Printable View
Thats a damn interesting virus, would love to have a look inside and I guess I am really intrigued as to who actually wrote it. Maybe it was some guy who had just had enough of being called by family members to solve problems with ME cos he's the smart Linux geek kid...
This wasn't a well coded worm. It fact it was crap.
For a start they got the address wrong - windowsupdate.com isn't used by Win98, 2K, XP, or 2003. These have always linked to windowsupdate.microsoft.com, and still do so :)
windowsupdate.com just redirected you.
Also, it can unintentionally cause infected PCs to crash due to badly written code.
Makes you wonder what a well written worm targetting microsoft.com would do though.
Trouble is, you will always have a lot of unpatched home PCs which will host this type of worm. Food for thought for MS I suppose .. can you really protect yourself against a massive DoS attack ??
Good question. In my opinion, nothing can stop a DDoS. It takes a human effort to thwart a human problem.Quote:
Originally posted here by darkes
Food for thought for MS I suppose .. can you really protect yourself against a massive DoS attack ??
I heard that they didnt really code it to attack windowsupdate.com. they just coded it to attack the ip addr. But MS changed the IP of their windowsupdate site and all seems to working fine now. although windowsupdate is as slow as hell now and running updates for my systems in the office is really wasting my time.
If you figure it out, tell Superb.net. My work's site and email have been down all day! Bastard DoS attacks.Quote:
While what you say is true, it is important to add (add one of the articles did) that they changed the ROUTE as well... keeping it "away" from MS traffic. Changing the IP address to a new one behind the same router is pointless.Quote:
Originally posted here by r8devil
But MS changed the IP of their windowsupdate site and all seems to working fine now.
In addition, I'm not sure how this virus was written, but in theory you could just write the virus to attack the DOMAIN, not the IP. When the DoS packets go out, a normal DNS lookup takes place and the traffic is still directed at the target server, thus making a successful DoS. Or am I missing something?
I agree, lets stab everyone who has DDOS tools :) ****ing lamers.Quote:
Originally posted here by Showtime8000
Good question. In my opinion, nothing can stop a DDoS. It takes a human effort to thwart a human problem.