[OT] interet worm W32/Blaster

[grodog]

The W32/Blaster worm is apparently a ticking time bomb!

Sometime on Aug. 16th (next Saturday, if my calendar is correct) the worm on infected machines will launch a TCP SYN flood against Microsoft's windowsupdate service! It won't happen immediately when the clock ticks over to Aug 16, but rather it will happen only after the end of the worm's scan (for infecting new systems) which is in progress at that time. So the SYN Floods will be spread out over a rather substantial period - probably several hours. Microsoft's update site will be DOSed really heavily.

For more details, see http://www.cert.org/advisories/CA-2003-20.html

 

[shouit]

It has already seriously affected the systems at work here. I work for IBM and they were shutting the ports down to any infected systems..

 

[Enceladus]

.....fire and brimstone coming down from the sky, four years of darkness, earthquakes, volcanoes, the dead rising from the grave.

Human sacrifice, dogs and cats living together, mass hysteria!

 

[Henry]

Y'know, there's really gotta be a little special corner of Hell reserved for virus and worm-writers - a corner decked out with the latest in Virtual Gaming equipment and 3D virtual reality gear...

...all infected with their best viruses.

 

[Drawmack]

Henry I wouldn't say the writters I would say the distributors. I write visruses and worms just for fun but I write them on an isolated machine or lan that does not have access to the internet or any system that I care about being infected. They are a fun little exercise. However, I don't distribute my stuff so what's so wrong with that.

OTOH check http://www.slashdot.org they have a link to a cleaner program and updating windows will take care of the rpc bug that the worm uses to attack computers through.

 

[Dakkareth]

Hehe, good that I'm separated from the internet by router, packet filter and firewall. Still I should probably check it out ...

 

[Henry]

Henry I wouldn't say the writters I would say the distributors. I write visruses and worms just for fun but I write them on an isolated machine or lan that does not have access to the internet or any system that I care about being infected. They are a fun little exercise. However, I don't distribute my stuff so what's so wrong with that.

If you write 'em on your own time, and take steps to ensure they don't get out, then that's fine - but they are some dangerous things to let out, and someone with a rudimentary knowledge and little conscience can wipe out thousands of dollars worth of work doing it. (For the unprotected, it can be as high as MILLIONS of dollars worth of work.)

From the standpoint of a system admin, I spend as much effort worrying about security as I do the other day-to-day functions of my job combined. It's a ridiculous situation, but one I can do little about. All it takes is some idiot with a hot new virus that Anti-virus programmers don't know about yet to set me and one of my fellow employees back an entire afternoon's work while I clean a system, restore defaults, reload backup data, tweak preferences just like the user wants 'em, and roll the system back out into use.

Most of the employees know better, though there's always a few who don't but even those few shouldn't have to put up with it.

Iapologize for not making a clearer distinction, but most times, the distributors are also the writers, who get off on seeing just how much of a "mark" their work can make - not realizing what they cost others.

That's my little pet peeve, which goes right alongside telemarketers, con artists, pranksters, crank phone callers, and everyone else who wastes another person's time because it gives themselves a cheap laugh or a personal benefit.

 

[Tarrasque Wrangler]

I'm right in the middle of trying to fix it now. I had to take the day off from my day job to do this. I am in a not-nice mood as a result. Let me tell you, I'd love nothing more than to find the immature SOB who wrote this and introduce him to that corner of hell Henry mentioned.

 

[dvvega]

I've just finished cleaning machines with the worm last night ... wasn't too hard, there is good information out there on the net at most of the anti-virus sites.

The reason most of these guys write these things is that it is a challenge as previously stated, and Microsoft has "aggravated" a lot of people. Of course psychologically these people have a problem if a company makes them go and hurt people in such a way.

I know my mother's computers at work were shut down for a whole day while they were cleaning them all out.

Me, I'm safe, I use a Mac.

Of course "for an excercise" I wrote a virus a long time ago (when I was in my teens at university) that actually damamged hardware, now that was malicious.

 

[Drawmack]

If you write 'em on your own time, and take steps to ensure they don't get out, then that's fine - but they are some dangerous things to let out, and someone with a rudimentary knowledge and little conscience can wipe out thousands of dollars worth of work doing it. (For the unprotected, it can be as high as MILLIONS of dollars worth of work.)

Not only do I write them on my own time and take GREAT measures to ensure that they don't get out but when I'm done I give them to the virus scanner people so they can put their signatures into their dat files. This way when someone else does come up with the same idea we'll already be protected. So not only is it a fun little thing for me it's a public service as well.

It's not that I was offended or anything just pointing out that you can't carte blanche yell about those who write viruses because not all of us are the type of person who would put a virus out there.