The Subaru SVX World Network   SVX Network Forums
Live Chat!
SVX or Subaru Links
Old Lockers
Photo Post
How-To Documents
Message Archive
SVX Shop Search
IRC users:

Go Back   The Subaru SVX World Network > SVX Main Forums > Not Exactly SVX

Reply
 
Thread Tools Rate Thread Display Modes
  #16  
Old 08-13-2003, 10:32 AM
RSVX RSVX is offline
Network Design Administrator
 
Join Date: Feb 2002
Location: Boiling Springs, SC
Posts: 4,344
Quote:
Originally posted by Andy
Windows update is free too (do you have to do it three times before it works?)
ROFL!! No, but whenever I find myself there, I install whatever is there and go back just to check, cause sometimes there are updates to the updates you just made if its been a while...
__________________
Chris
SVX World Network Administrator
-1993 Subaru SVX LS-L, Barcelona Red, #46, 160,000+ Miles (Sold to SomethingElse)
-2011 Toyota Sienna SE, Black, 30,000+ Miles (Swagger Wagon )
-2002 BMW R 1150R ABS, Black, 26,000+ Miles (Daily Driver )
SVX Owner from February 1997 to March 2008
SVX Online Community Member since February 1998
SVX World Network Member since February 2002, Member #520

Life is a game. Play to win.
The world belongs to those who can laugh at it.
Reply With Quote
  #17  
Old 08-13-2003, 04:02 PM
Landshark's Avatar
Landshark Landshark is offline
Hater
 
Join Date: Mar 2002
Location: The Burgh
Posts: 10,807
i recommend McAfee Firewall. not only does it block stuff coming in, but also lets you know when stuff is going out so you can block that, too, if you want. you'd be suprised how many programs i bust trying to get on the web. my freakin' Microsoft wireless mouse software tries to get on the web! i think Windows Media player tries to get on the web a little too much for my liking, too. and its not just Microsoft stuff, either.

McAfee VirusScan has killed anything that has tried to get in my bizniz. with VirusScan and Windows set to automatically update themselves, i just sit back and relax.
__________________
Alan

1987 928 S4 (Black) SOLD!
1997 SVX LSi (Ebony) SOLD!
2005 Legacy GT (Silver) [Cobb Stg 2+] SOLD!
1987 928 S4 (Black) SOLD!
2005 Forester XT Premium (Crystal Gray Metallic) SOLD!
2008 Lancer Evolution X MR (Apex Silver) [Cobb Stg 1+]
2015 Outlander Sport 2.4GT AWD (Mercury Gray)
2013 G37xS (Obsidian Black)
Reply With Quote
  #18  
Old 08-13-2003, 04:36 PM
thumper_svx's Avatar
thumper_svx thumper_svx is offline
Either committed, or should be
 
Join Date: Mar 2001
Location: St. Louis, MO
Posts: 541
Send a message via ICQ to thumper_svx Send a message via Yahoo to thumper_svx
Registered SVX
My turn to weigh in on this...

First of all, a fifty-dollar firewall probably will protect you from this RPC virus! Yes, it's true that most firewalls don't block UDP... but the UDP would have to be transferred directly to your machine to have an effect. Unless you've got a static mapping for all TCP and UDP ports on your firewall pointing at your workstation, then you'll be fine. I've tested this in a lab, and it works (yes, we have a copy of the worm "in captivity").

Second, the most important thing to realize (which I discovered the hard way this morning) is that the MS03-026 patch from Microsoft DOES NOT ALWAYS WORK! It says it worked, it shows up in Add/Remove Programs, it even writes registry entries... but DOES NOT REPLACE THE BAD FILES. That means your box can still be vulnerable even though you patched it.

Where I'm working right now, we have about 200 servers that were all patched last week. This morning on a whim I created a test script that would compare file versions as well as check the registry entries (which is our default method of finding out if the patches are installed properly). Lo and behold I find 53 servers that are lacking the necessary files... running a little tool called scanms (a non-destructive tool that tests for the DCOM vulnerability) I confirmed that all of these servers were vulnerable even though the patch was showing as installed. I have to return to work at 1am and start patching before 6am... it's gonna be a long night.

Hope this helps someone avoid getting bitten the way I just have!
__________________
Ich bin ein SVXer wieder

My Rides:
Red 1996 SVX LSi (Saffron)
2007 Yamaha FJR1300 (Kaitlin)

Previously owned; green '95 L AWD (sold), black/pearlie '94 LSi (too many problems), Polo Green '96 SVX LSi (apparently notThe end of an era)

Member #2 in the Yahoo! club, been here since the beta-testing days. In dire need of a cheaper hobby.
Reply With Quote
  #19  
Old 08-13-2003, 05:49 PM
Subafreak's Avatar
Subafreak Subafreak is offline
Superbeast
 
Join Date: Aug 2002
Location: Central Village Ct.
Posts: 4,330
I think maybe it went away? This is the longest I'v been able to stay on line so far.



So if this is in my box do I
1. set up fire wall
2. load update?

What exactly do I have to do to get it out first.





Damn it I just figured out how to down load music too, and now this crap has to happen.
__________________
92 SVX #772 140k 6speed, ECU Tune stage II, Koni/Ground control, 3,270lbs.
91 Legacy Turbo 5spd. FMIC, crappy stock turbo, ACT clutch.
78 BRAT (New toy) (Soon to be EJ22T powered)
90 240 SX. RB25 powered!! DRIFT!!!111!!! (GF's car)

To many cars to spend time on teh web!
Reply With Quote
  #20  
Old 08-13-2003, 06:04 PM
Subafreak's Avatar
Subafreak Subafreak is offline
Superbeast
 
Join Date: Aug 2002
Location: Central Village Ct.
Posts: 4,330
Damn it there it goes again!
__________________
92 SVX #772 140k 6speed, ECU Tune stage II, Koni/Ground control, 3,270lbs.
91 Legacy Turbo 5spd. FMIC, crappy stock turbo, ACT clutch.
78 BRAT (New toy) (Soon to be EJ22T powered)
90 240 SX. RB25 powered!! DRIFT!!!111!!! (GF's car)

To many cars to spend time on teh web!
Reply With Quote
  #21  
Old 08-13-2003, 06:33 PM
RSVX RSVX is offline
Network Design Administrator
 
Join Date: Feb 2002
Location: Boiling Springs, SC
Posts: 4,344
Go to Nortons site, they have a scan/removal tool. No you dont need to have Norton or buy anything to use this tool. When that tool is done it will send you to a website to DL the patch that works (most of the time). But again, use windows update after all of this and try to use it weekly if you dont want to set it up automatically.
__________________
Chris
SVX World Network Administrator
-1993 Subaru SVX LS-L, Barcelona Red, #46, 160,000+ Miles (Sold to SomethingElse)
-2011 Toyota Sienna SE, Black, 30,000+ Miles (Swagger Wagon )
-2002 BMW R 1150R ABS, Black, 26,000+ Miles (Daily Driver )
SVX Owner from February 1997 to March 2008
SVX Online Community Member since February 1998
SVX World Network Member since February 2002, Member #520

Life is a game. Play to win.
The world belongs to those who can laugh at it.
Reply With Quote
  #22  
Old 08-13-2003, 06:46 PM
SVX26517
Guest
 
Posts: n/a
Unhappy

i run windows XP Pro on my vaio and once and a while it will log into an account then log off in like 30 seconds. It seems like someones remote connectioning me. Now i have 2 firewalls going, the XP firewall that keeps a log for me of whoever does it and Norton Internet Security Which detects anything trying to access your computer and gives ya their address, which i think is REAL NICE
Reply With Quote
  #23  
Old 08-13-2003, 08:25 PM
Subafreak's Avatar
Subafreak Subafreak is offline
Superbeast
 
Join Date: Aug 2002
Location: Central Village Ct.
Posts: 4,330
Thanks guys. I actually folowed the stuff on Trevors post, it confused the hell out of me but I think I got it all and I havn't seen worm boy for like 3hrs. now so I'll keep my fingers crossed. Or not, it's hard to type like that.
__________________
92 SVX #772 140k 6speed, ECU Tune stage II, Koni/Ground control, 3,270lbs.
91 Legacy Turbo 5spd. FMIC, crappy stock turbo, ACT clutch.
78 BRAT (New toy) (Soon to be EJ22T powered)
90 240 SX. RB25 powered!! DRIFT!!!111!!! (GF's car)

To many cars to spend time on teh web!
Reply With Quote
  #24  
Old 08-17-2003, 03:48 PM
2MuchFun
Guest
 
Posts: n/a
Thanks again you guys! That copy/paste problem was about to drive me batty!
Reply With Quote
  #25  
Old 08-21-2003, 01:34 AM
Seraph's Avatar
Seraph Seraph is offline
I abuse them one at a time
 
Join Date: Apr 2001
Location: Northbrook, Illinois, USA, Earth, Solar System... you get the picture
Posts: 7,176
Send a message via AIM to Seraph Send a message via Skype™ to Seraph
I had all 3 of my computers down due to this little bug for a whole day. One simple, FREE fix is to go get linux. One of the three is going to go back to linux.

The funny thing is it seems like a time released virus. I have seen that on my computer for a while and none of the virus scanners seemed to have picked it up. I have norton 2k3 and mcafee. Also trendmicro's online scanner did not pick it up either.

Check your registry to see if msblast is still there. You can patch it and have a firewall up but if it is still there, it's still there. It just can't do any harm yet. Since I run a file printer sharing LAN at home, it's a pain and anything can go in/out.

I used to have sessionwall (security firewall/audit/watcher/big-brother software) tucked away somewhere. Still have to find that sucker to put it on.

One good thing came out of it. 2 of my 3 computers needed a format and they got it. They are running fresh and fast again.

L
__________________
Lwin M. Maung (Member # 147)
Current SVX: NONE
Previous SVXes: •1994 LE Barcelona Red 107k • 1992 LS-L Pearl White 143k • 1994 LSi Bordeaux Pearl 220k • 1992 LS-L Ebony Pearl 184k • 1992 LS-L Liquid Silver 145k • 1992 LS-L Liquid Silver 102k • 1992 LS-L Ebony Pearl 123k
Other current cars:2001 Jeep Grand Cherokee Black
If at first you don't succeed, CHEAT!
Reply With Quote
  #26  
Old 08-21-2003, 01:37 AM
Seraph's Avatar
Seraph Seraph is offline
I abuse them one at a time
 
Join Date: Apr 2001
Location: Northbrook, Illinois, USA, Earth, Solar System... you get the picture
Posts: 7,176
Send a message via AIM to Seraph Send a message via Skype™ to Seraph
Zone Alarm : Free

Zone Alarm is a joke. It's a firewall for dummies. It is a pain in the rear-end to use and I can't truely configure it. It's more of a software protection so that you can't really do anything dumb to the computer. Call it dummy protector if you will. It's functionality is really poor for a power user.
__________________
Lwin M. Maung (Member # 147)
Current SVX: NONE
Previous SVXes: •1994 LE Barcelona Red 107k • 1992 LS-L Pearl White 143k • 1994 LSi Bordeaux Pearl 220k • 1992 LS-L Ebony Pearl 184k • 1992 LS-L Liquid Silver 145k • 1992 LS-L Liquid Silver 102k • 1992 LS-L Ebony Pearl 123k
Other current cars:2001 Jeep Grand Cherokee Black
If at first you don't succeed, CHEAT!
Reply With Quote
  #27  
Old 09-24-2003, 04:25 PM
Earthworm's Avatar
Earthworm Earthworm is offline
Meow!
 
Join Date: Mar 2002
Location: Winnipeg, Manitoba
Posts: 11,957
Send a message via ICQ to Earthworm Send a message via AIM to Earthworm Send a message via MSN to Earthworm Send a message via Yahoo to Earthworm Send a message via Skype™ to Earthworm
Hehe, good ol' Blaster worm. Our call center was flooded with calls for quite some time when that came out. Fixing it was easy though.

1. Enable XP firewall (so you don't get booted)
2. Install MS Patch (to close the door on the worm)
3. Run Norton's removal tool (to kill the worm)

It's amazing all the variants of this worm to take advantage of the same exploit. There was even a variant that would spread and remove the Blaster worm.
Reply With Quote
  #28  
Old 09-24-2003, 05:04 PM
Darksied-X's Avatar
Darksied-X Darksied-X is offline
Recluse
 
Join Date: Jun 2003
Location: Oakland, Maine
Posts: 899
Send a message via MSN to Darksied-X Send a message via Yahoo to Darksied-X
Quote:
Originally posted by Earthworm
Hehe, good ol' Blaster worm. Our call center was flooded with calls for quite some time when that came out.
I have a sneaking suspicion that you have about another week or two before you get flooded again, this time with calls about the worm exploiting the new remote access flaw.
__________________
-Evil Jeff

'03 WRX Wagon, World Rally Blue
'94 SVX LSi, Barcelona Red
'89 XT6 4WD, Grey & Rust
(and legally, an '01 Outback VDC skankmobile)
Reply With Quote
  #29  
Old 09-24-2003, 05:08 PM
Chicane Chicane is offline
Anti-BS Vigilante
 
Join Date: Feb 2003
Location: Madison, WI
Posts: 3,057
Send a message via ICQ to Chicane Send a message via AIM to Chicane
Ugh. I had to do a bunch of XP related networking this week. >sigh<

I really don't know why you guys put up with windows at all. OOO YAY WE HAVE NEW FISCHER PRICE LOOKING BUTTONS AND PLUG AND PLAY! But you know what? Underneath, its still a un-intuitive P.O.S. Yes. It is quite stable. But just because its stable doesn't make it good.

- Rob <--- looking forward to getting home and being on his iMac
Reply With Quote
  #30  
Old 09-24-2003, 05:34 PM
Darksied-X's Avatar
Darksied-X Darksied-X is offline
Recluse
 
Join Date: Jun 2003
Location: Oakland, Maine
Posts: 899
Send a message via MSN to Darksied-X Send a message via Yahoo to Darksied-X
Quote:
Originally posted by Chicane
Ugh. I had to do a bunch of XP related networking this week. >sigh<

I really don't know why you guys put up with windows at all. OOO YAY WE HAVE NEW FISCHER PRICE LOOKING BUTTONS AND PLUG AND PLAY! But you know what? Underneath, its still a un-intuitive P.O.S. Yes. It is quite stable. But just because its stable doesn't make it good.

- Rob <--- looking forward to getting home and being on his iMac
While I agree whole-heartedly that Windows is a P.O.S., MacOS is just as bad, if not worse. I've had way too many problems with Macs to ever own one.

If I had the knowledge and ability to use Linux, and use it right, I'd switch in an instant. Unfortunately, my computer teacher in college skipped Linux because it wasn't important enough, instead focusing on DOS. Man, I hate that guy.
__________________
-Evil Jeff

'03 WRX Wagon, World Rally Blue
'94 SVX LSi, Barcelona Red
'89 XT6 4WD, Grey & Rust
(and legally, an '01 Outback VDC skankmobile)
Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:08 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
© 2001-2015 SVX World Network
(208)-906-1122