d23 Posted September 4, 2003 Share Posted September 4, 2003 This morning i re-installed xp pro, as soon as i had installed my network card driver i went to windowsupdate.com and set all the critical updates to install. While this was happening my pc randomly rebooted i though nothing of it just part of the update process. Then later on in the day i noticed dllhost.exe was generating loads of traffic, i installed my virus checker and found i had been infected with W32.Nachi.A. It just seems scary that a vulnerability can be exploited so fast it must have been less than an hour that i was not patched ! :o Link to comment Share on other sites More sharing options...
Fredde87 Posted September 4, 2003 Share Posted September 4, 2003 OMG I cant believe this! I thought we where past the rpc exploit posts! Their is already 50 of them... But they are all lost now due to the server crash (the only good thing about it)... I'll go outside now, Im feeling down :p Link to comment Share on other sites More sharing options...
morganpugh84 Posted September 4, 2003 Share Posted September 4, 2003 Yeah it is amazing how quickly it spreads. i have seen systems get it within 10 minutes of being installed. Now I do not let anyone connect a system to the network before the patch and AV software is installed. I burned off about 100 CDs for everyone who needed one and just gave them out to anyone and everyone in the department with the patch and our AV software on. Link to comment Share on other sites More sharing options...
John Veteran Posted September 4, 2003 Veteran Share Posted September 4, 2003 for the love of god, turn on ICF :wacko: http://support.microsoft.com/?id=283673 Link to comment Share on other sites More sharing options...
Samoa Posted September 4, 2003 Share Posted September 4, 2003 This morning i re-installed xp pro, as soon as i had installed my network card driver i went to windowsupdate.com and set all the critical updates to install. While this was happening my pc randomly rebooted i though nothing of it just part of the update process. Then later on in the day i noticed dllhost.exe was generating loads of traffic, i installed my virus checker and found i had been infected with W32.Nachi.A. It just seems scary that a vulnerability can be exploited so fast it must have been less than an hour that i was not patched ! :o UPon connecting to the internet. you need to configure your firewall. Even if you do the patches you can still get the msblaster.exe. And any worm. Configuring your firewall is the most important. go to scan.sygate.com and run the stealth test, deny any pop up. Then to to dslreports.com and run the port scan. Deny any pop up. There is one more port 135 that needs blocking. Look in the the Blastervirus thread for the download to block that one. Link to comment Share on other sites More sharing options...
d23 Posted September 5, 2003 Author Share Posted September 5, 2003 I know i know, i can secure my pc fine, its just the speed that this all happened, i was downloading zonealarm at the same time. It just means i will have to be really careful with putting all this stuff on cd before hand next time. Link to comment Share on other sites More sharing options...
Recommended Posts