Worms... The Virus kind! - Ford Forums - Mustang Forum, Ford Trucks, Ford Focus and Ford Cars
Ford Forum Ford Forum

» Auto Insurance
» Featured Product
ยป Wheel & Tire Center

Go Back   Ford Forums - Mustang Forum, Ford Trucks, Ford Focus and Ford Cars > Fordforums Community > The Pub
Register Home Forum Active Topics Photo Gallery Auto Loans Garage Mark Forums Read Auto EscrowInsurance

The Pub For General Discussion

FordForums.com is the premier Ford Forum on the internet. Registered Users do not see the above ads.
Reply
 
LinkBack Thread Tools Display Modes
Old 01-26-2003, 03:22   #1 (permalink)
Can't get enough of it!
 
Join Date: Oct 2001
Location: Perth, Western Australia
Posts: 382
Worms... The Virus kind!

If I ever meet the bastard that posted W32.SQLExp.Worm to the Internet and, hence, businesses:



"W32.SQLExp.Worm is a Category 3 worm that targets servers running Microsoft SQL. The worm sends 376 bytes to 1434/udp (the SQL Server Resolution Service Port).

Symantec Security Response recommends configuring perimeter devices to block 1434/udp traffic from untrusted hosts.

The worm has the unintended payload of performing a Denial of Service due to the large number of packets it sends out. "

I have now spent 13 hours at 'work' resolving the consequences of this thing and contacting people around the world to advise of course of action.

Wasn't pretty. And before anyone says "You should have had the Hotfix installed!!" obviously doesn't live in the real world or work for a multi-national company.

I had my morning shower at 1600, put my contacts in shortly after and am about to have a combined breakfast, lunch and dinner. Thank goodness I don't pay my mobile bill.

Check this out (Geez, I'm SURE I've posted an image bigger than 52kb before, seeing as I can't):

http://average.matrix.net/Weekly/markR.html

Simon....
__________________
BA XR6T, Mercury Silver, Manual, Sunroof, Premium Sound, Premium Brakes, Sports Steering wheel, Leather, Mats, Tint, Mud Spats, Boot Liner and a dribble bib :-)
Lightning is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 01-26-2003, 23:35   #2 (permalink)
Registered User
 
Aussie Falcon's Avatar
 
Join Date: Feb 2001
Location: Sydney Australia
Posts: 2,153
yep I know how you feel. I was in the office Sunday and today. I first got notified on Sunday morning at 5.20am and was in not long after.

http://www.microsoft.com/security/slammer.asp
__________________
My Photography Gallery: http://www.csphotography.com.au/
__________________
Aussie Falcon is offline   Reply With Quote
Old 01-27-2003, 01:09   #3 (permalink)
کhậ۴ţ
 
shaft's Avatar
 
Join Date: Jul 2002
Location: Horowhenua
Age: 39
Posts: 682
Me too. We were taken down by the states as a precaution from 3am sunday to 5pm sunday.

The patch was supposed to have been installed 6 months ago. A certain someone is going to get a rather large rap over the knuckles as we manage some of the most sensitive data in the country.

Today we had a rather large mess to clean up. (quietly i might add)

Not Good.
__________________
کhậfţ

shaft is offline   Reply With Quote
Old 01-27-2003, 03:36   #4 (permalink)
freemchr
Guest
 
Posts: n/a
naughty boys.. serves you right for not updating your SQL servers to the latest patches :)
  Reply With Quote
Old 01-27-2003, 03:41   #5 (permalink)
کhậ۴ţ
 
shaft's Avatar
 
Join Date: Jul 2002
Location: Horowhenua
Age: 39
Posts: 682
I wont be taking the blame for this :)
__________________
کhậfţ

shaft is offline   Reply With Quote
Old 01-27-2003, 15:45   #6 (permalink)
Registered User
 
Aussie Falcon's Avatar
 
Join Date: Feb 2001
Location: Sydney Australia
Posts: 2,153
none of the servers I looked after were affected as they don't run SQL, but there were other groups that were affected. We even had a large number of users/developers with SQL on there PCs. I bet alot of questions are being asked as to why they were unpatched for 6 months
__________________
My Photography Gallery: http://www.csphotography.com.au/
__________________
Aussie Falcon is offline   Reply With Quote
Old 01-27-2003, 17:58   #7 (permalink)
کhậ۴ţ
 
shaft's Avatar
 
Join Date: Jul 2002
Location: Horowhenua
Age: 39
Posts: 682
Christ, we've been hit again, this time by W32.Netspree.worm

*grumble* loads more work

http://www.symantec.com/avcenter/ven...pree.worm.html
__________________
کhậfţ

shaft is offline   Reply With Quote
Old 01-28-2003, 13:36   #8 (permalink)
Old Car:BA XR6 New: 97 EL
 
jaytyn's Avatar
 
Join Date: Feb 2001
Location: Australia
Age: 32
Posts: 1,031
Easy fix...... Run Linux/FreeBSD with MySQL :)
jaytyn is offline   Reply With Quote
Old 01-28-2003, 15:46   #9 (permalink)
No More Shaggin Wagon
 
Join Date: Jun 2002
Location: Port Augusta. SA
Age: 29
Posts: 286
Quote:
Originally posted by jaytyn
Easy fix...... Run Linux/FreeBSD with MySQL :)
Amen to that
__________________
1996 EF2 XR6 Manual
Jaeger is offline   Reply With Quote
Sponsored Links
Advertisement
 
Reply

  Ford Forums - Mustang Forum, Ford Trucks, Ford Focus and Ford Cars > Fordforums Community > The Pub



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus Scare! NZ The Pub 8 01-02-2003 22:07
Virus warning. HSE2 The Pub 4 06-18-2002 00:19
Melissa virus creator sentenced to 20 months Falchoon The Pub 5 05-04-2002 04:26
OT: Virus Warning Chaps The Pub 2 12-04-2001 20:21
Virus Warning - Code Red Worm TeeHee The Pub 2 07-31-2001 06:39

Powered by vBadvanced CMPS v3.2.2

All times are GMT -7. The time now is 00:55.



Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0
Garage Plus vBulletin Plugins by Drive Thru Online, Inc.