|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: New variant. Blast.b
From: Stuart (secmail
patchsupplier.dyndns.org)
Date: Thu Aug 14 2003 - 20:52:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I unbound file and print sharing then after doing a "netstat -an" it
showed that port 135, 445 and 1025 were not running on the external
interface (dialup/dsl)
I set this up on a box around 3 weeks ago and after going back to it
today which did not have the rpc patch installed it was fine, it is a
home user box directly connected to the net through DSL without
firewall.
Hope this helps
Stu
- -----Original Message-----
From: Glenn Pearl [mailto:glennpdatasync.com]
Sent: 14 August 2003 18:14
To: focus-mssecurityfocus.com
Subject: RE: New variant. Blast.b
The majority of my support calls regarding this worm have been from
home
users.
So I have a question:
Consider a home user with a single system who is Internet connected,
but
not doing any sort of Microsoft-based networking at all. Would not
unbinding the Client for Microsoft Networks from TCP/IP in the
network
connection properties (NIC or dialup, makes no difference) completely
prevent an attack from this worm or any of its variants?
Regards,
Glenn Pearl
> -----Original Message-----
> From: Thomas F. Szabo [mailto:tszabodiamondtech.net]
> Sent: Wednesday, August 13, 2003 4:01 PM
> To: Kim, Cameron; focus-mssecurityfocus.com
> Subject: RE: New variant. Blast.b
>
> Haven't seen this yet, but what I can add is that this is ripping
> through home users right now. If someone releases a variant that
> becomes more malicious than the variants currently in the wild we
> may see some serious problems. I urge everyone to try and get
> friends, family, etc., to patch their systems. All I keep hearing
> from people
is
> "you mean I can just get it? I don't have to open an email to get
> it?"
>
>
> Tom Szabo
>
> -----Original Message-----
> From: Kim, Cameron [mailto:CKimmdea.com]
> Sent: Wednesday, August 13, 2003 12:20 PM
> To: focus-mssecurityfocus.com
> Subject: New variant. Blast.b
>
> http://www.sarc.com/avcenter/venc/data/w32.blaster.b.worm.html
>
> Any Thoughts? Anyone see this one in their environment?
>
> Cameron Kim
> Mitsubishi Digital Electronics America
>
>
>
- ----------------------------------------------------------------------
- --
> ---
> Your network firewall and IDS products do not prevent Web
> application attacks - the most common form of online exploitation-
> resulting in
Web
> defacement, data theft, sabotage and fraud.
> KaVaDo is the only company that provides a complete suite of Web
> application security products.
> Download a FREE whitepaper on "Security Policy Automation for Web
> Applications":http://www.securityfocus.com/Kavado-focus-ms
>
- ----------------------------------------------------------------------
- --
> ---
>
>
>
- ----------------------------------------------------------------------
- --
- ---
> Your network firewall and IDS products do not prevent Web
> application attacks - the most common form of online exploitation-
> resulting in
Web
> defacement, data theft, sabotage and fraud.
> KaVaDo is the only company that provides a complete suite of Web
> application security products.
> Download a FREE whitepaper on "Security Policy Automation for Web
> Applications":http://www.securityfocus.com/Kavado-focus-ms
>
- ----------------------------------------------------------------------
- --
- ---
- ----------------------------------------------------------------------
- -----
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in
Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
- ----------------------------------------------------------------------
- -----
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQIVAwUBPzw84pMRMj30dWmZAQLURw//Vv3TeXoDcPVDt4AFELfDnEBKxQQ5Zscr
7fmLtgI54GJrWXnTpyCFiUBcze/Whk4NLlhE/g28mrM1aT7AXifVMLmoQ7Wijktq
uEdlmnl37PjhE1oo2UYag80FkaXJhQa/PuFg7/bNGnxrtn0wjGuajBpX/eorv3m/
6El27mqFcIQH0ND3jABTpWmNGUv3mMioc4XU+FYKxN1mYv2PawZ9bFSvp/PbTh05
E1h8JruQ7laCRKTWaxr/0g2LPfIlJYOm7ujF7lV4Ww1GJao2kaAUyKSpHmJe90UO
hP32UB2UIMvR0spOnW/h4zOZNcjrANEKcFHjfdxBz+gya+yJ9IAxtyaGXitbnX98
NtoFvVBXZceGj9M9KZUpsGpXX35WN+OARJIbJVC8gPstBFTsAIiA9KJ+ofsibyJ3
c9h0D/xGnd7SW7ohn9MI5g53JBWVdXCriDfdG74PmczbddnZiwYrgn2DdP/TOGXK
3hr2rA9AGend+KPZqMoVjUNbdw3AvNqb02O5Iu0x+gFM7Rm93GV6t/y3gKlfOS4R
0LMuL3BI1TTVa1lkLK3CtLITVpbXxlbKVif7uDSDRha4rNyXd6eC+ODe/IPSLOY4
/Ki616a5VcKvB2Wsum7r+YcF6egxBBuD5PuRTQmkdWtFuPw1uhcBBGjEuPe1BOkE
2etAX/4Y/ag=
=bVRb
-----END PGP SIGNATURE-----
---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]