Digg this topic
Add to my del.icio.us Protecting yourself against the Blaster worm |
|
|
|
|
|
Late(st) News | Zenith Picture Gallery | Most
Recent Community Topics | Tips, Tricks and Other Useful Stuff
  |
| Protecting yourself against the Blaster worm |
  Aug 15 2003, 08:05 PM
Post
#1
|
|
 Boss, my code's compiling (xkcd)  Group: Admins Posts: 10,440 Joined: 19-September 01 Member No.: 1   |
Check out the article from Symantec: http://securityresponse.symantec.com/avcen...aster.worm.html
QUOTE Based on the number of submissions received from customers and based on information from Symantec's DeepSight Threat Management System, Symantec Security Response has upgraded this threat to a Category 4 from a Category 3 threat.
W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The worm targets only Windows 2000 and Windows XP machines. While Windows NT and Windows 2003 Server machines are vulnerable to the aforementioned exploit (if not properly patched), the worm is not coded to replicate to those systems. This worm attempts to download the msblast.exe file to the %WinDir%\system32 directory and then execute it. The worm has no mass-mailing functionality. Additional information, and an alternate site from which to download the Microsoft patch is available in the Microsoft article What You Should Know About the Blaster Worm and Its Variants. Users are recommended to block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed: TCP Port 135, "DCOM RPC" UDP Port 69, "TFTP" The worm also attempts to perform a Denial of Service (DoS) on the Microsoft Windows Update Web server (windowsupdate.com). This is an attempt to prevent you from applying a patch on your computer against the DCOM RPC vulnerability. Click here for more information on the vulnerability that this worm exploits, and to find out which Symantec products can help mitigate risks from this vulnerability. --------------------    Things that I don't suck at: Photography (flickr, JPG Mag), "Don't bail; the best gold is at the bottom of barrels of crap!" -Randy Pausch I have people-skills goddamnit! What is wrong with you people!!! | www.skyrill.com |
 |
 
|
|
Dec 20 2009, 04:27 PM
Post
#2
|
|
 New Member  Group: Members Posts: 44 Joined: 20-December 09 Member No.: 11,958  |
QUOTE(usr.c @ Aug 16 2003, 04:05 AM)  Check out the article from Symantec: http://securityresponse.symantec.com/avcen...aster.worm.html thanks for the info. But I guess prevention is better than cure and Updated virus might do the job on cleaning things. that's what I think. -------------------- |
|
|
|
|
Dec 26 2009, 03:40 AM
Post
#3
|
|
 New Member Group: Members Posts: 20 Joined: 26-December 09 Member No.: 11,977  |
QUOTE(Gringo @ Dec 21 2009, 12:27 AM) thanks for the info. But I guess prevention is better than cure and Updated virus might do the job on cleaning things. that's what I think. but how will you prevent if your updated anti-virus cant scan it? right? -------------------- |
|
|
|
|
|
Lo-Fi Version | Time is now: 20th June 2013 - 06:26 AM |
