Merged: W32 Blaster Virus

[marcsparks2002]

my mate had the this last nite all sorted within a few minutes thanks to the valuable info here (well i had to sort it for him) all because he took his firewall off because it blocked him on msn what a dope btw anyone know why i keep gettin icmp echo requests (ping) from an 81 range ip, had 7 today and about the same last nite ,zonealarm is showing them in the log ....atb marc

[BenH]

Quote:

Originally posted by distortal
Is there something I should know?

Well you last post ended rather ominously, kind of 'the router has just burst into flames' ending

Quote:

The program is available online btw:
http://www.tnk-bootblock.co.uk/prods...terBlaster.zip

Well Done!! Regretably I'm severely alergic to VB

Regards,

Ben

[BenH]

Quote:

Originally posted by hawkmoon
If you take another read of what I wrote very carefully you will notice that I said that the 40-60Mb updates WERE SECURITY RELATED! The full update including non-security related came to over 150Mb! Oh and there was no optimized kernal included in those downloads.

Then prehaps you should switch your distro. I had to do a clean install of SuSE 8.2 last week due to me rendering it unbootable playing about with the kernel. Install and update took me a total of 45 mins.

And again, I note that you are completely ignoring the points I raised in my previous posts.

Quote:

Just for the record I do not do helpdesk. Not all support analysts are helpdesk. I am actually part of system services which looks after servers - no user interaction at all.

I can well imagine that they wouldn't let you interact with customers.

Excuse me! Is this the thread for merged:W32 Blaster Virus?Only it's hard to tell due to the fact of you two being all macho about OS's.How about continuing this spat in private?

Thank you.

Incog.

[DeadKenny]

Quote:

Originally posted by Lord Nikon
Plus when a new linux kernel is released, that is what it is... new

Looking at this recent exploit that has come to light...

Affected Versions....

NT 4 circa 1995?
Windows 2000 2000
Windows XP 2001
Windows 2003 2003

So the issue has existed for 8 years accross 4 platforms..

How much legacy code do they blindly copy between versions?

If it aint broke don't fix it... well until someone spots the flaw 8 years down the line .

I get extremely concerned about the number of kernel updates with Linux (many security related, especially the ICMP flaw). This is the core of the operating system and should be solid and stable with no need to update on a regular basis. What's so cool about having a "new" kernel all the time? I update a lot of stuff on RedHat without worrying too much, but the kernel updates I investigate thoroghly just to see what's been changed.

That's what I like about the NT line of Windows. It's still good old solid NT kernel underneath that I can trust and each version builds on it's core stability. The bugs are all with the add-ons. Sure, they are considered "part" of the OS because Microsoft wrote them all (or at least bought the companies that did ). It's no different with Linux apart from who "owns" what. It's still a core kernel and OS and then other apps on top.

As a developer in a commercial environment, I hate open-source. It really slows down the development process and you end up fixing everyone elses bugs just to get things working, which ultimately costs the company more in man-hours. I've experienced this a lot and I'd much rather the company pays for a commercial product, thoroughly tested by professionals, with certification and decent QA (rather than testing by 1000s of 12 year olds who don't have huge salaries and a job at stake as their incentive to ensure quality

[DeadKenny]

Quote:

Originally posted by Incognitas
Excuse me! Is this the thread for merged:W32 Blaster Virus?Only it's hard to tell due to the fact of you two being all macho about OS's.How about continuing this spat in private?

It happens every time a security flaw occurs in Windows.

I use Windows (NT,2k,XP), Linux, Solaris and AIX, and they all have their flaws including security flaws. I know which I prefer, but that's my preference. However you won't find Windows users getting smug about their OS every time a security hole is found in Linux.

Just the way it is really. Bill has made a heck of a lot of money, many of us have nicely paid jobs thanks to him, and I guess some people can't accept that.

[darant]

Quote:

Originally posted by DeadKenny
It happens every time a security flaw occurs in Windows.

I use Windows (NT,2k,XP), Linux, Solaris and AIX, and they all have their flaws including security flaws. I know which I prefer, but that's my preference. However you won't find Windows users getting smug about their OS every time a security hole is found in Linux.

Just the way it is really. Bill has made a heck of a lot of money, many of us have nicely paid jobs thanks to him, and I guess some people can't accept that.

Well done that man. Well, Bill pays my wages and we also get hit by the same things as everyone else here. Viral etc. As I said before, everything is open to exploitation whether it be Microsoft, Linux, Solaris.

[Ramrod]

Quote:

Originally posted by Chimaera
Have scanned my pc for viruses and it's ok, and have up to date McAffee - will that do?

Hope so, thats what I've got
....you do have McAfee firewall as well?

[hawkmoon]

Quote:

Originally posted by BenH
Then prehaps you should switch your distro. I had to do a clean install of SuSE 8.2 last week due to me rendering it unbootable playing about with the kernel. Install and update took me a total of 45 mins.

And again, I note that you are completely ignoring the points I raised in my previous posts.



I can well imagine that they wouldn't let you interact with customers.

Can you keep the personal insults out of this please.

What my job entails and whether I am good at customer care / services is not really any of your business. I have done low level tech support and worked my way up to a more senior position with a very good proven track record.

Plus trying to cast aspersions on my abilities is not the best way to win an argument - as they say those who resort to insults tend to have lost the argument.

Yes I am ignoring the points as I just don't desire to argue with you about how perfect Linux is anymore! It is getting very boring.

[Ramrod]

Quote:

Originally posted by Incognitas
Excuse me! Is this the thread for merged:W32 Blaster Virus?Only it's hard to tell due to the fact of you two being all macho about OS's.How about continuing this spat in private?

Thank you.

Incog.

Absa-fu*kin-lutely

[hawkmoon]

Quote:

Originally posted by Incognitas
Excuse me! Is this the thread for merged:W32 Blaster Virus?Only it's hard to tell due to the fact of you two being all macho about OS's.How about continuing this spat in private?

Thank you.

Incog.

Sorry Incog - didn't really mean to drag this into a Win v Linux war.

I just get a little sick and tired of fixing problems by those who have got complacent and think that nothing serious will happen to them, regardless of whether they run Win, Unix, BSD-based or Linux.

[hawkmoon]

Quote:

Originally posted by darant
Well done that man. Well, Bill pays my wages and we also get hit by the same things as everyone else here. Viral etc. As I said before, everything is open to exploitation whether it be Microsoft, Linux, Solaris.

This is what I have been trying to say.

Trust me I am not a foaming at the mouth Windows can do no wrong devotee - I know it has major flaws, just as all OS's have.

I obviously made a mistake and took the bait - and for that I appologize to everyone else on this thread. :o

This is definately the last I am going to say on the matter.

[hawkmoon]

Right back on topic - sort of anyway.

I hope the majority of you have patched yourselves now.

The same exploit that the blaster virus uses can also be used by a third party to open a remote desktop session - once they have changed the password for the admin account (which is another reason why you should rename the default admin account).

Also the next gen of RPC exploit viruses will have much more devestating payloads - although this one will very likely hit MS pretty hard.

[danielf]

It's still going like crazy. I consistently get about 20 in ten minutes. I am very happy with my router

[BenH]

Quote:

Originally posted by DeadKenny
I get extremely concerned about the number of kernel updates with Linux (many security related, especially the ICMP flaw). This is the core of the operating system and should be solid and stable with no need to update on a regular basis. What's so cool about having a "new" kernel all the time? I update a lot of stuff on RedHat without worrying too much, but the kernel updates I investigate thoroghly just to see what's been changed.

The kernel is under constant development 24 hours a day as a result the development cycle is way, way faster than a commercial program hence their can be 2 kernels released in a single week. However you do not have to install them or even patch them. One of our Postgre servers is still running on 2.4.6/SuSE 7.3 without any stability problems and has been running non-stop since it was turned on 18 months ago.

Quote:

That's what I like about the NT line of Windows. It's still good old solid NT kernel underneath that I can trust and each version builds on it's core stability. The bugs are all with the add-ons. Sure, they are considered "part" of the OS because Microsoft wrote them all (or at least bought the companies that did ). It's no different with Linux apart from who "owns" what. It's still a core kernel and OS and then other apps on top.

Solid, Stable, Trust and NT do not belong in the same sentance. NT is essentially a fancy microkernel similar to the Herd, Linux is monolithic. Monolithic kernels are inherently stable due to the lack of intercommunication betwen the processes. Sure they've come a long way from NT4 to NT5.1, but the uptimes dont even begin to compare.

Also you've failed to say why MS marketing department (which lets face it is the real sucess of the company) had NT 5 renamed to 2000...

Quote:

As a developer in a commercial environment, I hate open-source. It really slows down the development process and you end up fixing everyone elses bugs just to get things working, which ultimately costs the company more in man-hours. I've experienced this a lot and I'd much rather the company pays for a commercial product, thoroughly tested by professionals, with certification and decent QA (rather than testing by 1000s of 12 year olds who don't have huge salaries and a job at stake as their incentive to ensure quality [/B]

And here we come to the rub, let me guess, your a .NET developer. The same .NET that Gartner pointed out was a huge security nightmare.

Well I'm also a developer, mainly for 8 and 16 bit microprocessors using C and ASM for R&D companies and I can categorically state that open source software is by far superiour to its closed source equivalent. GCC and GDB are frikkin godsends (and this is from an Atheist). OOo outperforms Office without breaking a sweat. MySQL and Postgre walk all over SQL Server because they actually follow the ANSI standards, likewise with Mozilla and likely Chandler. A couple of months back I saved an art department £30K by showing them the GIMP for 15 mins rather than Photoshop. Heck you can now even get groupware free thanks to skyrix from http://opengroupware.org . Apache runs some 60+% of the worlds webservers, compared to IIS 30%. The list goes on and on.

As for your claims of testing, well I guess you never heared of the OSDL? Or the way IBM, Oracle, Novell, SUN et all are fully behind linux and do alot of the testing in conjunction with the major distros. Infact the only major software company that isnt backing Linux is your paymaster. Their too busy being afraid of it and using others to spread FUD.

The only 12 year olds writing wild code are the script kiddies making your paymasters customers/victims life unplesant.

Regards,

Ben