Zugg Software :: View topic

Posted: Tue May 04, 2004 7:21 am

All I can say is thank-goodness zuggsoft.com still uses old and reliable Windows NT. A friend of mine working for a big company spent *all day* dealing with the new worm going around rebooting Win2000 and WinXP computers. The Microsoft patch for this one is only a couple of weeks old, and some people stopped applying patches because one of the recent Microsoft patches screwed up MDAC again causing MS Access (and zMUD) to stop working.

Fortunately my systems here at home are behind a hardware firewall, and as I said, the zuggsoft.com system is NT which isn't affected. Just gives me less of a reason to ever update zuggsoft.com to a newer version of Windows.

These are apparently the same hackers responsible for the Netsky series of worms. These guys are getting into *serious* trouble with the latest worm effecting banks, railroads, airlines, etc. Once again, let's hope that the authorities are on their trail and they can be caught and made an example of.

It's pretty amazing how much trouble a very *small* number of hackers are causing the Internet with the last couple of months of viruses and worms. But one of these days, they are going to get too cocky and are going to find themselves in a bad situation. I hope it is soon.

Meanwhile, my thoughts go out to all of the sysadmins that are spending the day and night trying to get rid of this latest annoyance. As I've said before, "what a waste of time!"

Wizard Joined: 10 Oct 2000 Posts: 1551 Location: Australia

I love it how MS leaves ports open by default. I mean the most commonly known one is that sodding messenger service. It was too convenient for spammers and now that's been mostly closed up but I'm sure virus makers could have exploited it if they had wanted to. It's just unbelievable that any OS has ports open by default.

Ah well, I'm glad I'm behind a hardware firewall. It would make sense for 56k modems as well as cable modems to come with hardware firewalls built in, the way many ADSL modems do. That at least should stop the wave of viruses spreading if you actually had to do 'something' in order to turn off your firewall.

What you should be glad about is these virus manufacturers aren't actually trying - they're pranksters in the grand scale of things. If some terrorists got their hands on the virus exploits first we would see a wave of destruction, as opposed to a reboot inconvenience (which also is a big hinderence to the distribution of the virus) ... from an effectiveness point of view, it seems stupid to take an infected PC offline when it could be employed as a drone for other tasks.

Hell, if that had been a virus which installed a 'seti@home' type program (runs in your spare cycles without lagging your PC) you would never notice that you were infected, and all that distributed processor power from millions of infected machines could take on 1024 bit encryption or something.

Heh, just wait until virus manufacturers get themselves an AI degree, so their viruses learn and adapt using their (heck, it's gigahert then terrahert then pitahert?) well whatever comes about 10 steps beyond gigahert anyway... woot, I have a 924,124,771,918,723 gigahert distributed processor to take over the universe with...

Magician Joined: 13 Oct 2000 Posts: 463

Any OS leaving ports open by default? That's kind of a silly claim, since EVERY OS leaves all ports open by default. It's the nature of IP... it's how it works, unless you ADD something called a firewall and/or port blocking rules.

Even most distroes of Linux leave every port open by default. The issue is not open ports, it is running USELESS NETWORK SERVICES. The more network services you have running, the more potential security holes are available to malicious software. And Linux, in general, does a better job of not running services you don't use.

I'm a fan of Gentoo myself... installing the core system has you running NO network services, except perhaps ssh, and that only because they walk you through turning it on in the setup tutorial.