Kevin Poulsen, SecurityFocus 2003-08-14
The Blaster worm has infected hundreds of thousands of Windows machines, shut down the Maryland state DMV, put network administrators on overtime, crashed countless consumer's home computers, and on Saturday it will attempt a denial-of-service attack on Microsoft's Windows Update site. But that doesn't make it all bad.
Colapse all |
Post comment
The Bright Side of Blaster
2003-08-15
Anonymous (2 replies)
Anonymous (2 replies)
The Bright Side of Blaster
2003-08-16
Anonymous
Anonymous
Pretty clear to me who wrote the Worm..
Micro$oft...
Why ? As discussed it has got macines patched around the globe without to much damage..
Why do I think this? Its lame programming and the Syn attack (when it works) does not even hit the write site. It is made to look as if was written by...
[ more ] [ reply ]
Micro$oft...
Why ? As discussed it has got macines patched around the globe without to much damage..
Why do I think this? Its lame programming and the Syn attack (when it works) does not even hit the write site. It is made to look as if was written by...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-15
mark (at) challender (dot) com [email concealed] (3 replies)
mark (at) challender (dot) com [email concealed] (3 replies)
in my network of over 800 machines a firewall, automatic anti-virus and windows updating has saved my butt many times.
I wonder though, why won't the large ISPs (AOL, ComCast, Roadrunner, etc) firewall their networks and protect all of their customers?
A customer using one of those networks ra...
[ more ] [ reply ]
I wonder though, why won't the large ISPs (AOL, ComCast, Roadrunner, etc) firewall their networks and protect all of their customers?
A customer using one of those networks ra...
[ more ] [ reply ]
ISP firewalling
2003-08-15
altrroquando (at) hotmail (dot) com [email concealed] (1 replies)
altrroquando (at) hotmail (dot) com [email concealed] (1 replies)
naaaa,..
Just imagine this, i payed (a lot!) to My Isp for a static Internet address, to be free to run my odd services, that runs on odd ports or uses DCOM apps between Rome, Stockholm and NY.
.. and do u think i should leave my ISP kick my (small) business off the Internet because they hired a d...
[ more ] [ reply ]
Just imagine this, i payed (a lot!) to My Isp for a static Internet address, to be free to run my odd services, that runs on odd ports or uses DCOM apps between Rome, Stockholm and NY.
.. and do u think i should leave my ISP kick my (small) business off the Internet because they hired a d...
[ more ] [ reply ]
ISP firewalling
2003-08-18
Anonymous (1 replies)
Anonymous (1 replies)
Most cable modem ISP do not filter traffic at all. This hurts the majority of their customers by allowing kiddies playing DOS games and robbing legitimate users of bandwidth. I can see allowing special access for your small business but, a good network admin can buid an access list for the ports you...
[ more ] [ reply ]
[ more ] [ reply ]
ISP firewalling
2003-08-18
Anonymous
Anonymous
Comcast inherited many systems when it purchased ATT Broadband, which in turn, inherited many systems when it purchased MediaOne. MediaOne blocked ports 137-139 for most of its lifetime, and I believe it's successors have done the same. I'd bet they block port 135 as well. The original rationale ...
[ more ] [ reply ]
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-15
Anonymous (1 replies)
Anonymous (1 replies)
Thats right. The solution to the problem is to remove the service. Now if Ford had only removed the wheels from the Explorers they would never have rolled over from defective tires.
I'm so sick of this logic of firewalling everything and blaming anyone but the company that has produced the inse...
[ more ] [ reply ]
I'm so sick of this logic of firewalling everything and blaming anyone but the company that has produced the inse...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-18
Anonymous
Anonymous
Well said...There's many other examples that can be made on such things. ie: You take your car in to get the fuel system worked on, and it blows up killing you and/ or someone else. You think saying that it was your fault for putting fuel in it is going to float?...
No one expects everything to ...
[ more ] [ reply ]
No one expects everything to ...
[ more ] [ reply ]
hackers HATE worms
2003-08-15
a worm author (1 replies)
a worm author (1 replies)
I agree with the sentiment of this article completely!
Malicious attackers *HATE* worms, because worms kill the vulnerability. Anyone out there complaining about msblast or other worms (especially the worms that patch systems!) are idiots. If it weren't for all this panic mongering, attackers w...
[ more ] [ reply ]
Malicious attackers *HATE* worms, because worms kill the vulnerability. Anyone out there complaining about msblast or other worms (especially the worms that patch systems!) are idiots. If it weren't for all this panic mongering, attackers w...
[ more ] [ reply ]
hackers HATE worms
2003-08-16
Anonymous (2 replies)
Anonymous (2 replies)
"they probably pushed this one out themselves (and made it intentionally crappy to not draw suspicious)"
Actually, it is the quality of code in the MSBlaster worm that would lead me to believe it WAS Microsoft. They probably had thier best programmers working on it day and night instead of gett...
[ more ] [ reply ]
Actually, it is the quality of code in the MSBlaster worm that would lead me to believe it WAS Microsoft. They probably had thier best programmers working on it day and night instead of gett...
[ more ] [ reply ]
conspiracy
2003-08-17
Anonymouse
Anonymouse
Due to the non destructive nature of Blaster, I am inclined to think that an organisation Such as L.S.D may have produced this to kick MS in the pants. Surely any self-respecting virus writing script kiddy would have done something more.... interesting (or maybe it was written by a 7 yearold)....
[ more ] [ reply ]
[ more ] [ reply ]
hackers HATE worms
2003-08-17
bleek (1 replies)
bleek (1 replies)
why didnt the wormer just write the code to auto-patch the system. That would have been very interesting.
Would it be illegal for M$ to worm their own vuns to patch millions(well yer you know what i mean) of systems?...
[ more ] [ reply ]
Would it be illegal for M$ to worm their own vuns to patch millions(well yer you know what i mean) of systems?...
[ more ] [ reply ]
hackers HATE worms
2003-08-18
a worm author (2 replies)
a worm author (2 replies)
Yes, it would have been very illegal. those system's do not belong to microsoft, they just authored the software.
You know, I haven't read the fine print in the license, but I bet someone would have pointed this out by now if it was ok for microsoft to compromise windows machines :)...
[ more ] [ reply ]
You know, I haven't read the fine print in the license, but I bet someone would have pointed this out by now if it was ok for microsoft to compromise windows machines :)...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-15
rleroy (at) avantages (dot) com [email concealed]
rleroy (at) avantages (dot) com [email concealed]
It's funny to see how Windows worms evoluated. Do you remember Code Red and the unicode flaw?
It took almost 6 months for security experts to consider the flaw serious, nobody was expecting a worm out of this !!! Script Kiddie were at the 7th sky, lots of servers were vulnerable, until code red...
[ more ] [ reply ]
It took almost 6 months for security experts to consider the flaw serious, nobody was expecting a worm out of this !!! Script Kiddie were at the 7th sky, lots of servers were vulnerable, until code red...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-15
hackers? (1 replies)
hackers? (1 replies)
The Bright Side of Blaster
2003-08-16
Applied Slave
Applied Slave
Exactly!! These clowns need to be up to speed. Blaster. Please!! A professional hacker is already 10 steps ahead of the blaster exploit, this industry is just scrambling to cover their asses. I love it when they say "i'm an MCSE" I always think, well when I run out of toilet paper let me get at ...
[ more ] [ reply ]
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-16
praveen
praveen
The article is good in the sense that many people got new patches which would prevent hackers from attacking system. I feel the attacker is a windows guy not a linux as he is attacking and also giving the solution (got get it from windows update).If he really wanted to mess around real bad he could ...
[ more ] [ reply ]
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-17
X-HUMANATION - http://www.sinred.com (1 replies)
X-HUMANATION - http://www.sinred.com (1 replies)
I say that this was a warning to MS. As it says in msblast.exe "...stop making money and fix your software". How true is that.. MS have probably known that DCOM was exploitable, yet they do nothing about it until it becomes a world wide issue/problem..
X-HUMANATION
http://www.sinred.com
Securit...
[ more ] [ reply ]
X-HUMANATION
http://www.sinred.com
Securit...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-18
not-so-leet-dan (1 replies)
not-so-leet-dan (1 replies)
"it could have
really blocked almost the whole internet."
Are you freakin kiddin me? The blaster worm could only exploit windoze boxes. Do you have any idea how much of the server world is *nix???...
[ more ] [ reply ]
really blocked almost the whole internet."
Are you freakin kiddin me? The blaster worm could only exploit windoze boxes. Do you have any idea how much of the server world is *nix???...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-18
Anonymous
Anonymous
Microsoft touts "ease of use and security" to the average home user. I wonder if Microsoft would agree to mailing out all of the service packs and updates to every dial up user, at MS's expense that is..."holds breath"...
45 mins- 1 1/2 hours clean install and drivers. 3 more hours d/ling service...
[ more ] [ reply ]
45 mins- 1 1/2 hours clean install and drivers. 3 more hours d/ling service...
[ more ] [ reply ]
The Bright Side of Blaster
2003-08-20
Val
Val
I only know from my own user's experience - when a user is infected, and is given 60 seconds before their machine reboots, they are a LOT more likely to patch their systems. A sense of panic does wonders.
I think a major benefit of this worm is that it woke a lot of *admins* up to their exposure...
[ more ] [ reply ]
I think a major benefit of this worm is that it woke a lot of *admins* up to their exposure...
[ more ] [ reply ]
Seeing that this exploit could be even more fatal. I think this is just a live proof of concept with an attitude.
The shoe sorta fits because the worm targets windows up...
[ more ] [ reply ]