Re: There seems to be a massive denial of service attack going on
From: Mark Jerome (mdjerome_at_hotmail.com)
Date: 08/12/03
- Next message: randy: "RPC and shutdown"
- Previous message: Mike Mulligan: "Re: Virus in microsoft Patch"
- In reply to: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 12 Aug 2003 09:48:29 -0400
Disregard last Post
Here is the file as a single download
"Jupiter Jones [MVP]" <jones_jupiter@hotnomail.com> wrote in message
news:%23PsBqeFYDHA.1620@TK2MSFTNGP12.phx.gbl...
> Mark;
> First, IMMEDIATELY disconnect from the internet before a "friend"
> leaves a gift on your computer for you.
> DO NOT reconnect until this issue is resolved.
>
> Install or enable a firewall immediately.
> http://support.microsoft.com/?kbid=283673
>
> Run an updated virus scan.
> Or Scan for Viruses online:
>
http://security.symantec.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=IRLFIZTYMWPAZTJWUFJ
>
> Also be sure to update immediately to prevent this in the future:
> http://windowsupdate.microsoft.com/
>
> This will tell you more:
> http://www.microsoft.com/security/security_bulletins/ms03-026.asp
>
> --
> Jupiter Jones [MVP]
> An easier way to read newsgroup messages:
> http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
> http://dts-l.org/index.html
>
>
> "Mark Jerome" <mdjerome@hotmail.com> wrote in message
> news:eavdZnEYDHA.2548@TK2MSFTNGP09.phx.gbl...
> > I too am seeing many of my clients remote PC's going down with this
> same RPC
> > and COM+ errors. The NT Authority auto shutdown that everyone is
> talking
> > about.
> >
> >
> > Basically all our users behind a firewall are not experiencing this
> problem.
> > Remote users that acces the interent and then come to our servers by
> way of
> > terminal connection are dropping like flies.
> > We have lost many systems today all going down one after another.
> >
> > These remote systems, since they use slow dialup were not patched
> against
> > this RPC exploit. We are trying to now but MS site seems swamped and
> we are
> > unable. Fortunately these people can stay up because they can RAS
> into our
> > firewalled site and then user their browser to get the update. Users
> that
> > only have internet access can not stay up long enough to get
> updates.
> >
> > All systems affected have the MSBlast.exe file that some poeple have
> talked
> > about.
> >
> > Does any security person know whats going on?
> >
> > How is the DOS working? Where is it coming from? Any word from
> Symantec or
> > Macafee on what msblast.exe is and what other files may have been
> affected?
> >
> >
> >
>
>
- Next message: randy: "RPC and shutdown"
- Previous message: Mike Mulligan: "Re: Virus in microsoft Patch"
- In reply to: Jupiter Jones [MVP]: "Re: There seems to be a massive denial of service attack going on"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
