|
January 25, 2003
Hey
everyone,
Yesterday, there was a major attack on Windows 2000 servers
worldwide. This was by a "worm" as opposed to a "virus." A worm gets into a
machine through the Internet without having an email opened. The biggest threat
seemed to be in Asia. Here in the US, sounds like B of A was hit the hardest
making it impossible for people to withdraw funds from ATMs - but funds are not
at risk. A general slowing of the Internet was noticed in many areas.
At
a personal computer level, you wouldn't have been affected - except for some
possible higher firewall traffic. This is a warning, though, to keep a personal
firewall enabled on your system at all times.
More details
below
From one of my favorite security sites: www.grc.com
Very early Saturday morning (25 Jan 2003) global
Internet traffic was dramatically impacted by the self-replicating efforts of a
new Internet worm. The combined effect of the worm's aggressive, high-speed
probing by tens of thousands of infected Windows machines generated traffic
sufficient to congest major Internet traffic exchange points and cause worldwide
problems.
Twelve hours later, though tens of thousands of Windows
systems remain infected and continue attempting to infect others, the Internet's
largest "backbone" carriers and ISPs are now "filtering" (blocking) the worm's
replication traffic to limit its global disruption.
Personal firewall
log watchers will probably have noted an increase in "probes" to port 1434.
(Microsoft SQL Server's monitor port.) Each probe contains a complete copy of
the worm, being sent to random Internet IP addresses by copies of the worm
running within infected Windows-based computers.
Beyond the
inconvenience of a slow Internet, and rapidly filling personal firewall logs,
personal computer users have little to fear from this worm because it only
targets and infects unpatched versions of Microsoft's SQL server, usually only
present on corporate servers.
To read
more about this worm, go here: http://www.symantec.com/avcenter/venc/data/w32.sqlexp.worm.html
and
here: http://www.bayarea.com/mld/mercurynews/5031393.htm
************************
Hope you enjoyed the ride....
Clyde Lerner, In The Moment Computing
Phone: 408.732.8500
E-mail comments/feedback to: http://www.itmcomputing.com/contact_computer.php
This newsletter is a service of In The Moment Computing and is Copyright 2005 Clyde Lerner. All worldwide rights reserved. If forwarding, please forward all of e-mail, not any portion therein. To see past issues of This and That Computer Tips newsletter, please visit the web at: http://www.itmcomputing.com/newsletter.php and click on "Archives."
Please note: Unless requested, questions pertaining to this newsletter will be answered in a 3-4 week time frame. If you need a faster response, there will be a small consultation fee of $15 per e-mail response. You will receive a reply within 48 hours.
"Complete Computer Help (Networks, New Computer Installs, Software Training) for Individuals and Small Businesses"
"Designing your Perfect Website, at an Affordable Cost, in a Timely Manner"
Eliminate and Destroy unwanted email: http://spamarrest.com/affl?1337207
Send a greeting card through the Internet so recipient gets card in their postal mailbox: www.sendoutcards.com/7197 - let me walk you through how to send a card - it's easy.
©2003 In The Moment (ITM) Computing. All rights reserved.
|
