As many of you know, I occasionally get messages from the MS team on
various things. Today I got the following, and (personally) I think
it certainly is worthy of passing on.
If you haven't protected yourself from the sasser worm, GET THE HECK
OFF THE NET!! <Grin>
No, seriously, get the patch. And a firewall. Even one of the free
personal ones like Zome Alarm or Outpost or whatever, and then
hopefully, someday, all this ... stuff... will stop. (Hey, I can
dream, can't I? Yeah, I know, there's always going to be someone who
says "it won't happen to me" and won't do anything. Then it happens
to them. And they spread it on to everyone else who said "It can't
happen to me!" <sigh> )
Ok, time for me to shut up and you to read the important part of this
message. So, Read the below and... "Let's be safe out there!"
================================================== =====================
You can also locate information on resolving this problem at http://www.microsoft.com/security/incident/sasser.asp.
================================================== =====================
What is this alert?
- Microsoft has been made aware of a worm identified as
"W32.Sasser.worm" and it is currently circulating on the Internet.
The worm exploits the Local Security Authority Subsystem Service
(LSASS) vulnerability fixed in Microsoft Security Update MS04-011 on
April 13, 2004.
- Microsoft encourages customers to protect themselves against this
worm by installing Microsoft Security Bulletin MS04-011
<www.microsoft.com/technet/security/bulletin/ms04-011.mspx>
immediately.
- Customers who have enabled the Windows XP Firewall are protected
from the vector this worm attacks, which is TCP Port 139. Most third
party firewalls also block this attack vector by default.
If you have any questions regarding the security updates or its
implementation after reading the above listed bulletin you should
contact Product Support Services in the United States at
1-866-PCSafety (1-866-727-2338). International customers should
contact their local subsidiary.
Thank you,
Microsoft PSS Security Team 14  1669  c.*******@worldnet.att.net (Chuck Grimsby) wrote in
news:5f**************************@posting.google.c om: As many of you know, I occasionally get messages from the MS team
on various things. Today I got the following, and (personally) I
think it certainly is worthy of passing on.
If you haven't protected yourself from the sasser worm, GET THE
HECK OFF THE NET!! <Grin>
I am continually astonished at the stupidity of the broadband ISPs
who sell users a package that puts their Windows PCs right there on
the Internet with nothing in between them and the wild and woolly
world out there.
If your computer has a broadband connection and your PC is connected
directly to the cable/DSL modem, YOU ARE AN IDIOT.
Buy a Linksys router and plop it in between. This by default uses
NAT so that nothing on the inside of the router is accessible from
outside connections. This means that any exploit that spreads by
initiating a connection from the Internet to your PC cannot infect
your PC.
If you don't want to spend the $50 on that, then install a software
firewall.
I am running my PC connected directly to RoadRunner's network
because of a problem with RR's network (I'm hoping that a change to
RR's network in the next month will restore my ability to run behind
my router). Indeed, I was running in that configuration last August
when Blaster hit.
Did I get infected?
No!
Why?
Because I had a software firewall (Tiny Personal Firewall) that
prevented blaster from connecting. I also had the RPC locator
service disabled so that it wouldn't have worked even if I had not
had a firewall.
I was in California at the time, so it was not a situation where I
could have changed configurations easily (I had VNC set up and
listening for connections, so I was able to connect to my PC and
remote control it to do various things like check my email).
So, I was running in a dangerous configuration, but I was still not
infected.
It used to be that I didn't recommend a software firewall for
dialup, because dialup users didn't get hit by connection requests
(this was based on my own experience of using a software firewall
with a dialup connection; I'd see a probe about once a week), but
that as changed drastically. You probably need a software firewall
with dialup, as well.
No, seriously, get the patch. And a firewall. Even one of the
free personal ones like Zome Alarm or Outpost or whatever, and
then hopefully, someday, all this ... stuff... will stop. (Hey, I
can dream, can't I? Yeah, I know, there's always going to be
someone who says "it won't happen to me" and won't do anything.
Then it happens to them. And they spread it on to everyone else
who said "It can't happen to me!" <sigh> )
This is a case where you should do several things:
1. get the patch.
2. get a firewall.
3. revise your network infrastructure to protect yourself by default
from outside exploits.
In regards to the patches, I don't usually install MS's security
patches because they mostly don't apply to me. But any RPC patches I
download and apply immediately, as those are pretty important. Same
with the LSASS patch (wasn't that what this worm was exploiting?).
But, again, if your PC is unreachable on a NAT subnetwork, it can't
be infected from an outside connection (initiated by a PC outside
your NAT subnetwork -- if there's another PC on your network that's
infected, it can infect all the NAT PCs) even if your PC has none of
the patches and no firewall running.
But don't get too complacent if you have that scenario -- it can't
protect you from worms that get to your PC through other vectors,
like email viruses. A NAT router won't do anything to stop an
outgoing connection from a trojan- or worm-infected PC.
Code Red and Nimda should have been the wake-up calls for everyone
when this came up, just as ILOVEYOU should have been for vbScript
and the Windows Scripting Host.
But most people simply don't pay attention.
And look at the mess we're in.
--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
RE/ It used to be that I didn't recommend a software firewall for
dialup, because dialup users didn't get hit by connection requests
(this was based on my own experience of using a software firewall
with a dialup connection; I'd see a probe about once a week), but
that as changed drastically. You probably need a software firewall
with dialup, as well.
I've had nothing but dialup.
My Norton firewall reports a steady stream of SQL Server Worm attempts.
--
PeteCresswell
"(Pete Cresswell)" <x@y.z> wrote in
news:lh********************************@4ax.com: RE/It used to be that I didn't recommend a software firewall for
dialup, because dialup users didn't get hit by connection requests
(this was based on my own experience of using a software firewall
with a dialup connection; I'd see a probe about once a week), but
that as changed drastically. You probably need a software firewall
with dialup, as well.
I've had nothing but dialup.
My Norton firewall reports a steady stream of SQL Server Worm
attempts.
But that wasn't the case before Code Red and Nimda. I know, because
I had dialup then.
You certainly need it now.
--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc c.*******@worldnet.att.net (Chuck Grimsby) wrote in message news:<5f**************************@posting.google. com>... As many of you know, I occasionally get messages from the MS team on
various things. Today I got the following, and (personally) I think
it certainly is worthy of passing on.
If you haven't protected yourself from the sasser worm, GET THE HECK
OFF THE NET!! <Grin>
No, seriously, get the patch. And a firewall. Even one of the free
personal ones like Zome Alarm or Outpost or whatever, and then
hopefully, someday, all this ... stuff... will stop. (Hey, I can
dream, can't I? Yeah, I know, there's always going to be someone who
says "it won't happen to me" and won't do anything. Then it happens
to them. And they spread it on to everyone else who said "It can't
happen to me!" <sigh> )
Ok, time for me to shut up and you to read the important part of this
message. So, Read the below and... "Let's be safe out there!"
================================================== =====================
You can also locate information on resolving this problem at
http://www.microsoft.com/security/incident/sasser.asp.
================================================== =====================
What is this alert?
- Microsoft has been made aware of a worm identified as
"W32.Sasser.worm" and it is currently circulating on the Internet.
The worm exploits the Local Security Authority Subsystem Service
(LSASS) vulnerability fixed in Microsoft Security Update MS04-011 on
April 13, 2004.
- Microsoft encourages customers to protect themselves against this
worm by installing Microsoft Security Bulletin MS04-011
<www.microsoft.com/technet/security/bulletin/ms04-011.mspx>
immediately.
- Customers who have enabled the Windows XP Firewall are protected
from the vector this worm attacks, which is TCP Port 139. Most third
party firewalls also block this attack vector by default.
If you have any questions regarding the security updates or its
implementation after reading the above listed bulletin you should
contact Product Support Services in the United States at
1-866-PCSafety (1-866-727-2338). International customers should
contact their local subsidiary.
Thank you,
Microsoft PSS Security Team
Looks like Spam, even though the advice is sound...
Google 1-866-727-2338
You'll get http://www.mind.com.my/
Jeffrey Walton
noloader
David W. Fenton wrote: If your computer has a broadband connection and your PC is connected
directly to the cable/DSL modem, YOU ARE AN IDIOT.
Another word of warning, although Windows XP has a built in firewall, it
is not activated during setup so unplug your BB connection when setting
up Windows. I got the Welchia worm this way, didn't really stand a
chance since the worm was there during setup, the first program I
installed was NAV, which detected it.
--
Error reading sig - A)bort R)etry I)nfluence with large hammer
Trevor Best <nospam@localhost> wrote in
news:40***********************@auth.uk.news.easyne t.net: David W. Fenton wrote:
If your computer has a broadband connection and your PC is
connected directly to the cable/DSL modem, YOU ARE AN IDIOT.
Another word of warning, although Windows XP has a built in
firewall, it is not activated during setup so unplug your BB
connection when setting up Windows. I got the Welchia worm this
way, didn't really stand a chance since the worm was there during
setup, the first program I installed was NAV, which detected it.
WinXP service pack 2 will roll out a new firewall and will turn it
on by default.
--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
David W. Fenton wrote: Trevor Best <nospam@localhost> wrote in
news:40***********************@auth.uk.news.easyne t.net:
David W. Fenton wrote:
If your computer has a broadband connection and your PC is
connected directly to the cable/DSL modem, YOU ARE AN IDIOT.
Another word of warning, although Windows XP has a built in
firewall, it is not activated during setup so unplug your BB
connection when setting up Windows. I got the Welchia worm this
way, didn't really stand a chance since the worm was there during
setup, the first program I installed was NAV, which detected it.
WinXP service pack 2 will roll out a new firewall and will turn it
on by default.
But it doesn't fix the installation, which won't have the SP applied
until after installation.
--
Error reading sig - A)bort R)etry I)nfluence with large hammer
Trevor Best <nospam@localhost> wrote: Busted!
http://news.bbc.co.uk/1/hi/world/europe/3695857.stm
Thanks for the URL.
"The arrest was made after informants contacted Microsoft on Wednesday, inquiring
about reward money should they turn in the man. "
Hahaha. So he boasted about it to his "buddies".
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at http://www.granite.ab.ca/accsmstr.htm
Tony Toews wrote: Trevor Best <nospam@localhost> wrote:
Busted!
http://news.bbc.co.uk/1/hi/world/europe/3695857.stm
Thanks for the URL.
"The arrest was made after informants contacted Microsoft on Wednesday, inquiring
about reward money should they turn in the man. "
Hahaha. So he boasted about it to his "buddies".
I wonder if the Germans have an equivalent of ADC :-)
--
Error reading sig - A)bort R)etry I)nfluence with large hammer
Trevor Best <nospam@localhost> wrote: Hahaha. So he boasted about it to his "buddies".
I wonder if the Germans have an equivalent of ADC :-)
ADC?
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at http://www.granite.ab.ca/accsmstr.htm
Tony Toews wrote: Trevor Best <nospam@localhost> wrote:
Hahaha. So he boasted about it to his "buddies".
I wonder if the Germans have an equivalent of ADC :-)
ADC?
America's Dumbest Criminals, a TV show.
My favorite is a gang that decided to invest the proceeds of a bank
robbery, one of them went to another bank and asked the teller...
Robber: How much can I deposit before you have to call the FBI?
Teller: $10,000
Robber: I'd like to deposit $9,999 please.
Didn't look suspicious did it? :-)
--
Error reading sig - A)bort R)etry I)nfluence with large hammer
Trevor Best <nospam@localhost> wrote: ADC?
America's Dumbest Criminals, a TV show.
Ah, gotcha.
My favorite is a gang that decided to invest the proceeds of a bank
robbery, one of them went to another bank and asked the teller...
Robber: How much can I deposit before you have to call the FBI?
Teller: $10,000
Robber: I'd like to deposit $9,999 please.
Didn't look suspicious did it? :-)
<snicker> I'm told that US banks, and likely Cdn ones, look for cash deposits
larger than $3,000 and report those.
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at http://www.granite.ab.ca/accsmstr.htm This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Jason |
last post by:
Hi guys,
I am having problems with VML. I had been working on a problem for
sometime now, and I just recently discovered what the problem really
was: VML was anti-aliasing my rectangles, but I...
|
by: Maxim Shemanarev |
last post by:
I'd like to announce my project called Anti-Grain Geometry.
http://www.antigrain.com
Anti-Grain Geometry (AGG) is an Open Source, free of charge graphic
library, written in industrially standard...
|
by: rgoya |
last post by:
Peace be with you!
About a year ago, I created a JavaScript which turns
any web site into an online anti-war protest:
http://www.geocities.com/rgoya/javascript/PROTEST.HTM
I have recently...
|
by: Michel |
last post by:
Is there a way I can anti-aliasing a gif to be able to get a
hi-quality resizeable backgroundpicture.
When a GIF of JPG is being resized by the browser you get wurse
pictures because it needs a...
|
by: bissatch |
last post by:
Hi,
I want to display text on screen with anti aliasing to make it appear
smoother. Is it possible to do this in browsers by perhaps applying a
style to it or is it entirely up the the browser?...
|
by: Martin Eyles |
last post by:
Hi,
I have some text on a page in a small font. The font size has been OK in
other applications, but in a web browser, the legebility suffers due to the
anti-aliasing. Is there a way to turn off...
|
by: Mark Rae |
last post by:
Hi,
Just a general question, really...
Is anyone here using any of Microsoft's latest anti-virus / anti-spyware
software?...
|
by: Mike |
last post by:
Hi,
I took an interest a few months ago in an anti framebreaker
javascript. All my research told me that it was impossible. If a
website is loaded into a frame/iframe then if it has frame...
|
by: adam.timberlake |
last post by:
I was following an article on a website earlier, and although it
outputted the pie chart for me perfectly, I want to make it anti-
aliased somehow. I have linked to the specific article below just...
|
by: Roderik |
last post by:
Hi,
On my website I implemented tooltip alike layers when you hover the
category items in the sidebar on the right.
See: http://www.roderik.net/
The layers that become visible have a...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |
