Re: There seems to be a massive denial of service attack going on
From: Jupiter Jones [MVP] (jones_jupiter_at_hotnomail.com)
Date: 08/12/03
- Next message: Jupiter Jones [MVP]: "Re: rpc fix"
- Previous message: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- In reply to: rainie klein: "There seems to be a massive denial of service attack going on"
- Next in thread: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Aug 2003 16:27:57 -0600
Rainie;
Microsoft is not really doing much right now.
However Microsoft did release the patch a few weeks ago to protect
against this very issue.
First, IMMEDIATELY disconnect from the internet before a "friend"
leaves a gift on your computer for you.
DO NOT reconnect until this issue is resolved.
Install or enable a firewall immediately.
http://support.microsoft.com/?kbid=283673
Run an updated virus scan.
Or Scan for Viruses online:
http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=IRLFIZTYMWPAZTJWUFJ
Also be sure to update immediately to prevent this in the future:
http://windowsupdate.microsoft.com/
This will tell you more:
http://www.microsoft.com/security/security_bulletins/ms03-026.asp
-- Jupiter Jones [MVP] An easier way to read newsgroup messages: http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp http://dts-l.org/index.html "rainie klein" <rainieklein@msn.com> wrote in message news:04cc01c36054$3d58e060$a401280a@phx.gbl... > it seem to me that it is a virus, I don't know what ms is > doing about this issue I just receive this patch for the > hole the virus is getting in through. Our phones jumped > off the hook about 10 minutes when I came into work. I > came here to see what was going on and I saw all these > people with the same issues... IS THERE ANYTHING i CAN DO > TO HELP ??? i COULD I EMAIL YOU ANYTHING? > > -RAINIE > >-----Original Message----- > >I too am seeing many of my clients remote PC's going down > with this same RPC > >and COM+ errors. The NT Authority auto shutdown that > everyone is talking > >about. > > > > > >Basically all our users behind a firewall are not > experiencing this problem. > >Remote users that acces the interent and then come to our > servers by way of > >terminal connection are dropping like flies. > >We have lost many systems today all going down one after > another. > > > >These remote systems, since they use slow dialup were not > patched against > >this RPC exploit. We are trying to now but MS site seems > swamped and we are > >unable. Fortunately these people can stay up because > they can RAS into our > >firewalled site and then user their browser to get the > update. Users that > >only have internet access can not stay up long enough to > get updates. > > > >All systems affected have the MSBlast.exe file that some > poeple have talked > >about. > > > >Does any security person know whats going on? > > > >How is the DOS working? Where is it coming from? Any word > from Symantec or > >Macafee on what msblast.exe is and what other files may > have been affected? > > > > > > > >. > >
- Next message: Jupiter Jones [MVP]: "Re: rpc fix"
- Previous message: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- In reply to: rainie klein: "There seems to be a massive denial of service attack going on"
- Next in thread: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
