RE: [Full-Disclosure] msblast

From: gml (gml_at_phrick.net)
Date: 08/12/03

  • Next message: Darren Reed: "[Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)" 
    To: "'harq deman'" <harqman@btopenworld.com>, <full-disclosure@lists.netsys.com>
Date: Mon, 11 Aug 2003 19:23:19 -0400

    Does anyone know if it somehow disables the ability to use Windows Update
    features?

    For some reason I can no longer run windows update, I'm going to look into
    it.

     

     

    -----Original Message-----
    From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of harq deman
    Sent: Monday, August 11, 2003 5:31 PM
    To: full-disclosure@lists.netsys.com
    Subject: [Full-Disclosure] msblast

     

    yawn.. OK.. the worm.. again

     

    It scans a randon b class based on the current hosts address

    it does not kill any AV products or firewalls

    it does not hide processes, files or network activity from the kernel

     

    when it packets windowsupdate.com on the 16th, it spoofs the last 2 octets
    of the source ip address, and continues to scan

     

    D-.. must try harder

     

    --harq

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Darren Reed: "[Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)"

    Relevant Pages

    • Re: Windows Update Problems
      ... (This is the WindowsUpdate control) ... >>> reason i dont have the windows update plugin in my ...
      (microsoft.public.windowsxp.general)
    • Re: Reboot of server by winlogon ?????
      ... WSUS runing or Windows update, any auto installation of patchs scheduled? ... It's our test exchange server... ... system reboot? ... reason: No title for this reason could be found ...
      (microsoft.public.windows.server.general)
    • Re: Unable to log in to Napster or anyting else for that matter !
      ... It's a sign of laziness and stupidity on my part that I didn't simply ask if Toney was up to date on Windows Update. ... For the consumer to use online music downloads takes a working relationship between them and Microsoft, and between their software and Media Player. ... When DRM is implemented as a single and open standard where licensing works across stores and devices and operating systems, just like television works across all brands and all channels, then DRM may have a chance of being a reliable source. ... Right now, just as I have stated before, the ability to use downloaded music is dependent on the whim and fortunes of both the store and the RIAA. ...
      (microsoft.public.windowsmedia.player)
    • Re: .mpg files wont play in Vista
      ... settings and features are, changed, damaged or disabled, beware! ... the second time I've had this problem after a windows update so I've ... updates from resetting my personal features or attacking my pre-existing ...
      (microsoft.public.windows.vista.music_pictures_video)
    • Re: Excluding Windows XP system files from virus scanning
      ... No logical reason, maybe no good reason. ... I was just pointing out that there was nothing valuable that ... Background Intelligent Transfer Service services just before the visit and ... it just takes longer at Windows Update ...
      (microsoft.public.windowsxp.perform_maintain)