neowin_hipster Posted September 8, 2003 Share Posted September 8, 2003 Every day, i get maybe 20 or 30 new "attemps" by an msblaster variant. It's getting tiring and its very pathetic. Anyone else still seeing this stuff. Link to comment Share on other sites More sharing options...
John Veteran Posted September 8, 2003 Veteran Share Posted September 8, 2003 i'm not paying attention to my logs; i'll look once in a while, but for the most part, i know i'm secure enough :happy: i'm sure it's still going around. there might be a new version that doesn't have any side-effects (crashing RPC), so there are probably people out there that don't know they're infected :pinch: Link to comment Share on other sites More sharing options...
Kasteo Posted September 8, 2003 Share Posted September 8, 2003 Same here, I get MSblast email on my hotmail account around 5-10mails a day. It's so annoying. :no: Link to comment Share on other sites More sharing options...
MxxCon Posted September 9, 2003 Share Posted September 9, 2003 disable your firewall and those attempts won't "tire" you. if you are patched, they won't do anything. if you are not windows, they won't do anything either. Link to comment Share on other sites More sharing options...
Dazzla Veteran Posted September 9, 2003 Veteran Share Posted September 9, 2003 Same here, I get MSblast email on my hotmail account around 5-10mails a day. It's so annoying. :no: MSBlast doesn't spread via email. And yeah, I'm still getting hit a lot according to my router logs. Link to comment Share on other sites More sharing options...
blowdart Posted September 9, 2003 Share Posted September 9, 2003 I'm still seeing CodeRed attempts. This things never go away, just die back to one or two attempts a day. Link to comment Share on other sites More sharing options...
uniacidz Posted September 9, 2003 Share Posted September 9, 2003 Same here, I get MSblast email on my hotmail account around 5-10mails a day. It's so annoying. :no: MSBlast doesn't spread via email. And yeah, I'm still getting hit a lot according to my router logs. Yeh thats what i thought. : :D Link to comment Share on other sites More sharing options...
Kasteo Posted September 9, 2003 Share Posted September 9, 2003 Same here, I get MSblast email on my hotmail account around 5-10mails a day. It's so annoying. :no: MSBlast doesn't spread via email. And yeah, I'm still getting hit a lot according to my router logs. Yeh thats what i thought. : :D Hmm... then that's weird. I got several emails on my Hotmail account with .pif file attatched. When I try to download it to my HDD, Norton Antivirus alert me that it's MSBlast virus and delete it. I really want to save one for my collection though. :cool: Link to comment Share on other sites More sharing options...
John Veteran Posted September 9, 2003 Veteran Share Posted September 9, 2003 I'm still seeing CodeRed attempts. oh god :no: Link to comment Share on other sites More sharing options...
MxxCon Posted September 9, 2003 Share Posted September 9, 2003 Hmm... then that's weird. I got several emails on my Hotmail account with .pif file attatched. When I try to download it to my HDD, Norton Antivirus alert me that it's MSBlast virus and delete it. I really want to save one for my collection though. :cool: w32.sobig.f@mm is mass (e)mailer worm. hense you get .pif files attachments. w32.blaster.worm is a worm that spread by exploiting RPC hole(port 135) and variant F was designed to flood microsoft's windows update site. read http://www.sarc.com/ for lots more info Link to comment Share on other sites More sharing options...
Jon Posted September 9, 2003 Share Posted September 9, 2003 Yup the corporate world is still struggling as well. When the southwest schools came back online (last week) they basically DoS'd our pipe to the inet purely with ICMP + arp activity. As Blaster/Nachi dont make their presence known until a machine gets unlucky and has incorrect exploit code executed, they will exist in the wild indefinetly. Home users wont patch, its the way of things, and we should plan around that fact. It does look like Nachi is going to be the most persistant, until the code times out. Blaster was written by a monkey, Nachi seems to have been written a little better (despite the patch application failing the majority of the time). (Again its worth noting that Nachi is not a variant of the Blaster code) Link to comment Share on other sites More sharing options...
eth3l Posted September 9, 2003 Share Posted September 9, 2003 I get anywhere from 20 - 30 emails a day at the office. Link to comment Share on other sites More sharing options...
ericnmu Posted September 9, 2003 Share Posted September 9, 2003 I get anywhere from 20 - 30 emails a day at the office. thats sobig A lot of schools are charging 25 or 30 dollars if a computer on the network is found unintentionally spreading a virus, then another 30 to clean it. I work for the helpdesk at NMU, which has a laptop program, and gives out a laptop to its 12,000 students. I've had lines of people stretching in quarter miles, full of blaster/welchia worm when school started up. God it was bad. Link to comment Share on other sites More sharing options...
Recommended Posts