Re: There seems to be a massive denial of service attack going on
From: Jupiter Jones [MVP] (jones_jupiter_at_hotnomail.com)
Date: 08/12/03
- Next message: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Previous message: Cari \(MS-MVP\): "Re: PLEASE HELP! Hackers got in my sys I think...."
- In reply to: Mark Jerome: "There seems to be a massive denial of service attack going on"
- Next in thread: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Reply: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Reply: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Aug 2003 16:26:49 -0600
Mark;
First, IMMEDIATELY disconnect from the internet before a "friend"
leaves a gift on your computer for you.
DO NOT reconnect until this issue is resolved.
Install or enable a firewall immediately.
http://support.microsoft.com/?kbid=283673
Run an updated virus scan.
Or Scan for Viruses online:
http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=IRLFIZTYMWPAZTJWUFJ
Also be sure to update immediately to prevent this in the future:
http://windowsupdate.microsoft.com/
This will tell you more:
http://www.microsoft.com/security/security_bulletins/ms03-026.asp
-- Jupiter Jones [MVP] An easier way to read newsgroup messages: http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp http://dts-l.org/index.html "Mark Jerome" <mdjerome@hotmail.com> wrote in message news:eavdZnEYDHA.2548@TK2MSFTNGP09.phx.gbl... > I too am seeing many of my clients remote PC's going down with this same RPC > and COM+ errors. The NT Authority auto shutdown that everyone is talking > about. > > > Basically all our users behind a firewall are not experiencing this problem. > Remote users that acces the interent and then come to our servers by way of > terminal connection are dropping like flies. > We have lost many systems today all going down one after another. > > These remote systems, since they use slow dialup were not patched against > this RPC exploit. We are trying to now but MS site seems swamped and we are > unable. Fortunately these people can stay up because they can RAS into our > firewalled site and then user their browser to get the update. Users that > only have internet access can not stay up long enough to get updates. > > All systems affected have the MSBlast.exe file that some poeple have talked > about. > > Does any security person know whats going on? > > How is the DOS working? Where is it coming from? Any word from Symantec or > Macafee on what msblast.exe is and what other files may have been affected? > > >
- Next message: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Previous message: Cari \(MS-MVP\): "Re: PLEASE HELP! Hackers got in my sys I think...."
- In reply to: Mark Jerome: "There seems to be a massive denial of service attack going on"
- Next in thread: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Reply: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Reply: Mark Jerome: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
