Even more disturbing then the fact that they use the internet and not there
own subnet is that they are running Windows, and on top of this MS SQL.
Unfortunatly American Express is also having problems. After not being able
to check my account, I called them and they to have locked down services for
the time being.

PEOPLE PATCH YOUR SYSTEMS REGULARLY!

--
Best Regards.

eM

----- Original Message -----
From: "Brian McGrogan" <brian (at) encinc (dot) com [email concealed]>
To: "Richard M. Smith" <rms (at) computerbytesman (dot) com [email concealed]>
Sent: Saturday, January 25, 2003 8:08 PM
Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

> The fact that the nations largest banking institution relies on the
> Internet for ATM transactions is disturbing. I personally experienced
> this while at a Bank of America ATM today. I will never use Bank of
> America because of a statement like that.
>
> -brian
>
> On Sat, 25 Jan 2003, Richard M. Smith wrote:
>
> > However, this worm might not be so harmless as it appears because of
> > collateral damage:
> >
> > Bank of America ATMs Disrupted by Virus
> >
> > http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2

> > 0030125/tc_nm/tech_virus_dc
> >
> > "SEATTLE (Reuters) - Bank of America Corp. said on
> > Saturday that customers at a majority of its 13,000
> > automatic teller machines were unable to process
> > customer transactions after a malicious computer worm
> > nearly froze Internet traffic worldwide."
> >
> > Richard M. Smith
> > http://www.ComputerBytesMan.com
> >
> > -----Original Message-----
> > From: Jason Coombs [mailto:jasonc (at) science (dot) org [email concealed]]
> > Sent: Saturday, January 25, 2003 4:41 PM
> > To: Jay D. Dyson; Bugtraq
> > Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
> >
> >
> > Jay Dyson wrote:
> > > And to think...up until tonight, I thought the vulnerabilities
> > > that paved the way for Nimda were the worst that Microsoft could do
> > > to the net.community. They've really topped themselves this time.
> >
> > As of now we don't know who wrote the worm, but we do know that it looks
> > like a concept worm with no malicious payload. There is a good argument
> > to
> > be made in favor of such worms. Whomever did write this worm could have
> > done
> > severe damage beyond unfocused DDoS and chose not to do so. One would
> > expect
> > intelligence agencies in developed countries to write and release
> > precisely
> > this type of concept worm as a form of mass inoculation against
> > malicious
> > attacks.
> >
> > Before you get upset at your vendor, or anyone else's, consider the
> > bigger
> > picture and recognize the increased security hardening the Internet just
> > received. Belief in this silver lining shouldn't be taken too far, of
> > course, but flaming anyone over an event like this is misplaced
> > considering
> > the number of infosec experts who would probably have agreed to write
> > this
> > worm if approached by their nations' government with proof that an
> > adversary
> > was planning to cause severe harm by exploiting the W32/SQLSlammer
> > vulnerability.
> >
> > Sincerely,
> >
> > Jason Coombs
> > jasonc (at) science (dot) org [email concealed]
> >
> >
>

[ reply ]