so obvious to most other people. The GPL is all about destroying intellectual property rights in software. Controlling other people's usage is what property rights are all about.
Slashdot Mirror
The WSJ says as much this morning (paid subscription required): The "Blaster.B" version of the infection, which began spreading Aug. 13, was remarkably similar to the original Blaster worm that struck two days earlier; experts said its author made a few changes, including renaming the infecting-file from "MSBlast" to an anatomical reference.
>>*In fact, I was hit with MSBLAST 2 weeks ago. What did NAV do for me then? Nothing, apart from costing me an hour of my time.
That's because it's not a firewall, you dipshit. If you'd bothered to apply the free Windows patch you wouldn't have had a problem. Nobody but yourself to blame.
I'm sure most people here assume the opposite, but Outlook 2002 and 98/2000 with the security update applies are completely immune to this attack. They automatically strip executable attachments. Very recent Outlook Express versions also do this, although I'm not sure this is the default setting.
Think about how long it's been since there has been a large Outlook attack. It's been at least a couple of years. This tells me that the people spreading Sobig not only have no antivirus protection, they're using ancient and unpatched software.
Not true. It uses 135 and 4444. It's possible for an attack on the same buffer overflow to be invoked through a port 80 attack, but this worm doesn't do that.
I can appreciate problems like this. I haven't been responsible for server admin in a large organization since before security became such an issue. But I would think there would be a plan to patch internet-facing systems first with a package like HFNetChk or PatchLink or whatever.
Most patches can be put off because of other safety practices which can block the attack, but others, like this one, really need to be given priority.
>>The patch requires at least Windows 2000 SP3
& A2=ind0308&L=ntbugtraq&F=P&S=&P=33 56 for details.
This isn't strictly true. "Windows 2000 SP2 can install MS03-026." See http://www.ntbugtraq.com/default.asp?pid=36&sid=1
Dear all of you who are being hit by this attack:
Why hadn't you applied the patch before? It was released 7/16 and nothing has had this level of publicity before.
Why?
I don't see anything about driver support for Ethernet cards, for example. I didn't scour the site but nothing popped out at me.
Anyone know?
My experience too. I stopped bothering with caller ID altogether because so many of the calls are UNAVAILABLE.
This was one of the great sloppy lines of logic on which the trial was built. You might have noticed that Internet Explorer versions 1, 2, and basically 3 were failures, even though they too were bundled with Windows. THis was because they sucked. Microsoft products succeed when they do what customers want.
It's called intellectual property, and many of us make a living selling it. Artists, writers, musicians, programmers. They're selling ideas and expressions of ideas, and if you say they can't control their creations you're saying they have no right to make a living.
>>Actually Windows(tm) NT(tm) from version 3.1 through 3.51 the device drivers ran outside of kernel space in a different ring (one or two I think).
Not true at all. Windows NT has never used more than two privilege levels. Remember, those versions of NT also ran on the MIPS, PPC and Alpha chips, which have only user and supervisor modes.
It's not free. $99 startup fee.
Beware of freecolorprinter.com. Not as good a deal.
Go to http://www.freecolorprinters.com
A friend of mine has two of these solid ink lasers. She has to buy ink from them at normal prices, but she gets all the black ink she wants for free. Service included. You have to qualify in terms of how much of various types of docs you print.
And I suppose you all are running RedHat 4.2?
After Ralph Nader wrote MS a letter in January 2002 urging them to pay a substantial dividend you'd think other reflexive MS critics would applaud the move. Not the case here, where anything they do, no matter what, is the urging of Satan. This site can be a cesspool of shallow thought sometimes.
Absolutely a quality company. I've been a customer for years and I get the feeling they care about the quality of the service they provide.
We've had a lot of problems lately coming out of their NYC POP, mostly because of (what Speakeasy says are) DOS attacks. But they're still the best deal out there by a mile.
For those of you who think modern Windows command prompts are the equivalent of DOS 5's prompt you're very wrong. See this MSDN page for the command reference for Windows XP. And I dare to say that the shell scripting capabilities are unparallelled if you consider Windows Script Host, which has been standard in Windows for many years.
%systemroot%\ls.cmd
dir %1 %2 %3 %4 %5 %6 %7 %8 %9
>>Why upgrade a server if it still works?
Well if it works I guess you don't need support. No problem here.
If you give others the power to make derivative works you're giving up any power over the code. It's so obvious to most other people. The GPL is all about destroying intellectual property rights in software. Controlling other people's usage is what property rights are all about.
I don't see it on Expedia
I like my panakeia with syrup