Blaster Worm
- Thread starter listedguru
- Start date
Quote from plumlazy:
I haven't heard of it, but my version is about a yr old.
However, this question comes to mind. Why would you ping an intruder and even let him no that you exist, when basically B-Ice has made it look as if you don't exist?
What I'm trying to say is, if he doesn't know that you're there, why tell him. (could he not trace your ping and establish that your ip address does indeed exist?) I'm not sure, I'm no techie, I have a pretty simple mind...so I don't know all of the ins and outs of this stuff, but if my firewall told him I wasn't even there, I don't think I'd ping him. I'd leave well enough alone.
You got me there PL. I have had persistent intruders, a "ping of death" would crash their PC. Retribution I suppose. Good point.
I have heard of a "ping of death" = crash their pc.....I just haven't heard of it being associated with B-Ice.
I like retribution just as much as the next guy.
= don't get mad - get even !But the way I see it, if I ping him and somehow he gets back to me and we get into a hacking war, I'll lose for sure...lol...
Sometimes a good run beats a bad stand.
Quote from TM_Direct:
i spent an hour trying the xp patch at home and it did not work...
any suggestions? My computer closes down after about 4 minutes on line
Remove the worm:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
BEFORE you patch.
If your system is locking up or rebooting, end the task MSBLAST.EXE in order to buy more time.
Actually even before MS posted the patch in early July there was clear evidence that mischief would occur in the near future back in March: anyone watching their public facing networks would have seen a marked increase in scans on these particular MS ports: 135 - 139, 445 etc.
The best advice is to have a monitoring system that you actually check or that alerts you to increased activity in a certain area. This way you know the exploits people are attempting: once your public facing systems are locked down it is very difficult for an intruder to comprimise your systems.
If you are concerned about snooping there are numerous free sites on the internet run by government or academia that offer useful information: one of them is cert.org which you can check for after the fact notices of particular internet - wide problems.
The best advice is to have a monitoring system that you actually check or that alerts you to increased activity in a certain area. This way you know the exploits people are attempting: once your public facing systems are locked down it is very difficult for an intruder to comprimise your systems.
If you are concerned about snooping there are numerous free sites on the internet run by government or academia that offer useful information: one of them is cert.org which you can check for after the fact notices of particular internet - wide problems.
The MS update/patch doesn't remove the worm - it only stops it from getting in. If your machine is already infected, the patch won't kill it - you've got to get rid of the worm (kill the msblast.exe task from the task manager and then delete the msblast.exe from your hard drive).Quote from TM_Direct:
i spent an hour trying the xp patch at home and it did not work...any suggestions? My computer closes down after about 4 minutes on line
Then get a NAT router to front end you to the internet to block all such inbound hack attempts. If you're on dialup instead of broadband, you'll have to install firewall software instead of the cheaper/easier hardware solution.