SUS uses

From: Glenn Turner (glenn_at_GLENN-TURNER.COM)
Date: 08/17/03

  • Next message: Russ: "Mail from Microsoft regarding Blaster"
    Date:         Sun, 17 Aug 2003 10:24:28 +0200

    I read that Microsoft killed off to foil the worm:
    <> &id=13426

    As part of its effort to stop the progress of the MSBlast worm,
    Microsoft is killing off the address that the
    self-propagating program was set to attack.

    Because the worm is programmed to attack only that address and not the
    site that it redirects to, the software giant has decided to eliminate
    the address. The move is one of a series of efforts
    that Microsoft has undertaken to try to thwart an attack on its servers
    that was expected to be launched by infected computers starting Friday.
    "One strategy for cushioning the blow was to extinguish the" site, said Microsoft spokesman Sean Sundwall. "We
    have no plans to ever restore that to be an active site."

    On Thursday, Microsoft changed the Internet addresses that correspond to
    the entry in the domain name service servers that act
    as the Internet's address book. One source familiar with the change said
    that the new addresses are no longer on the same network as Microsoft's
    other servers, thereby insulating the company's servers from any attack
    aimed at Sundwall stressed that the Windows Update
    service remains up and running, noting that the service never connected
    to Access to Windows Update is built into the latest
    versions of Microsoft's Windows client and server operating systems.

    To get the latest patches, consumers can type in or, as Microsoft would prefer, go to the
    main page, where they can find information on downloading
    patches as well as on setting up a firewall and installing antivirus
    software. The worm is programmed to start attacking at
    12 a.m. Saturday. As a result, Australia was among the first countries
    to be affected, with midnight hitting at 7 a.m. PDT.

    However, SUS appears to rely on a address:

    Manual Sync Started- Sunday, August 17, 2003 10:16:57 AM Failed
    Updates Added:
    Updates Removed:
    Reissued Update(s):
            Unable to connect to server
    "". Verify that your proxy settings
    are configured correctly. (Error 0x80072EE7: The server name could not
    be resolved by DNS.)

    If Microsoft have no plans to restore, what are their
    plans for SUS?

    Munich, Germany

    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available. And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to


  • Next message: Russ: "Mail from Microsoft regarding Blaster"