Stop Microsoft
All Things Microsoft => Microsoft as a Company => Topic started by: jasonlane on 12 August 2003, 15:52
-
web page (http://www.theinquirer.net/?article=10986)
Seems to have bitten M$ up the ar$e as well. I'll check on netcraft latter but Vole central was down today at 12:00 GMT
-
my xp machine got that today too. i only noticed because the rpc service kept shutting down, and it wanted to reboot. shutdown -a every time i boot is very annoying.
oh well, i never use that machine anyways.
-
quote:
Originally posted by Stryker:
my xp machine got that today too. i only noticed because the rpc service kept shutting down, and it wanted to reboot. shutdown -a every time i boot is very annoying.
oh well, i never use that machine anyways.
Just make sure it's on during the 16th of August.
-
Turn on your firewall, also look up the tool removal for msblast.exe on symantec.com, and run that. Getting online without a firewall is stupid anyways.
-
Don't remove MSBLAST.EXE until after the 16th, surely??? :D :D
Infact I have an XPee laptop here, rarely running, that I just may well connect to the internet....It's sure to catch some sort of virus.
[ August 12, 2003: Message edited by: Zardoz ]
-
According to this (http://money.cnn.com/2003/08/12/technology/msft_worm.reut/index.htm?cnn=yes) article the worm contains the message, "Billy Gates why do you make this possible? Stop making money and fix your software!!". Think they got it yet?
-
quote:
Said Hyponnen: "On the 16th of August, the worm will start a distributed denial of service attack against the windowsupdate.com server".
Good thing: Microsoft gets hit badly.
Bad thing: Due to worm traffic on my local network I'm getting bad ping times in games. :( [sob]
And yeah, if you leave samba open to the www you deserve to get hit but this isn't the underlying problem - the problem is that Microsoft security is crap. By *default* a fresh install of XP will leave "shared folders" network writable which leaves you open as all hell to nimda etcetera. Not to mention the speed with which other worms can crack samba passwords. ;)
Oh and by the way for those of us on permanent LANs (me) and running Windows (not me (http://smile.gif) ) using a firewall when connecting to the internet wont help. Because samba will be open to the local network (this is after all what it's intended purpose is) all it takes is for *one* person on a Windows users subnet (could even be on the same subnet your ISP just gave you) and you can quite easily be infected. A firewall is useless, the only "safety" available is to turn off samba or password it. Which off course makes samba completely useless for anonymous file sharing as well. :)
(Even then most samba passwords can be cracked quickly. Especially if you have XP home and havent booted up in safe mode to give the "administrator" account a password.)
Unpassworded admin accounts by default. Good work Bill you dumb fuck.
-
TCP 135 is an RPC port ???
Isn't that samba?
-
quote:
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
ROFLMAO :D
-
Debit was down in some of the vancouver area
I think it might have been this bug, cause I was told that the actual banks were down not just the debit system
-
I think that any machine that sends a virus out to other computers should get it's IP blacklisted, that should effectively shut down most MS servers eventually.
My server still gets RedCode type hits.
Jeeze, I'd go on... but I got things to do (like block spam).
-
THIS IS FUCKING PRICELESS!!!!! AHAHAHHAHAHAHHA!!!!!!! Seriously, are any of you behind this?
Hey we should all go out and install illegal versions of Xpee on our PCs to add to Microsoft's problems.
Wow this is really great. Maybe this will get the message across that M$ products SUCK ASS!!!!
-
quote:
Despite being described by Symantec and other anti-virus firms as being "badly written", he told us today: "Whoever made this thing deserves a pat on the back. It completely goes around most forms of existing Windows security".
Heh he
Samba is shit. Samba is 137 to 139. 135/tcp is DCE (http://securityoffice.softimage.net/data/131-107-27.html) endpoint resolution and 135/udp is RPC. NT also had some DNS & DHCP management stuff there as well.
Also it's nice to see 135 traffic rising, it's like a symphony (http://isc.incidents.org/port_details.html?port=135&repax=1&tarax=2&srcax=2&percent=N&days=70&Redraw=Submit) to my ears.
However 135 seems to have given Bill and his minions trouble in the past as well.
135 (http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q162/5/67.asp&NoWebContent=1)
Will we look back on this in years to come and say:
quote:
Remember the 135!
Die Micro$hite, die!
[ August 13, 2003: Message edited by: Zardoz ]
-
ROTF: my firewall log is 5 pages and counting...he he damn worm has been scanning all night. but lo and behold 135 is stealthed on my box/boxes. urp........IF you read this....Hi bill, hope you idiots in Redmond have plenty of Egg on your faces......ha he he ha ha
-
So already there's a new version of blaster out there!!!! Also IBM & Mototrola have been infected, because of the fucking excuse of a company called Micro$hite. I hope they get taken to the cleaners, they do not deserve their position.
I only hope this causes IBM to drop M$ altogether.
They must go!
[ August 13, 2003: Message edited by: Zardoz ]
-
Alrighy then, that's me just back from cleaning the XP PCs of msblast.
Ho-hum, tomorrow is another day.
-
Preassure now needs to be keep't up on M$! How is this site going to make the the most effective use of this god send?????
-
Lets go on Windows forums and just laugh. Sounds fun to me. :)
-
Which one does Sir suggest tonight?
-
I wonder how Zombie is doing with this virus... :D :D :D
-
Who's Zombie?! Would he like this virus?
-
This is great! This means more Linux/Macs and BSD type boxes are left on the net! Which in the end is more secure in its self!
Tbere ya go WINBLOWSFOOLAZ!!! Your beloved box has been prooven to be absolute shit! :D :D (http://smile.gif) (http://tongue.gif)
-
quote:
Originally posted by The all X11 hater:
I wonder how Zombie is doing with this virus... :D :D :D
He, like me, undoubtedly has a firewall installed and is cruesing along nicely.
-
quote:
Originally posted by Fett101:
He, like me, undoubtedly has a firewall installed and is cruesing along nicely.
i had a firewall up and running, i think i downloaded some program or something that gave it to me.
-
i wish i had xp... then i could get the virus and i could be doin my part in the flooding of the update site... :( .. o well.. and Hi all
-
quote:
Originally posted by Zardoz:
Samba is shit. Samba is 137 to 139. 135/tcp is DCE endpoint resolution and 135/udp is RPC. NT also had some DNS & DHCP management stuff there as well.
No thats not samba (http://www.samba.org). Samba is the open source implementation of the Server Message Block (SMB) system. Samba was started by a guy so cool that when people wanted to give him money for it he just told them as a joke to send him a pizza.
From what I've heard, the samba team hasn't had any want for pizza.
Samba is not MS.
[ August 14, 2003: Message edited by: M. O'Brien ]
-
Sorry SMB is shit....
My apologies to the Samba team :(
(http://www.ecst.csuchico.edu/~pizza/pies/pizza-016613.jpg)
[ August 14, 2003: Message edited by: Zardoz ]
-
Of course the whole point is that while any windows machine without the update or a proper firewall could be infected. Meanwhile, a Mac OS X (and probably everything else Unix) machine comes with a firewall and all ports turned off. Your computer has to start a connection with someone else to get traffic on almost any given port. And I guess that it might be hard to browse the internet on the 16th because of the massive DoS attack on the update site. But still, if anyone has a windows 2000 or xp machine, leave it on for that one day.
-
Its BAAAaaak!
kaspersky Labs : Mblaster clone released (http://www.kasperskylabs.com/news.html?id=985370)
-
ROFLMAO!!!!!
(http://www.warbucket.com/comics/206.gif)
-
I don't get it.
HAH!
-
gates is a fucking idiot, he probably wrote the fucking worm (virus) so microsoft.com would get more hits for the patch. also so microsoft gets more publicity.
-
My greatest fear in this topsy tervy world of home land defence, is that Gates dosent say
"Well, this thing is aflicting windows, and windows is so crappy that no one could have produced the worm with XP, so it must have been created with Linux, unix or a mac. Unix is comercial so a hippy haxor probably would'nt use it, and only artsy faggots use a MAC (Bill gates' words, not my own), so it must have been Linux. nearly everyone in the country uses XP so for the safety of the nation we must outlaw Linux!"
If gates said this the right wing government you guys have would rub their palms and smile.
-
quote:
Samba was started by a guy so cool that when people wanted to give him money for it he just told them as a joke to send him a pizza.
Yah Dr Andrew Tridgell. And he goes to my local LUG. And next year I get to listen to him teach me all about bits of the Linux kernel. (He occasionaly guest lectures at my University.) Drool. Worship. Bow. :D We loves you Andrew!
quote:
From what I've heard, the samba team hasn't had any want for pizza.
They always have pizza. $6 at every CLUG meeting and you get a large pizza. Who wouldnt want pizza?
Ooh I must start copy pasting this guys clug posts to a big file as like a historical artifact...
edit:
quote:
Turn on your firewall, also look up the tool removal for msblast.exe on symantec.com, and run that. Getting online without a firewall is stupid anyways.
Yeah if you have insecure servers running it is. Firewalls should be a redundancy, (ie you shouldnt rely on them) at best. No offense but assuming that just running a firewall alone makes you safe is kinda lame.
edit: And yeah thanks for the clarification M Obrien. Wouldnt want to associate samba with cmb. (http://smile.gif)
[ August 15, 2003: Message edited by: Faust ]
-
Has anyone connected this with the huge powercut in america i was just thinking of that also i've got my whole old networkd running and on an auto timer to connect tonight at 11:00 lol but back to the powercut has anyone thought of that?
-
quote:
Originally posted by SirRoss:
Has anyone connected this with the huge powercut in america i was just thinking of that also i've got my whole old networkd running and on an auto timer to connect tonight at 11:00 lol but back to the powercut has anyone thought of that?
I have been praying, so very, very, very hard that it is connected. It would really be the begining of the end of M$ if that were true, billions if not trillions of dollars lost, lot's pissed people, Gov agencies etc.....
However it probably isn't :(
Power stations are not (I think, although they recieved certification last year?) allowed to use Windoze for mission critical systems. They shouldn't be at any rate.
:(
-
oh ya like this http://news.com.com/2100-1002_3-5064433.html?tag=fd_top (http://news.com.com/2100-1002_3-5064433.html?tag=fd_top) will help!
oh and saturday may be M$ doom day, with huge DoS attack planned.
[ August 15, 2003: Message edited by: raptor ]
-
quote:
Originally posted by Zardoz:
Power stations are not (I think, although they recieved certification last year?) allowed to use Windoze for mission critical systems. They shouldn't be at any rate.
People think the chain reaction started in Canada. Do they use windows for power stations in Canada?
It might be too much to expect the worm and blackout to be related... on the other hand it is one heckofa coincidence.
-
just found on slashdot that www.windowsupdate.com (http://www.windowsupdate.com) now has a Linux server up, just put it up the day before the attack. I can see it now billy saying that it went down because someone set up a linux server for it. Scarry thing is windows users might belive it. windowsupdate.com (http://uptime.netcraft.com/up/graph?site=www.windowsupdate.com)
although the netbock owner is not MS but still I find it entertaining. Linux just might keep it up for MS and then gates might praise his crappy software more. *throws middle finger up*
-
quote:
A flaw in Windows Update caused some organisations - including the US Army - to wrongly believe they were protected from MSBlast, according to a researcher
A flaw in Windows Update -- Microsoft's online tool that lets customers update their operating system with patches and fixes -- enabled the MSBlast worm to infect computers that apeared to have already been patched, according to a security expert.
The flaw led to a US Army server, among others, falling victim to MSBlast, according to Russ Cooper, chief scientist at security company TruSecure.
Windows Update works by adding an entry into the system registry every time it installs a patch. When users log on to the update tool, it scans their registry and offers them list of patches that have not yet been installed. Cooper said that this mechanism was found to be flawed.
"We found that people had got the registry key for the patch, but not the file," he said, explaining that the error could be triggered by a number of reasons -- from an incomplete installation to a lack of system resources.
"If you go to Microsoft's site and say, 'tell me if I am up to date', and it says 'you are up to date', but you are not, what are you supposed to do?" he said.
In order to fix the problem, Windows Update should be looking for the actual fix rather than just a registry entry, Cooper argued. This feature is already included in the tool, but is not "fully enabled", Cooper said.
He recommends that users should run the Microsoft Baseline Security Analyzer (MBSA) as an alternative to Windows Update for checking to see if patches have been correctly installed. MBSA is also designed to look for security problems in the Windows registry and can be downloaded free from Microsoft's Web site.
Microsoft did not respond to requests for comment on the Windows Update issue.
Patching has been a thorn in Microsoft's side, with companies complaining that it takes far too long to implement patches because of the compatibility testing that is necessary before deploying them to thousands of servers and desktops. Additionally, the sheer volume of patches being generated by Microsoft means that companies are finding it difficult to keep up.
Stuart Okin, chief security officer at Microsoft UK, admitted that Microsoft customers spend too much time fixing their systems: "Our customers don't necessarily have the programmes, processes and environments in place to deal with dynamic changes," he said. He admitted that companies have had problems deploying the patch to thousands of workstations or servers "within the space of four weeks" -- approximately the time between when the vulnerability was discovered and the worm was released.
Last year, Microsoft launched its Trustworthy Computing Initiative, which included retraining its programmers to ensure their code was written with security in mind and involved an overhaul of its entire patching system.
Okin said that within two years, Microsoft will have made significant changes to its Windows Update service. The company is planning on introducing a single update source -- probably called Microsoft Update -- which will be capable of updating all of the Microsoft products installed on a computer.
I've been having a few arguments recently with people who claim that "all you need is a firewall and regular patching and you're secure!" So nice to be proved right...
-
All the win2k machines in our school library got hit by that virus.
-
According to other stories, two new versions of the worm are circulating and e-mails related to the worm and containing trojans are also circulating.
-
The Sobig e-mail virus that caused havoc two months ago has reappeared in a virulent new form, according to e-mail service provider MessageLabs.
web page (http://news.com.com/2100-1002_3-5065494.html)
Sobig.E is more efficient than previous versions of the virus
Attachment names may include: your_document.pif, details.pif, your_details.pif, thank_you.pif, movie0045.pif, document_Fall.pif, application.pif, and document_9446.pif.
-
quote:
Originally posted by suselinux:
Sobig.E is more efficient than previous versions of the virus
Stupid worm FUBARed the network here today. I've gotten five emails either sending me the virus or claiming I sent the virus to someone else...
I don't have the virus cause im not a windoid retard who opens every attachment he gets. Unfortunately the new version picks email addresses off the hard drive at random and puts them in the FROM field.
-
M$ and all their products should be banned!
If they were making cars they'd have been out of business years ago.
-
if microsoft made cars instead, the software industry'd be a lot better off.
-
If M$ made cars, they'd make 'em without locks on the doors.
-
quote:
Originally posted by Calum:
if microsoft made cars instead, the software industry'd be a lot better off.
are ya sure? LOL read this
quote:
Microsoft in Detroit?
At a recent computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated "If GM had kept up with technology like the computer industry has, we would all be driving $25 cars that got 1000 mi/gal." Recently General Motors addressed this comment by releasing the statement "Yes, but would you want your car to crash twice a day?" and also noted the following consequences of GM imitating Microsoft:
1. Every time they repainted the lines on the road you would have to buy a new car.
2. Occasionally your car would die on the freeway for no reason, and you would just accept this, restart and drive on.
3. Occasionally, executing a maneuver would cause your car to stop and fail and you would have to re-install the engine. For some strange reason, you would accept this too.
4. You could only have one person in the car at a time, unless you bought "Car95" or "CarNT". But, then you would have to buy more seats.
5. Macintosh would make a car that was powered by the sun, was reliable, five times as fast, twice as easy to drive, but would only run on five percent of the roads.
6. The Macintosh car owners would get expensive Microsoft upgrades to their cars, which would make their cars run much slower.
7. The oil, gas and alternator warning lights would be replaced by a single "general car fault" warning light.
8. New seats would force everyone to have the same size butt.
9. The airbag system would say "are you sure?" before going off.
10. If you were involved in a crash, you would have no idea what happened.
-- courtesy of jokes.com
[ August 21, 2003: Message edited by: raptor ]
-
also all of you windows users out there, you have been warned http://news.com.com/2100-1002_3-5066511.html?tag=fd_top (http://news.com.com/2100-1002_3-5066511.html?tag=fd_top) :rolleyes:
-
quote:
Originally posted by Zardoz:
M$ and all their products should be banned!
If they were making cars they'd have been out of business years ago.
I'm not so sure - SUVs seem to sell pretty good.