Announcement

Collapse
No announcement yet.

If you use Windows 2000+ or Windows XP Read

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    If you use Windows 2000+ or Windows XP Read

    For those of you who havn't installed teh RPC DCom Patch you should do asap. http://www.microsoft.com/technet/tre...n/MS03-026.asp
    This is a small but very annoying exploit. Its easily fixed by the patch and closing RPC. If left unchecked the most common resuult will be a forced system reboot within 1min of booting up and getting on the net. If you have a fire you will want to block Port 135. Any other questions let me know. iv heard quite a few peolpe have been infected with this over hte last 24 hours, and expect it to spread quite rapidly.
    Tags: None
  • #2
    And if you haven't got one already, get a firewall!

    EDIT: OK, update time. There is a very nasty worm running amok at the moment that exploits this security hole. Patch everything you can, and get your virus scan as up-to-date as possible.
    Last edited by Itzena; 08-12-2003, 05:43 PM.
    Itzena Alhazared, Revenant of {Planeteers}, Vallon Zek. And also a seamstress.
    Gelcea Macha, Wandering Animist of Tarew Marr. Will be a smith, one day.

    "If it cannot hatch from it's shell, the chick will die without ever truly being born. We are the chick; the world is our egg. If we don't break the world's shell, we will die without truly being born. Smash the world's shell, for the Revolution of the World."

    Comment

    • #3
      here is a post that i made at /gu comics forums.

      HOW TO FIX
      OK everybody, bearcaller is coming to the rescue.

      The main issue with the new, wonderful msblast worm is that it is so poorly written that it causes a reboot loop. The way to stop in XP is too:

      Start up your computer---> (make sure after doing so that you set your start menu to classic interface)
      go to control panel ----->
      go to administrative tools--->
      go to services---->
      in the window that pops up, right-click on "Remote Procedure Call"-->
      select "properties"--->
      click the "recovery" tab at the top of the new window-->
      you should see three drop-down scroll boxes next to "first failure, second failure, subsequent failures. Set all three boxes to TAKE NO ACTION.---->
      click apply, click ok and you are done....you should no longer run into the boot loop problem. If you already have virus protection software make sure you update it and windows xp as well. If you don't have virus protection then you can go www.nai.com and download stinger to clean your computer for free.

      Comment

      • #4
        For those who are putting off patching:

        I put this off for a few days, then tried to download the Win2k patch, and it said I needed to install the Service Pack for 2k. (I recently wiped the drive, so no service pack yet).

        Well, that was more work then I cared to do.

        But there were more symptoms to the virus that I didn't know.

        If you've been having problems clicking on links, cutting/copying and pasting, or using the "Search" function of windows, then you've been hit. I was experiencing all of these, and now I knew why.

        Anyway, I ran the Symantec Fix, Installed SP4 from Microsoft, and Installed the Patch/Fix.

        Man, that was a pain.


        -Lilosh
        Venerable Noishpa Taltos , Planar Druid, Educated Halfling, and GM Baker.
        President and Founder of the Loudmouthed Sarcastic Halflings Society
        Also, Smalltim

        So take the fact of having a dirty mind as proof that you are world-savvy; it's not a flaw, it's an asset, if nothing else, it's a defense - Sanna

        Comment

        • #5
          MS just updated there msblast worm. Also if you think u might be infected you can find MSBLast.exe on your machine that means you are. Also it doesn't just chain reboot thats is one of the symptons. Once this has been exploited you can do everything you would be able to do in telnet using full `net` commands and such also being able to read your files, the most common telnet port opened is 666 & 4444.

          Edit: Lilosh you should always keep your service packs and updates up to date unless your running an system that doesn't allow it i very few people do ;p
          Last edited by Britneyy; 08-13-2003, 10:28 PM.

          Comment

          Previous template Next
          Working...
          X