-
October 24th, 2008, 04:17 PM
#11
Originally Posted by HTRegz
Also, kudos to phernandez for the superb article. He manages to get quotes from some pretty incredible people heh.
LOL, thanks!
Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.
-
October 24th, 2008, 04:33 PM
#12
Originally Posted by morganlefay
phew....luckly I have both
who would have the server service pointing to the www anyway....you are just asking for trouble
MLF
You'd be surprised at how many people just plug their computer into their cable modem still, or directly into their DSL. When I was home last christmas, I discovered that was how my sisters internet was setup... I unplugged it and went straight out and got a linksys router to put in between.
One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.
I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
-
October 24th, 2008, 04:58 PM
#13
XP SP2 turns on the firewall and blocks this by default...no?
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
October 24th, 2008, 05:02 PM
#14
Originally Posted by morganlefay
XP SP2 turns on the firewall and blocks this by default...no?
MLF
That it does... but you're thinking way to logically.
People want to share files and run bittorrent clients (which test for them to have an open port in many cases). Disabling the windows firewall is extremely common.
I spent almost 2 years doing student support... and XP SP2 came out during that time... I'm willing to bet for every 100 students we saw, maybe 5 of them had the firewall turned on.
-
October 24th, 2008, 05:33 PM
#15
That it does... but you're thinking way to logically.
I tend to do that.... I ama 1 and 0 kinda girl.
specifically when assessing a threat...as to run around and apply patches untested to a production environment is risky to say the least and I like to see what the mitigating factors are before I patch.
I have seen some hasty patches totally fubar a server \application....
I err on the side of caution usually
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
October 25th, 2008, 03:22 PM
#16
Originally Posted by HTRegz
That it does... but you're thinking way to logically.
People want to share files and run bittorrent clients (which test for them to have an open port in many cases). Disabling the windows firewall is extremely common.
Also, if you enable file and printer sharing the windows firewall will automagically poke a hole in itself to allow traffic in from the local network. Even third party (personal) firewalls usually "trust" the local network.
Guess what that worm scans first?
Last edited by SirDice; October 25th, 2008 at 03:24 PM.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
October 25th, 2008, 04:19 PM
#17
Ports 138 139 and 445
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
October 25th, 2008, 06:03 PM
#18
Originally Posted by HTRegz
You'd be surprised at how many people just plug their computer into their cable modem still, or directly into their DSL. When I was home last christmas, I discovered that was how my sisters internet was setup... I unplugged it and went straight out and got a linksys router to put in between.
One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.
I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
You'll find a majority of college students using OSX these days (at least in the more prestigious universities)
Its trendy dont ya know
"...to give correctly is to give them what they need from us, for it would not be skillful to bring gifts to anyone that are in no way needed."
--Socrates
*Einstein Would Be Proud*
-
October 25th, 2008, 07:35 PM
#19
t34b4g5: Neg posted that on the third post.
SirDice: Good point
morganlefay: I believe SirDice was getting at the fact that your subnet is going to be scanned before it starts randomly scanning the internet, and your subnet is where it will find most of it's victims
C:\Saw: I doubt that it's a majority yet , but either way I've found that most OS X users tend to be running Windows along side of it because OS X doesn't do everything they need it to do.
-
October 25th, 2008, 07:49 PM
#20
HT...I know what Sir Dice was saying.....but if all the workstations are patched ...how does the worm get into the subnet...rogue laptops...dont have any. Unauthorized access to the network...not likely
All I am saying is there is now way in hell I will patch my server until I am confident it not going to break something.
Browsing the forums as we speak...looking to see if there are any issues with applying the patch in my environment.
All the workstation have had the update pushed on them ....
actually ....I had an issue with my laptop after the patch was applied...it knocked out both my nics....until I logged in with admin priviledges...and the patch was then fully incorporated....nics came back on line... Logged back in with the limited account...and voila..both nics worked again.
MLF
Last edited by morganlefay; October 25th, 2008 at 07:51 PM.
How people treat you is their karma- how you react is yours-Wayne Dyer
Similar Threads
-
By mohaughn in forum Microsoft Security Discussions
Replies: 1
Last Post: August 9th, 2005, 07:37 PM
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By mohaughn in forum Microsoft Security Discussions
Replies: 2
Last Post: October 13th, 2004, 04:31 AM
-
By spools.exe in forum Microsoft Security Discussions
Replies: 0
Last Post: September 15th, 2003, 09:47 PM
-
By NUKEM6 in forum Non-Security Archives
Replies: 10
Last Post: January 24th, 2002, 06:21 AM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|