Blaster and Sobig
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Blaster and Sobig

  1. #1
    Senior Member
    Join Date
    Jul 2003
    Posts
    113

    Blaster and Sobig

    Aren't they both programmed to stop automatically at some point (I think I read that somewhere)? A lot of the stupid neighbors in my area have the virus and cant be bothered to do anything about it, so it's been sucking up the cable bandwidth in my neighborhood for quite some time.

  2. #2
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    well

    Detecting network traffic that may be due to RPC worms
    http://securityresponse.symantec.com...rpc.worms.html


    W32.Blaster.Worm
    Discovered on: August 11, 2003
    http://securityresponse.symantec.com...ster.worm.html
    yeah, I\'m gonna need that by friday...

  3. #3
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    There's two things to consider:

    One: There are multiple versions of the virusses, each having another date on which they stop functioning. New versions (with new dates that are further away in the future) can come out any time.

    Two: There's a (serious) security hole (or bug) in those computers that are infected now. If those holes are not patched, they're still open for others (virusses, worms, other attacks) to use.
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Viper,

    You are quite right! these malware will suck up bandwidth. Not only that, I would expect them to impact on the performance of their machines...................the trouble is that today's kit is so "over gunned" for average use that most people don't notice or care. I guess the guys you are referring to need re-education?..............I have a nice collection of old 286's and 386's.....they would care then

    Guus has made the major point though, in that these things evolve. A lot of malware starts as some technically competent but morally bankrupt dude's "proof of concept", and does not have a malicious payload as such. It is usually not long before some script kiddie jumps on the bandwagon and changes all that.

    If your machine is vulnerable FIX IT before something malicious comes along.

    This may not be a virus............if you have always on broadband and someone puts a trojan on your PC, then downloads a shed full of kiddie porn, then overwrites the trojan program 32 times and deletes it. Then makes an anonymous phonecall to the FBI??????????????

    I would not like to be your defence lawyer

    You might like to point these scenarios out to your "cavalier" neighbours?

    I think that the little banner at the bottom of TampaBay420's post says it all

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Some of us are charged by the Mb that is sent to our machines.. most of the port 135 weighing in a a mear 60 or so bytes it isn't a problem for one or two of these in a hour.. But when you may be connected 24/7 and the rate is >1000 per hour this could just tip you over on these download limited accounts.. not to mention the extra load it puts on a heavily used service..

    Please note I don't believe that the ISP should act as a Firewall for their users, it is the users responsability to secure their own machine..

    But the ISP need to action against the continuance of this abuse.,..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    As usual Und3ertak3r has made a couple of excellent points:

    1. It is the responsibility of the owner to contol the dog...........that is, you are responsible for your own PC, and its security.

    2. The Service Providers also have a duty (apart from collecting our cash), they have the financial resources to pursue these matters where us mere mortals cannot afford to tread. They can collaborate with government agencies and such.............politicians might even listen to THEM

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Senior Member
    Join Date
    Jul 2003
    Posts
    113
    Well unfortunately, a lot of the above info is correct about my neighbors, they use their machine mainly for e-mail/word processing, and they use it very lightly, so they don't notice anything wrong with it. They've got just the cable modem with no protection (other than McAfee ), and they don't do windows updates either. I've tried telling them how serious it is but they don't want to listen... That's why I'm hoping whatever variation they have disables itself soon, cause my bandwidth is really hurting. I'm not even sure how many other people in my community may be infected and not aware...

    At least I'm smart enough to spend some money on a router and good AV (avp), and most importantly, update my software/firmware.

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hey,

    You gotta go for the child pornography thing..................It might just scare them enough to wake up............afterall if you get the Feds and your local cops suddenly turn up and take away equipment.............the neighbours might talk?

    And even if ther isn't a successful prosecution................the smell still sticks around?

    Pretty crude social engineering, but.....................

    Good Luck...and don't do anything illegal in either of our countries
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Senior Member
    Join Date
    Jul 2003
    Posts
    113
    Doing anything illegal is too easy to get caught nowadays...except trojaners...they still managae to stay "safe"...

    But maybe I'll send an anonymous e-mail saying blaster can get you "kiddie pr0n'd"...thats somewhat legal...

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Viper2026,
    You said it here..
    They've got just the cable modem with no protection (other than McAfee ), and they don't do windows updates either.
    The comments I have heard time and time again, and more often in the last few weeks.

    1/ But I have an Antivirus program.. Why didn't that stop it?..
    2/ Windows Update.. I thought that was incase you had a problem..
    3/ Virus Updates?? I thought all you needed was the program
    4/ But my computer came with a Nortons when I bought it 3 years ago
    5/ Me mate Bill the Butcher reckons that Anti virus programs are a con, and we don't need them.. so why are you telling me I need a firewall as well.. are they a bigger con?

    There you go some regulars and a couple of new ones..

    Here is a trick.. Messenger..
    they have xp they are not protected.. then they most likley have the NetSend/messenger Service turned on!..
    find out their IP's and say g'day.. you are infected!!!.. I would recommend doing this through a couple of proxies.. or get a dumb friend to do it for you incase it backfires..
    I think this legal.. that is to pop a warning in via messenger.. The spammers can and do.. so why not a friendly warning??

    hmm what do ya think.. only questionable act I see is getting their IP addy..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides