Re: There seems to be a massive denial of service attack going on

From: Jupiter Jones [MVP] (
Date: 08/12/03

Date: Mon, 11 Aug 2003 16:26:49 -0600

First, IMMEDIATELY disconnect from the internet before a "friend"
leaves a gift on your computer for you.
DO NOT reconnect until this issue is resolved.

Install or enable a firewall immediately.

Run an updated virus scan.
Or Scan for Viruses online:

Also be sure to update immediately to prevent this in the future:

This will tell you more:

Jupiter Jones  [MVP]
An easier way to read newsgroup messages:
"Mark Jerome" <> wrote in message
> I too am seeing many of my clients remote PC's going down with this
same RPC
> and COM+  errors. The NT Authority auto shutdown that everyone is
> about.
> Basically all our users behind a firewall are not experiencing this
> Remote users that acces the interent and then come to our servers by
way of
> terminal connection are dropping like flies.
> We have lost many systems today all going down one after another.
> These remote systems, since they use slow dialup were not patched
> this RPC exploit. We are trying to now but MS site seems swamped and
we are
> unable.  Fortunately these people can stay up because they can RAS
into our
> firewalled site and then user their browser to get the update. Users
> only have internet access can not stay up long enough to get
> All systems affected have the MSBlast.exe file that some poeple have
> about.
> Does any security person know whats going on?
> How is the DOS working? Where is it coming from? Any word from
Symantec or
> Macafee on what msblast.exe is and what other files may have been

Relevant Pages

  • Re: Remote telnet through firewall failing
    ... > I have not found internet telnet to be the worst of the various security ... I was amazed that after months on the internet (directly to ... no firewall) there was no discernible problems. ... > firewall will open a port for that particular remote IP while the Java ...
  • Re: Remote user catch 22
    ... wireless internet connection the remote location is ... 3-4 users and a netgear router nad cable internet. ... Right now they use the software firewall and all works pretty well. ... your goals for the remote users (email access, ...
  • Re: Using Remote Assistance via Windows Messenger
    ... Neither PC needs to go through a firewall at this point. ... With RD you can have full control of the remote machine to accomplish the tasks you want to do. ... Brian A. Sesko ... Since we'll be connecting through the internet with 2 firewalls ...
  • Re: Remote user catch 22
    ... and a wireless internet connection the ... 3-4 users and a netgear router nad cable internet. ... Right now they use the software firewall and all works pretty well. ... what are your goals for the remote users ...
  • Re: MS Firewall
    ... Big mark wrote / skrev: ... The built-in firewall only blocks incoming traffic. ... programs are allowed to connect out to the internet as well. ... "real" personal firewall however will pop up a question about whether ...