-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Please help me! (w32.blaster.worm thread)
Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
RaySun2Be
Lifer
I always recommend a 3 prong approach for anyone with MS Windows OS.
1. Good anti-virus, and make SURE that it is checking for and downloading updates and scanning on a DAILY basis. If it isn't, then do it manually!
2. Good firewall. I like a router for NAT, then a software firewall on each and every PC. Also make sure you have the current version.
3. Check the Microsoft WindowsUpdate site at least twice a month, best to do it once a week. I check it twice a month, unless I get a Security Bulletin newsletter from Microsoft that I signed up for, then I update ASAP.
I usually take a "If it ain't broke, don't fix it" approach to things, but with MS O/S, it's more of a "If it ain't broke, they just haven't announced the flaws yet" approach.
I also use a spyware/malware program to clean out tracking software/cookies. A must have for working on other folks PCs, as I have found that most of the problems with PCs running poorly lately have been due to Kazaa, Comet Cursor, Gator, and other apps that have loaded their own progs and are sucking up resources.
1. Good anti-virus, and make SURE that it is checking for and downloading updates and scanning on a DAILY basis. If it isn't, then do it manually!
2. Good firewall. I like a router for NAT, then a software firewall on each and every PC. Also make sure you have the current version.
3. Check the Microsoft WindowsUpdate site at least twice a month, best to do it once a week. I check it twice a month, unless I get a Security Bulletin newsletter from Microsoft that I signed up for, then I update ASAP.
I usually take a "If it ain't broke, don't fix it" approach to things, but with MS O/S, it's more of a "If it ain't broke, they just haven't announced the flaws yet" approach.
I also use a spyware/malware program to clean out tracking software/cookies. A must have for working on other folks PCs, as I have found that most of the problems with PCs running poorly lately have been due to Kazaa, Comet Cursor, Gator, and other apps that have loaded their own progs and are sucking up resources.
Confused
Elite Member
As David said, I did have this. However, I also had some services that were not starting on startup, which also caused problems.
I would have been perfectly fine re-installing 2003 Server, but the patch for the vulnerability is only for the Gold (3790) release, not RC2 (3718), which I was running. I had Zone Alarm installed, but I think that was something that was playing up on startup
So, I can testify to pretty much what Ray has just said. Keep a firewall on, updated, as well as virus scanner, and do Windows Updates (i hadn't updated for ~2 months
can you guess why i was hit!)
I managed to get a spare copy of Windows 2000 from work (we ordered a system with XP, and it came with 2k, so they sent through XP and they didn't ask for the copy of 2k back, so I was able to take it, otherwise it would still be sitting there in 3 months time!!) and the first thing I installed was Zone Alarm, just getting SP4 now, and then will do full Windows Update!
Oh, and if you're getting affected, you can go to Start -> Run and type shutdown -a to stop the shutdown dialog, enough for you get the patch downloaded 🙂
The thing that makes me mad is that this has been WIDE OPEN in ALL flavours of NT since it first came out!! That's 1992 if I remember seeing correctly. Yes, 11 years this exploit has been open, and only now do Microsoft patch it :|
Garry
I would have been perfectly fine re-installing 2003 Server, but the patch for the vulnerability is only for the Gold (3790) release, not RC2 (3718), which I was running. I had Zone Alarm installed, but I think that was something that was playing up on startup
So, I can testify to pretty much what Ray has just said. Keep a firewall on, updated, as well as virus scanner, and do Windows Updates (i hadn't updated for ~2 months
I managed to get a spare copy of Windows 2000 from work (we ordered a system with XP, and it came with 2k, so they sent through XP and they didn't ask for the copy of 2k back, so I was able to take it, otherwise it would still be sitting there in 3 months time!!) and the first thing I installed was Zone Alarm, just getting SP4 now, and then will do full Windows Update!
Oh, and if you're getting affected, you can go to Start -> Run and type shutdown -a to stop the shutdown dialog, enough for you get the patch downloaded 🙂
The thing that makes me mad is that this has been WIDE OPEN in ALL flavours of NT since it first came out!! That's 1992 if I remember seeing correctly. Yes, 11 years this exploit has been open, and only now do Microsoft patch it :|
Garry
Yea, yea, I'm not Dennis either. But, I DO use Ad-aware6.0
AND a program called Spybot.exe to hunt down the little
programs that suk resources.
Hay
😎😎😎😎😎
OH, btw, THIS is almost EXACTLY the reason that I am
now browsing/e-mail on RedHat 8.0, just because of
"Billy's" software exploits.
muahahahahaha
AND a program called Spybot.exe to hunt down the little
programs that suk resources.
Hay
😎😎😎😎😎
OH, btw, THIS is almost EXACTLY the reason that I am
now browsing/e-mail on RedHat 8.0, just because of
"Billy's" software exploits.
muahahahahaha
EvilWobbles
Golden Member
I too would like to tout the value of Linux but as a Sys Admin for a company that is almost exclusively Microsoft, Windows is a reality I have to face.
The best defense for most attacks is at the perimeter. I would like to echo what Dennis said.
1. Get yourself a good quality firewall. The DSL/Cable routers that do NAT are OK and certainly protected against this attack but I would like to recommend anyone who is serious about a firewall to take a look at IPCOP (.Link) . It is Linux based, has minimal hardware requirements and best of all can be hacked to run Seti! Let's see your Linksys do that!
2. Get a good anti-virus program that automatically updates definitions on a regular basis (make sure it scans your incoming mail as well)
3. Keep vigilant for product updates for Windows and install the patches when they are made available.
It certainly has been an interesting 24 hours. I've had no less than 5 people (4 of whom are dial-up users) call me to tell me their computer keeps rebooting on them. After the fourth call, it is getting annoying but the whole tale of Internet worms only affecting broadband users seems to go out the window with this one!
The best defense for most attacks is at the perimeter. I would like to echo what Dennis said.
1. Get yourself a good quality firewall. The DSL/Cable routers that do NAT are OK and certainly protected against this attack but I would like to recommend anyone who is serious about a firewall to take a look at IPCOP (.Link) . It is Linux based, has minimal hardware requirements and best of all can be hacked to run Seti! Let's see your Linksys do that!
2. Get a good anti-virus program that automatically updates definitions on a regular basis (make sure it scans your incoming mail as well)
3. Keep vigilant for product updates for Windows and install the patches when they are made available.
It certainly has been an interesting 24 hours. I've had no less than 5 people (4 of whom are dial-up users) call me to tell me their computer keeps rebooting on them. After the fourth call, it is getting annoying but the whole tale of Internet worms only affecting broadband users seems to go out the window with this one!
RaySun2Be
Lifer
Oh, and for those that are curious, I use Ad-Aware, latest version. 🙂
I've also used Tracks Eraser Pro to clean out those index.dat files that seem to have a nasty habit of keeping track of what you've been doing. 🙂
Although my 30 day trial is up on it. I may have to break down and buy it. 🙂
I've also used Tracks Eraser Pro to clean out those index.dat files that seem to have a nasty habit of keeping track of what you've been doing. 🙂
Although my 30 day trial is up on it. I may have to break down and buy it. 🙂
I doubt this is important, but I had to use that firewall to get the patch, and it did nothing on 'low' and 'normal' settings - it only seemed to make a difference on 'highest,' which I doubt she's using. It's definitely a barebones firewall, don't rely on it to stop anything 😛
But 'highest' should serve in time to get the patch from microsoft.
YellowRose
Senior member
Funny thing. I'm remembering all of those people who encouraged me to upgrade to XP from my win98SE and ME systems.
Looks like I get to sit this one out as it does not attack 98 or ME. Glad I put off doing it.
Looks like I get to sit this one out as it does not attack 98 or ME. Glad I put off doing it.
GeorgeCredland
Junior Member
You only get hit by it if either you haven't applied the security fix for a known bug, or you
aren't running a firewall to block the incoming connection.
Bummer about Confused's new PC though. Not a lot you could do about that other than
installing a personal firewall before connecting it up. 🙁
XP beats Win 98/ME hands down on reliability and start up time. Haven't M$ stopped
releasing security fixes for Win 98? 😕
George
Confused
Elite Member
Yeah, installing ZoneAlarm caused it to not want to connect to ANYTHING that was internal, even with the internal security on Low
And without a setup file for a firewall on a local PC (which i could connect to BEFORE installing a firewall) I had to first connect to the internet to download it!
But i've got it patched now, but currently no firewall until I can get one that allows internal connections as well lol. And ZoneAlarm free wasn't allowing that (which i FINALLY figured out after a day and a half of installing/setting up/formatting/etc)
Garry
titanmiller
Platinum Member
Originally posted by: Confused
Yeah, installing ZoneAlarm caused it to not want to connect to ANYTHING that was internal, even with the internal security on Low
I ran into the same problem you need to go to the security tab, click on advanced, click add and add a range of IP addresses for your network (eg. start at 192.168.0.100 and go through 192.168.0.255). In my case though since I connect with a dial up modem all I have to do is put a check next to my NIC and everything comes through.
titanmiller
Platinum Member
Personally I think the person who wrote this virus did everybody a major favor. You have to remember that the flaw in Windows that this uses allows the attacker to take COMPLETE control of your system. This virus does little to no damage to an individual?s computer. It is possible that a different person could have released a different virus taking advantage of the same exploit but in a much, much more damaging manner. Sure it is annoying that I had to take an hour or so to clear it out, but at least now I'm all patched up so I cant get something nasty.
Confused
Elite Member
Originally posted by: titanmiller
Originally posted by: Confused
Yeah, installing ZoneAlarm caused it to not want to connect to ANYTHING that was internal, even with the internal security on Low
I ran into the same problem you need to go to the security tab, click on advanced, click add and add a range of IP addresses for your network (eg. start at 192.168.0.100 and go through 192.168.0.255). In my case though since I connect with a dial up modem all I have to do is put a check next to my NIC and everything comes through.
That's what I did do!! which is what made it even worse!!!!
<-- Hates Zone Alarm and everything about it. Sure it's great when it works like it should but even when properly configured it can sometimes block local or in/out access or cause system freezes (never got it working as an ICS gateway). I gave up on Zone Alarm a few years ago. For $40 my SMC Barricade protects my network just fine (or at least I think it does). 😉Originally posted by: Confused
Originally posted by: titanmiller
Originally posted by: Confused
Yeah, installing ZoneAlarm caused it to not want to connect to ANYTHING that was internal, even with the internal security on Low
I ran into the same problem you need to go to the security tab, click on advanced, click add and add a range of IP addresses for your network (eg. start at 192.168.0.100 and go through 192.168.0.255). In my case though since I connect with a dial up modem all I have to do is put a check next to my NIC and everything comes through.
That's what I did do!! which is what made it even worse!!!!
RaySun2Be
Lifer
Funny, I have had nothing but good results with ZoneAlarm. Once I understood how it worked. 😀
The only time I had any problems with it at all was when I was trying to setup ICS in MS 2000. I had to stop ZA, and then the ZA services, before I could set ICS up. Once I got ICS working, I restarted ZA and added the local permissions, and everything was fine. At least with ZA. ICS was flaky (tested without ZA installed just to make sure it wasn't ZA) so I got me a Linksys router.
Haven't had a bit of problem with ZA since then. 😀
The only time I had any problems with it at all was when I was trying to setup ICS in MS 2000. I had to stop ZA, and then the ZA services, before I could set ICS up. Once I got ICS working, I restarted ZA and added the local permissions, and everything was fine. At least with ZA. ICS was flaky (tested without ZA installed just to make sure it wasn't ZA) so I got me a Linksys router.
Haven't had a bit of problem with ZA since then. 😀
pcdeatherage
Member
ME daughter is in the other room chuckling at me as I scamper around to make sure all is well...
d'wife always says "you don't know you need glasses until you get them"...I used to be happy with ME cuz it fixed some printer issues (and others) that '98 was having...now, quite happy with d'2k and swearing I'll *never* do that XP thing...
So anyone know if the patch was already built into SP4?
Confused
Elite Member
Not sure, however to be on the safe side, i'd install the separate patch anyway 🙂
Robor, I shall be getting myself a wireless router (probably SMC, actually!) sometime soon...just need to quit spending money on bits for my carputer...and my car (getting a 1967 Ford Anglia 105E, needs quite a bit of work done on it)
Garry
I dunno if I'd recommend the SMC router. Maybe it's just my model (can't remember model but it's the 22Mb wireless model) but my SMC has *TERRIBLE* range and this is with a matching SMC wireless card. The signal strength can be low even in the same room as the router. I do have it encrypted but I can't imagine that would affect it. My friend has an Linksys and said he's got good range with his.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
