Quote from the review above... "but I suspect it might be uninteresting to people who aren't either gamers or interested in computers." Gee, you think so?
I can only surmise that this review was written from a hospital bed during recovery from major head surgery. OR was written by an 11-year-old who was getting a jump on his first book report of the upcoming school year. What's next, current events?
That current events report would go like this..."The Microsoft MSBlast worm really has an impact on us. Especially those people with computers and who like the Internet."
Probably because an uncontrolled visit to the Windoze Update site might require supporting patches in addition to the MSBlast patch itself. That in turn could mean tens (or even hundreds) of megs of downloads.
Simultaneous downloads all hitting certain network segments could obviously increase latency. Add to that the fact that the damn thing ICMP scans the same IP's over and over again doesn't help either.
If you simply look at overall Internet traffic and port activity you'll see that this one has made more of a dent than MSBlast itself.
Here's an idea...taken from a thread I posted to earlier.
How about state laws dictate that all citizens who purchase a PC provide their PC Operator's License? Similar to a citizen not being able to legally drive without passing a test to obtain a Driver's License.
It might not be foolproof, but at least it would be a step in the right direction. A PC Operator then would be tested on security patching, software installation and configuration, basic troubleshooting, etc. That might help take care of one third of the problem that exists with worm/virus/exploit damage affecting everyone to the degree it does. Lately an unlicensed driver isn't a big of a threat as a clueless PC owner!
Then things could be taken a step further and states could require that the other two-thirds of the problem (i.e. - programmers and sysadmins) undergo instructional classes to better prepare and prevent such issues.
Oh wait, most of these guys did go to some sort of formal training or instructional classes!
This is really interesting, to say the least. Especially if the recent blackout in the Northeast was actually due in part to placing mission critical apps on the Windoze OS. Initial reports said that the blackout was due to lightning hitting a Niagara Falls facility, but lately failures in Northern Ohio have been linked to the early problems that immediately preceeded the blackout.
If any of this could be tied back to Micro$loth software exploits hopefully 50 million customers who lost power could perhaps swing the national attention toward two facts:
Micro$loth software is faulty and isn't suitable for mission critical apps from a security standpoint.
The average home user who is barely computer literate shouldn't be running Micro$loth software on their PC's if they have Internet connectivity. They should have to take courses much like Driver's Ed for getting a driver's license.
Perhaps if folks had to take an exam before running Windoze they would at least have the sense to install a software/hardware firewall and routinely patch their shitty OS!
Checking the Internet Traffic Report site it appears as if Australia and Asia are both crawling. Don't know if this is entirely due to the Welchia worm, but blocking incoming ICMP packets on external interfaces is something I employ as a rule.
True that. Around my area I see on the news where three major hospitals were without computer resources due to getting hit. Interesting. It's like this:
Fail to apply the patches to fix a vulnerability that was discovered in 11/2002 and announced 7/2003. Microsoft sent e-mails to everyone on their security bulletin mailing list informing them of the severity. Even the Department of Homeland Security piped up.
Then have the entirety of the network --- from prescription workgroups to patient record workgroups to ER workgroups --- as one open playing field. Physical or logical subnetting is out of the question.
What makes this all the more ludicrous is that these places were relying on Windoze for mission critical functions and one place just was hit yesterday! No rush on patching things up I suppose.
Who says that hospital and banks should abandon their *ancient* mainframes and enter the 21st century? At least mainframe experts aren't some paper MCSE who are like deer in headlights when it comes to frontline troubleshooting and maintenance!
Actually the only detriment of Welchia is hogging Internet bandwidth. Blaster, OTOH drops off its initial payload via tftp, which then can allow other trojans to be dropped off as well.
To me I would think that Blaster would be more potentially dangerous, but agreed. Anyone with half a brain would block port 135 either on their PC, their router, or by calling their ISP for assistance.
Yep. The same originating address is hitting some of my users at a 50 messages/hour clip. I have copied the full headers and sent them off to their respective ISP's.
I know the From: field is spoofed, but the originating IP should be correct. Maybe the ISP can bitch-slap the bozos who launched the executables.
There are command line utils in Exchange 5.5 that can help delete these attachments totally. Look on the installation CD for details.
Starting with Office XP you'll see that Outlook automatically blocks attachments ending in PIF, BAT, EXE, etc. This is an absolute that can only be modified through admin policies out in an Exchange folder.
If you are looking for this type of deal I *think* Outlook 2000 has a service pack that installs the attachment blocking.
What are you talking about? Micro$loth recoded Windoze 2003 Server from the ground up with security in mind. Each and every line of code was peer reviewed for quality assurance. I read this myself in some of their Scientology-like propaganda.
Probably a damn lie like everything else they say, since Windoze 2003 Server was hit by the same RPC buffer overrun exploit that affected Windoze NT 4.0 Server!
The person you were on the phone with is probably a moron. I doubt packets were replaced with Folger Crystals or anything due to Windows Update compromises. You probably got RPC hit from another source while downloading the patch from Micro$loth.
That reminds of these Microsoft Business Network guys who installed some beta test apps at my company. These are for some.NET purchase order crap.
It took them 3 hours just to download and install countless service packs and security updates (although I told them that our private network is shielded from public Internet exploits therefore not all patches were necessary). They were rebooting over and over again and after 3 hours of work it took another 3 just to get the.NET Framework, IIS, and other services to communicate.
Personally I extract the security updates deemed Critical. Then I repackage them using a freeware packager called Little Setup Builder. The installations are all performed with the silent/no reboot option so they just deploy silently during the network logon scripting. Although the updates won't take effect because of not rebooting at least tons of business users aren't sitting on their hands while Micro$loth tries to polish their turd!
Off the subject, but hearing and experiencing increasing frustration with The Evil Empire..
All of the efforts Micro$loth has made to patch, update, and secure their software is akin to the adage, "You can't polish a turd."
That's what they have put out, and added layer upon layer to their bloated, pretentious OS and stagnant application suite.
Back in the day Windoze 3.1 seemed revolutionary. As did the quantum leap to Windoze 95. But past that end users started to see the instability, insecurity, and faults in their product.
Since then they have put on different window dressing on the same tired products. A future upgrade to Office 2003? Why, since most of the basic necessary business suite of features have been the present in the same form since Office 95? What is so new and must-have that some moron is going to shell out hundreds of dollars?
Bill Gates has never been a technical guru or industry visionary IMO. He just took other people's ideas, reinvented them as warmed over versions, and marketed them more effectively than predecessors.
MS-DOS versus PC-DOS. Windoze OS versus the Mac OS and UNIX X Windows. Excel versus VisiCalc and Lotus 123. Word versus WordPerfect. The list goes on and on.
After all of this crap now they want to drill into people's PC's? Yeah right. I'm about ready to take my XBox and set it on fire.
Here's the company that wants to automatically tap into your box...
Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ("Secure Content"), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update. "
No thanks. It's kind of like the book "Animal Farm." Things can creep in that wind up bastardizing the whole deal.
I know that Micro$loth purchased SCO IP licenses not too long ago, but other than the Xenix abortion of days long ago I think they are separate entities. Although equally deplorable...
Slashdot Mirror
"your" rather than "you're"?
"intense" rather than "intents"?
"ca'nt" rather than "can't"?
And I should have spelled ingredient correctly in my post too.
Actually it's spelled "flour" for the cooking ingrediant there Shakespeare. Maybe you should check yourself there G...
I can only surmise that this review was written from a hospital bed during recovery from major head surgery. OR was written by an 11-year-old who was getting a jump on his first book report of the upcoming school year. What's next, current events?
That current events report would go like this..."The Microsoft MSBlast worm really has an impact on us. Especially those people with computers and who like the Internet."
The ICMP traffic is the anti-MSBlast worm repeatedly scanning the Internet looking for vulnerable hosts to try to patch. Annoying to say the least.
Simultaneous downloads all hitting certain network segments could obviously increase latency. Add to that the fact that the damn thing ICMP scans the same IP's over and over again doesn't help either.
If you simply look at overall Internet traffic and port activity you'll see that this one has made more of a dent than MSBlast itself.
How about state laws dictate that all citizens who purchase a PC provide their PC Operator's License? Similar to a citizen not being able to legally drive without passing a test to obtain a Driver's License.
It might not be foolproof, but at least it would be a step in the right direction. A PC Operator then would be tested on security patching, software installation and configuration, basic troubleshooting, etc. That might help take care of one third of the problem that exists with worm/virus/exploit damage affecting everyone to the degree it does. Lately an unlicensed driver isn't a big of a threat as a clueless PC owner!
Then things could be taken a step further and states could require that the other two-thirds of the problem (i.e. - programmers and sysadmins) undergo instructional classes to better prepare and prevent such issues.
Oh wait, most of these guys did go to some sort of formal training or instructional classes!
This is really interesting, to say the least. Especially if the recent blackout in the Northeast was actually due in part to placing mission critical apps on the Windoze OS. Initial reports said that the blackout was due to lightning hitting a Niagara Falls facility, but lately failures in Northern Ohio have been linked to the early problems that immediately preceeded the blackout.
If any of this could be tied back to Micro$loth software exploits hopefully 50 million customers who lost power could perhaps swing the national attention toward two facts:
Micro$loth software is faulty and isn't suitable for mission critical apps from a security standpoint.
The average home user who is barely computer literate shouldn't be running Micro$loth software on their PC's if they have Internet connectivity. They should have to take courses much like Driver's Ed for getting a driver's license.
Perhaps if folks had to take an exam before running Windoze they would at least have the sense to install a software/hardware firewall and routinely patch their shitty OS!
Checking the Internet Traffic Report site it appears as if Australia and Asia are both crawling. Don't know if this is entirely due to the Welchia worm, but blocking incoming ICMP packets on external interfaces is something I employ as a rule.
Fail to apply the patches to fix a vulnerability that was discovered in 11/2002 and announced 7/2003. Microsoft sent e-mails to everyone on their security bulletin mailing list informing them of the severity. Even the Department of Homeland Security piped up.
Then have the entirety of the network --- from prescription workgroups to patient record workgroups to ER workgroups --- as one open playing field. Physical or logical subnetting is out of the question.
What makes this all the more ludicrous is that these places were relying on Windoze for mission critical functions and one place just was hit yesterday! No rush on patching things up I suppose.
Who says that hospital and banks should abandon their *ancient* mainframes and enter the 21st century? At least mainframe experts aren't some paper MCSE who are like deer in headlights when it comes to frontline troubleshooting and maintenance!
To me I would think that Blaster would be more potentially dangerous, but agreed. Anyone with half a brain would block port 135 either on their PC, their router, or by calling their ISP for assistance.
I know the From: field is spoofed, but the originating IP should be correct. Maybe the ISP can bitch-slap the bozos who launched the executables.
Starting with Office XP you'll see that Outlook automatically blocks attachments ending in PIF, BAT, EXE, etc. This is an absolute that can only be modified through admin policies out in an Exchange folder.
If you are looking for this type of deal I *think* Outlook 2000 has a service pack that installs the attachment blocking.
Hope this helps!
Maybe you're the guy contributing the crappy code, seeing you type like your fingers are wrapped in chicken wire.
Judy Branch is an attractive lady. Sincerely, Rosie O'Donnell
Probably a damn lie like everything else they say, since Windoze 2003 Server was hit by the same RPC buffer overrun exploit that affected Windoze NT 4.0 Server!
The person you were on the phone with is probably a moron. I doubt packets were replaced with Folger Crystals or anything due to Windows Update compromises. You probably got RPC hit from another source while downloading the patch from Micro$loth.
It took them 3 hours just to download and install countless service packs and security updates (although I told them that our private network is shielded from public Internet exploits therefore not all patches were necessary). They were rebooting over and over again and after 3 hours of work it took another 3 just to get the .NET Framework, IIS, and other services to communicate.
Personally I extract the security updates deemed Critical. Then I repackage them using a freeware packager called Little Setup Builder. The installations are all performed with the silent/no reboot option so they just deploy silently during the network logon scripting. Although the updates won't take effect because of not rebooting at least tons of business users aren't sitting on their hands while Micro$loth tries to polish their turd!
Maybe they should use their own SMS product. That is really a quality waste of capital and manhours. BWAHHAHAHAHAHAHAHAHAHAHAHAHA!!!
All of the efforts Micro$loth has made to patch, update, and secure their software is akin to the adage, "You can't polish a turd."
That's what they have put out, and added layer upon layer to their bloated, pretentious OS and stagnant application suite.
Back in the day Windoze 3.1 seemed revolutionary. As did the quantum leap to Windoze 95. But past that end users started to see the instability, insecurity, and faults in their product.
Since then they have put on different window dressing on the same tired products. A future upgrade to Office 2003? Why, since most of the basic necessary business suite of features have been the present in the same form since Office 95? What is so new and must-have that some moron is going to shell out hundreds of dollars?
Bill Gates has never been a technical guru or industry visionary IMO. He just took other people's ideas, reinvented them as warmed over versions, and marketed them more effectively than predecessors.
MS-DOS versus PC-DOS. Windoze OS versus the Mac OS and UNIX X Windows. Excel versus VisiCalc and Lotus 123. Word versus WordPerfect. The list goes on and on.
After all of this crap now they want to drill into people's PC's? Yeah right. I'm about ready to take my XBox and set it on fire.
Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ("Secure Content"), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update. "
No thanks. It's kind of like the book "Animal Farm." Things can creep in that wind up bastardizing the whole deal.
I know that Micro$loth purchased SCO IP licenses not too long ago, but other than the Xenix abortion of days long ago I think they are separate entities. Although equally deplorable...
When they screw up theyt just change the name. Like Ford Pintos metamorphosizing into the Ford Escort.
I think this is smart business. Next I want my red stapler back and my upstairs cubicle. Thanks, Milton from "Office Space"
Maybe the median life expectancy would then climb past the 30 year mark. That would be epic.