LOL, thanks!Quote:
Originally Posted by HTRegz
Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.
Printable View
LOL, thanks!Quote:
Originally Posted by HTRegz
Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.
You'd be surprised at how many people just plug their computer into their cable modem still, or directly into their DSL. When I was home last christmas, I discovered that was how my sisters internet was setup... I unplugged it and went straight out and got a linksys router to put in between.Quote:
Originally Posted by morganlefay
One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.
I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
XP SP2 turns on the firewall and blocks this by default...no?
MLF
That it does... but you're thinking way to logically.Quote:
Originally Posted by morganlefay
People want to share files and run bittorrent clients (which test for them to have an open port in many cases). Disabling the windows firewall is extremely common.
I spent almost 2 years doing student support... and XP SP2 came out during that time... I'm willing to bet for every 100 students we saw, maybe 5 of them had the firewall turned on.
I tend to do that.... I ama 1 and 0 kinda girl.Quote:
That it does... but you're thinking way to logically.
specifically when assessing a threat...as to run around and apply patches untested to a production environment is risky to say the least and I like to see what the mitigating factors are before I patch.
I have seen some hasty patches totally fubar a server \application....
I err on the side of caution usually :)
MLF
Also, if you enable file and printer sharing the windows firewall will automagically poke a hole in itself to allow traffic in from the local network. Even third party (personal) firewalls usually "trust" the local network.Quote:
Originally Posted by HTRegz
Guess what that worm scans first?
Ports 138 139 and 445
MLF
You'll find a majority of college students using OSX these days (at least in the more prestigious universities)Quote:
Originally Posted by HTRegz
Its trendy dont ya know ;)
t34b4g5: Neg posted that on the third post.
SirDice: Good point
morganlefay: I believe SirDice was getting at the fact that your subnet is going to be scanned before it starts randomly scanning the internet, and your subnet is where it will find most of it's victims
C:\Saw: I doubt that it's a majority yet :), but either way I've found that most OS X users tend to be running Windows along side of it because OS X doesn't do everything they need it to do.
HT...I know what Sir Dice was saying.....but if all the workstations are patched ...how does the worm get into the subnet...rogue laptops...dont have any. Unauthorized access to the network...not likely
All I am saying is there is now way in hell I will patch my server until I am confident it not going to break something.
Browsing the forums as we speak...looking to see if there are any issues with applying the patch in my environment.
All the workstation have had the update pushed on them ....
actually ....I had an issue with my laptop after the patch was applied...it knocked out both my nics....until I logged in with admin priviledges...and the patch was then fully incorporated....nics came back on line... Logged back in with the limited account...and voila..both nics worked again.
MLF
