Do Not Sell My Personal Information Jump to content
Ad: Genuine Lexus parts & accessories from the Lexus official store on eBay ×


  • Join The Club

    Join the Lexus Owners Club and be part of the Community. It's FREE!

     

Ms Blast...

rhaines

By rhaines
in Lexus Owners Club Lounge

 Share

Recommended Posts

rhaines Mentor

rhaines

Posted
Posted

Well the office has now been hit hard by MSBlast and as usual I am being forced to firefight due to no pro-active action being taken.

Don't suppose anyone knows a good piece of kit that exists in hardware form that we could plug into the system so any traffic coming into the office has to pass through and get virus checked at the point of entry/exit from the office ?

I guess it's time for me to make some suggestions to the network/software dept. again....

Link to comment
Share on other sites
TonyGoose Veteran

TonyGoose

Posted
Posted

This one's cleverer than that mate.

Machine can be affected without actually being infected.

As a first step, you might want to block tcp port 135 (RPC-Service).

But once it's in your network, the whole subnet is at risk.

See here for virus details ...

http://vil.nai.com/vil/content/v_100547.htm

And here for a handy utility to run to clean this and other recent baddies ...

http://vil.nai.com/vil/stinger/

Apply the fix for the MS RPC service from here...

http://www.microsoft.com/technet/treeview/...in/MS03-026.asp

And make sure you re-boot the machine once it's applied !!!

Hope that is some help

:mat:

Link to comment
Share on other sites
ColinBarber Grand Master

ColinBarber

Posted
Posted

From tomorrow machine that have the virus will try and attack windowsupdate.microsoft.com. Depending on how many machines you have and the size of your Internet connect it may fill your pipe.

Have a look at:

http://securityresponse.symantec.com/avcen...aster.worm.html

http://vil.nai.com/vil/content/v_100547.htm

http://www.microsoft.com/security/incident/blast.asp

Claire, do you work for NAI?

Link to comment
Share on other sites
ColinBarber Grand Master

ColinBarber

Posted
Posted
Don't suppose anyone knows a good piece of kit that exists in hardware form that we could plug into the system so any traffic coming into the office has to pass through and get virus checked at the point of entry/exit from the office ?

The problem with virus checkers is that they work on virus definations to detect the virus. When a new one comes out they don't know about it and you get infected. The WebShield Appliances wouldn't have stopped this worm. Your firewall should be blocking all ports coming in which would have stopped this. However there are other ways it could have got in (users with notebooks, bringing in CDs etc).

A bit late now but the only way to have stopped this was to patch all your machines when Microsoft announced the vulnerability in July. Once they announce a security problem then viruses and worms get written to take advantage of a known problem so these should be actioned asap.

Link to comment
Share on other sites
dlayen Proficient

dlayen

Posted
Posted
From tomorrow machine that have the virus will try and attack windowsupdate.microsoft.com. Depending on how many machines you have and the size of your Internet connect it may fill your pipe.

Have a look at:

http://securityresponse.symantec.com/avcen...aster.worm.html

http://vil.nai.com/vil/content/v_100547.htm

http://www.microsoft.com/security/incident/blast.asp

Claire, do you work for NAI?

microsoft site is down now!!!!!

Link to comment
Share on other sites

ColinBarber Grand Master

ColinBarber

Posted
Posted

I guess a problem with your ISP then. This worm is affecting many customers and ISPs at the moment and it will get worse tomorrow.

The symantec test only checks if your machine has the virus. You machine can still be attacked which the test will not detect. You need to install the Microsoft patch to stop machines from being affected by an attack.

Link to comment
Share on other sites
TonyGoose Veteran

TonyGoose

Posted
Posted
i make you correct now but for the last half an hour it's been down.

i don't have virus already run symantec test yesterday

We've had a problem getting to www.microsoft.com this morning ...

but only from one of our proxy servers.

Other proxy and bypassing proxy = no problem.

Affected proxy not infected or being attacked so not sure what's going on.

Fix applied anyway so shouldn't be a problem.

Reboot of affected proxy seemed to sort it.

:duh:

Link to comment
Share on other sites
mudzs Grand Master

mudzs

Posted
Posted

I had a message on my computer the other day that kept on shutting it down .it gave me 60secs everytime i turned it on then it just turned off the computer .Could this have been a virus the only way to rid it was to download an update from microsoft site :question: but realy do not know what it was or how i got rid of it just presumed it was won of the updates that i downloaded that did the trick :iraqi-info-minister:

Link to comment
Share on other sites

james2210 Collaborator

james2210

Posted
Posted

So Claire, you work at NAI. I know it's a bit cheeky to ask, but is there someone you can recommend who I can ask a technical question regarding Webshield SMTP? I tried using the prime support portal thingymebob but have not received a reply yet and that was nearly two weeks ago!

Link to comment
Share on other sites

Latest Deals

Lexus Official Store for genuine Lexus parts & accessories

Disclaimer: As the club is an eBay Partner, The club may be compensated if you make a purchase via eBay links

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing





Lexus Owners Club Powered by Invision Community


eBay Disclosure: As the club is an eBay Partner, the club may earn commision if you make a purchase via the clubs eBay links.

DISCLAIMER: Lexusownersclub.co.uk is an independent Lexus forum for owners of Lexus vehicles. The club is not part of Lexus UK nor affiliated with or endorsed by Lexus UK in any way. The material contained in the forums is submitted by the general public and is NOT endorsed by Lexus Owners Club, ACI LTD, Lexus UK or Toyota Motor Corporation. The official Lexus website can be found at http://www.lexus.co.uk
×
  • Create New...