It's important for all users (EFnet or otherwise) to patch their computers against the recent RPC/DCOM exploits.
This worm will exploit RPC, opening a shell to download (via tftp) the remainder of the worm. The worm then starts scanning (mostly) random IP's to furhter infect. When the shell is closed, RPC will crash, which may make it difficult to patch your machine.
If you are having problems patching because of RPC constantly crashing, follow the directions here. A tool for cleaning the worm is here, with directions for use.
For further information, read the following:
http://www.f-secure.com/v-descs/msblast.shtml
http://vil.nai.com/vil/content/v_100547.htm
MSBlast/Lovsan worm is making the rounds
Moderators: Website/Forum Admins, Other/Off Topic Moderators
MSBlast/Lovsan worm is making the rounds
In God we trust,
Everyone else must have an X.509 certificate.
Everyone else must have an X.509 certificate.
Like munky said, it is CRUCIAL for you to patch this security hole if you are running Windows. It is perhaps the easiest hole to exploit that Microsoft has had in a while. You might even have drones running on your computer now. Update your virus definitions and operating systems!
Josh Baird
[corrupt]@EFNet
O: irc.choopa.net
[corrupt]@EFNet
O: irc.choopa.net
and the interesting fallout from such 'white worms'
http://smlnk.com/?DDNA3NGQ
http://smlnk.com/?DDNA3NGQ
irc.he.net Notice -- Osc (osc@irc.packetmonkeys.com) is now an operator
<CHANFIX> You're now logged in with the following flags: ADMIN.
<OCF> Authentication successful. Welcome, Osc.
<CHANFIX> You're now logged in with the following flags: ADMIN.
<OCF> Authentication successful. Welcome, Osc.
Who is online
Users browsing this forum: No registered users and 11 guests