Author Topic: Windows Worm knocks down corporations  (Read 12524 times)

0 Members and 2 Guests are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Windows Worm knocks down corporations
« on: August 17, 2005, 09:13:46 am »
http://www.vnunet.com/vnunet/news/2141224/windows-worm-knocks

It owned "CNN, ABC and the New York Times. DaimlerChrysler, United Parcel Service and Kraft Foods too reported that they were affected."

Make sure you all apply patch MS05-039.  This worm only affects Win2k, but xp is still vulnerable!

Offline RoMi

  • x86
  • Hero Member
  • *****
  • Posts: 502
  • gg no re
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #1 on: August 17, 2005, 10:35:33 am »
CNN was actually hit pretty hard.  All thier broadcasts were pushed back 30 minutes.
-RoMi

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Windows Worm knocks down corporations
« Reply #2 on: August 17, 2005, 11:07:59 am »
* Jojo the Jester gives up on moving things to the security board.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #3 on: August 17, 2005, 11:34:08 am »
This is more "News" than "Security"

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #4 on: August 17, 2005, 11:47:43 am »
I saw this on the Today show.

Also, the worm only hits you if you download stupid files, i think i'm fine. :)

Edit: not to mention Trend Micro kills it.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline c0n

  • Full Member
  • ***
  • Posts: 201
  • I'm new here!
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #5 on: August 17, 2005, 12:07:56 pm »
h0h0h0~

Offline GameSnake

  • News hound
  • Hero Member
  • *****
  • Posts: 2937
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #6 on: August 17, 2005, 12:52:22 pm »
If it only effects Win2k computers then my question is obvious: why the hell are they still using Windows 2000?!

Offline RoMi

  • x86
  • Hero Member
  • *****
  • Posts: 502
  • gg no re
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #7 on: August 17, 2005, 01:00:08 pm »
A lot of companies still use Windows 2000.  Plus it only affected unpatched Windows 2000.
-RoMi

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Windows Worm knocks down corporations
« Reply #8 on: August 17, 2005, 01:02:10 pm »
Our MAN's (Metropolian Area Network) Cisco Avvid IP Phone servers still run windows 2000.  Both the one for the phones and the voicemail.

Offline RoMi

  • x86
  • Hero Member
  • *****
  • Posts: 502
  • gg no re
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #9 on: August 17, 2005, 01:07:31 pm »
Are they patched?
-RoMi

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #10 on: August 17, 2005, 01:13:55 pm »
deadly7 - it's an automated attack, like Blaster or Sasser.  You don't have to download anything, it uses a flaw in Windows to get in. 

whoever complained about win2k - Moving to new systems, especially Windows ones, in large corporations is very difficult and expensive.  It's not like upgrading a single computer, it's more like upgrading 50,000 computers.  And it's not just reimaging, software and data have to be saved, too. 

Offline GameSnake

  • News hound
  • Hero Member
  • *****
  • Posts: 2937
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #11 on: August 17, 2005, 01:26:29 pm »
Oh I can see the logic now.
It would be very expensive to drop a hundred a computer x 50,000!

The next obvious question is then: why don't they use Linux?!

Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #12 on: August 17, 2005, 05:21:53 pm »
The next obvious question is then: why don't they use Linux?!
Because they aren't iago.

Offline c0n

  • Full Member
  • ***
  • Posts: 201
  • I'm new here!
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #13 on: August 17, 2005, 05:44:38 pm »
The next obvious question is then: why don't they use Linux?!
Because they aren't iago.

h0h0. nice.

Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #14 on: August 17, 2005, 06:09:23 pm »
It's because... They NEVER do tech support themselves. They'll get like that expensive Red Hat thingy... so they have tech support, which ends up more expensive than Windows.
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline RoMi

  • x86
  • Hero Member
  • *****
  • Posts: 502
  • gg no re
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #15 on: August 17, 2005, 11:49:11 pm »
The next obvious question is then: why don't they use Linux?!
Because they aren't iago.
Even at work iago has to use Windows.
-RoMi

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Windows Worm knocks down corporations
« Reply #16 on: August 18, 2005, 01:31:45 am »
Nah, iago uses Slackware at work.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #17 on: August 18, 2005, 09:06:15 am »
I use both.  Our managed desktops are Windows, because there is currently no good central Linux management solution (like Active Directory).  But my laptop and the servers I look after are all Slackware. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Windows Worm knocks down corporations
« Reply #18 on: August 18, 2005, 01:19:53 pm »
Active Directory are teh pwn!

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #19 on: August 22, 2005, 12:15:43 am »
It's because... They NEVER do tech support themselves. They'll get like that expensive Red Hat thingy... so they have tech support, which ends up more expensive than Windows.

LOL! You sound like my dad.

That's his only argument as to why Windows > Linux in business / servers.

"Sure, it's free, but in the end, ti's more expensive to maintain."
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #20 on: August 22, 2005, 12:18:33 am »
I would just get Slackware or some other free distro and hire an iago or something.
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #21 on: August 22, 2005, 12:19:06 am »
Actually, Red Hat is less expensive than Windows in many businesses.

And yes, Red Hat is a logical choice for corperations.
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Windows Worm knocks down corporations
« Reply #22 on: August 22, 2005, 12:33:23 am »
Actually, Red Hat is less expensive than Windows in many businesses.

And yes, Red Hat is a logical choice for corperations.

So is windows. :)

( Not saying Windows is better, but you just said it was a logical choice. )

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #23 on: August 22, 2005, 12:55:58 am »
Well, no. Most software companies which develop platform-independant software choose Red Hat because of the enormous amount of support that comes with it, and the small amount of resources required to upkeep it (security, IT team, etc etc).
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline Krazed

  • x86
  • Hero Member
  • *****
  • Posts: 1822
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #24 on: August 22, 2005, 08:40:17 am »
Well, any company in this world (that uses computers) has a security department to take care of things. Linux and Windows are both logical choices for companys. However, in most offices, windows is used because it's what most people are adapted to. People are lazy, they don't want to learn something new. Also Ergot's point, Linux is free, however for the training that would be required, and the constant tech support, it would become expensive.
It is good to be good, but it is better to be lucky.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #25 on: August 22, 2005, 09:08:10 am »
Well, any company in this world (that uses computers) has a security department to take care of things.

Actually, very few companies have security departments.  Most of them will hire a consultant, pay them big $$$ for a couple weeks to assess/design/implement/document security measures, then they part ways. 

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #26 on: August 22, 2005, 02:27:46 pm »
Well, any company in this world (that uses computers) has a security department to take care of things. Linux and Windows are both logical choices for companys. However, in most offices, windows is used because it's what most people are adapted to. People are lazy, they don't want to learn something new. Also Ergot's point, Linux is free, however for the training that would be required, and the constant tech support, it would become expensive.

Corperate linux is NOT free, but gets many of the features, plus its own, of Windows and not being Windows, yet doesn't lose functionality. And many computer professionals know how to use all types of operating systems.
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #27 on: August 22, 2005, 02:36:58 pm »
However, many average people do not. That an unfortunate downside. It's just that not too many people are exposed to Linux at ALL. Even a bit of DOS would help them out, but Microsoft doesn't like people using command line ;/ ?
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #28 on: August 22, 2005, 05:20:24 pm »
Installing drivers is NOT something that is easy in Linux....

Now, imagine installing drivers on 50,000 Linux boxes.

Sound like something a corporation wants to do?

Now, installing drivers on 50,000 Windows boxes is phenemonally easier. Windows Update makes it damn near impossible to fuck up installing drivers!
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Windows Worm knocks down corporations
« Reply #29 on: August 22, 2005, 06:26:25 pm »
Well, no. Most software companies which develop platform-independant software choose Red Hat because of the enormous amount of support that comes with it, and the small amount of resources required to upkeep it (security, IT team, etc etc).
Actually, Red Hat is less expensive than Windows in many businesses.

And yes, Red Hat is a logical choice for corperations.

Are you saying that software companies are the only types of corporations or something?  :-\

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #30 on: August 22, 2005, 06:49:53 pm »
Software companies are corperations, too. The second one was meant at all companies, as an alternative to Windows. First one was specifically from the business point-of-view: Would it make sense to use Linux? If your business is based around Windows programs, that's most likely not a path for you.
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Windows Worm knocks down corporations
« Reply #31 on: August 23, 2005, 02:45:26 am »
Your crazy Newby if you think someone actually installs all the security updates and jazz by hand for companys.  You do it once, make an image of that harddrive, and then just use that image on all the other ones.
And like a fool I believed myself, and thought I was somebody else...

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #32 on: August 23, 2005, 07:47:39 am »
Your crazy Newby if you think someone actually installs all the security updates and jazz by hand for companys.  You do it once, make an image of that harddrive, and then just use that image on all the other ones.

Or you use tools like CA Unicenter or WSUS or others. 

For patching corporations, the problem isn't actually rolling out the patches, it's compatibility issues.  Windows patches tend to do things that Microsoft doesn't tell us, and occasionally it conflicts with installed software.  So before patches are rolled out, they have to be tested.  That leaves a window for worms.  As soon as we see an exploit, we tell them to hurry up and get the patch out.  If we see a worm, like last Monday, we tell them to put on the patch _NOW_. 

Offline Screenor

  • Hero Member
  • *****
  • Posts: 1611
  • My own little world.
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #33 on: August 25, 2005, 06:19:28 am »
Your crazy Newby if you think someone actually installs all the security updates and jazz by hand for companys.  You do it once, make an image of that harddrive, and then just use that image on all the other ones.

Or you use tools like CA Unicenter or WSUS or others. 

For patching corporations, the problem isn't actually rolling out the patches, it's compatibility issues.  Windows patches tend to do things that Microsoft doesn't tell us, and occasionally it conflicts with installed software.  So before patches are rolled out, they have to be tested.  That leaves a window for worms.  As soon as we see an exploit, we tell them to hurry up and get the patch out.  If we see a worm, like last Monday, we tell them to put on the patch _NOW_. 
Yeah, which they do neither of. :(

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Windows Worm knocks down corporations
« Reply #34 on: August 25, 2005, 08:51:50 am »
Your crazy Newby if you think someone actually installs all the security updates and jazz by hand for companys.  You do it once, make an image of that harddrive, and then just use that image on all the other ones.

Or you use tools like CA Unicenter or WSUS or others. 

For patching corporations, the problem isn't actually rolling out the patches, it's compatibility issues.  Windows patches tend to do things that Microsoft doesn't tell us, and occasionally it conflicts with installed software.  So before patches are rolled out, they have to be tested.  That leaves a window for worms.  As soon as we see an exploit, we tell them to hurry up and get the patch out.  If we see a worm, like last Monday, we tell them to put on the patch _NOW_. 
Yeah, which they do neither of. :(

Which "they" are you talking about?

If you mean the people we tell to patch, then yes, it gets done.  Being in a security department, we have some level of influence.

Offline Screenor

  • Hero Member
  • *****
  • Posts: 1611
  • My own little world.
    • View Profile
Re: Windows Worm knocks down corporations
« Reply #35 on: August 25, 2005, 09:13:34 am »
Your crazy Newby if you think someone actually installs all the security updates and jazz by hand for companys.  You do it once, make an image of that harddrive, and then just use that image on all the other ones.

Or you use tools like CA Unicenter or WSUS or others. 

For patching corporations, the problem isn't actually rolling out the patches, it's compatibility issues.  Windows patches tend to do things that Microsoft doesn't tell us, and occasionally it conflicts with installed software.  So before patches are rolled out, they have to be tested.  That leaves a window for worms.  As soon as we see an exploit, we tell them to hurry up and get the patch out.  If we see a worm, like last Monday, we tell them to put on the patch _NOW_. 
Yeah, which they do neither of. :(

Which "they" are you talking about?

If you mean the people we tell to patch, then yes, it gets done.  Being in a security department, we have some level of influence.
I was talking about Microsoft, and their updates.