|
|
 |
|
|
Pages: 1
MSBlaster is quick
(Click here to view the original thread with full colors/images)
Posted by: SKYHN
Some relatives just got back from a 6 week trip on which they took their laptop with WinXP. They know very little about PCs so I usually have to do updates and everything. They didnt use the internet the whole time they were gone. So they get back, I go over to update. They started talking about MSBlaster and how worried they were. So I straight up said "Ill patch your PC for it, but your gonna get it before I get to that part" which scared them even more.
So I begin to update. First NAV. That goes good. Then I run Windows Update and get the updates to block Blaster. Id say the laptop had been on the net maybe 4 mins when BAM, error, system shutdown in 45 seconds. Shuts down, restarts, NAV Alert W32.Blaster.worm. It was pretty funny their reaction when that poped up and I said "Theres your worm". I believe it was something like "Oh my god, I just lost everything didnt I?!".
Anyways, I got it patched up and nothing was lost, of course. Ive never seen a worm that fast. Crazy stuff 
Posted by: Blackknight
Oh yeah it is fast. I was installing my sisters computer as she went to college and before I even had a chance to visit windows update, it was infected. I mean, it was less than 5 minutes it had been connected to the internet and 10 minutes it had actually been on! For the first time!
It was running through the college network pretty fastly.
Posted by: Shalome
Firewalls, people. Firewalls.
XP comes with a built-in firewall. Close port 135 BEFORE you hit teh intarweb and this stuff won't happen to you.
Posted by: Bobaroo
Thats why I love my Linksys router  No infections after installing XP, or when I first had my computer
Posted by: chaosisreality
really, firewalls are the key. I have the built in xp firewall for viruses, a zone alarm firewall for hackers, and a linksys router that helps with worms. I've never been hit except by a redlof virus, that turned out to be a fluke.
Posted by: d!g!talhardcore
 Quote:
Originally posted by Shalome
Firewalls, people. Firewalls.
XP comes with a built-in firewall. Close port 135 BEFORE you hit teh intarweb and this stuff won't happen to you.
|
But that's the thing, if you have a broadband connection, you are already online. That happened when I reformatted, about 3 or 4 minutes after the installation completed I got that little window that said it was shutting down. I thought the installation had gone bad, fortunately I had the patches and fixed it.
Posted by: Shadow_Wolf66
Yeah that blaster virus is a pain (but it really doesn't do much damage)
Only to Microsoft !
Posted by: Freak
Yeah no shit, I hooked up a friend's computer in the dorm to the internet, and like 2 hours later she got Blaster. I even asked the techs if their firewall was holding up against Blaster and they said yes. Dumbasses.
Posted by: Maverick
how does it get around so quick? What makes it go crazy like that?
(Don't answer if it's a big explanation.. I was just curious)
Posted by: SKYHN
It uses an exploit on TCP 135 and just waltzes right in. Its like if you left your front door open. That port has some kind of system commandability from remote, the port is flooded with data and it tells windows to download the blaster worm.
So if you dont have the patch fixing it and you dont have a firewall blocking TCP 135(and I think UDP 4444), you are pretty much destined to get it, if your OS is one of the ones with the vulnurability.
Posted by: redwench
the university firewall probably is blocking it. she probably got it from someone on the university system, who is already behind the firewall.
Posted by: Outlaw
Quote:
Originally posted by d!g!talhardcore
But that's the thing, if you have a broadband connection, you are already online.
|
See that cat5 cable that goes from your pc to your modem? I bet the worm will have a real hard time getting into your pc when it's not connected. 
Posted by: d!g!talhardcore
Quote:
Originally posted by Outlaw
See that cat5 cable that goes from your pc to your modem? I bet the worm will have a real hard time getting into your pc when it's not connected.
|
True, but I like to go ahead and activate my copy of XP through the internet immediately rather than wait, but true, i could do that.
Posted by: Freak
Quote:
Originally posted by redwench
the university firewall probably is blocking it. she probably got it from someone on the university system, who is already behind the firewall.
|
you are correct, the tech was monitoring the network. Somebody (probably me) hooked up a new computer to the network that instantly started sending out Blaster to all unpatched computers and he had to shut off my whole dorm to get it under control. Lol, oops?
Posted by: Lady Mariel
silly windoze 
|
|
|
|
|
