"mto" <nobody@dontsendmeanyspam.com> wrote in message
news:ydacnf61nLJoibaiXTWJhg@seg.net...
|
| "Jeffrey A. Setaro" <jasetaro@mags.net> wrote in message
| news:MPG.1994dc9377a46a6e9896fd@news.mags.net...
| > In article <ssSdnbDZtKRFlLaiU-KYuQ@seg.net>,
| > nobody@atdon'tbothertowrite.com says...
| > > <Quote>
| > > In its advisory, CERT recommends that customers apply the Microsoft
| patch
| > > and, as well, block network traffic on Transmission Control Protocol
| (TCP)
| > > ports 135, 139, and 445, which are used by the RPC service. <END>
| > >
| > > http://www.pcworld.com/news/article/0,aid,111856,00.asp
| > >
| >
| > Wow it's only taken CERT & PC World two weeks to catch up. Microsoft
| > release a bulletin and patch for this on July 16, 2003.
| >
| > See Microsoft Security Bulletin MS03-026: Buffer Overrun In RPC
| > Interface Could Allow Code Execution(Q823980)
| > <http://www.microsoft.com/technet/security/bulletin/MS03-026.asp> for
| > details.
| >
|
| No, Jeff - this is a SECOND warning about that particular security patch.
| Been on the news all day. Apparently there is a problem -
|
| <quote>In the past two days, the computer security research and development
| organization has received reports of "thousands" of systems compromised
| using variations of the malicious code, known as DCOM RPC, after the flawed
| Windows DCOM (distributed component object model) interface, according to
| Jeff Havrilla, Internet security analyst at CERT in Pittsburgh.
| CERT does not know how many machines have been hacked using the DCOM RPC
| exploit, but the ratio between the number of reports CERT typically receives
| to the number of machines compromised suggests that the number is large,
| Havrilla said.<end>
|
| I posted the link because this warning specifies to not only get the patch
| but to block those 3 particular ports. I've had at least 7 attempts at my
| machine - mostly port 445 - today alone. Normally I get <2 in 24 hours.
|
|
I have noticed a rise in Sub7 probes on my fw on the FreeNet Port..stange indeed..a New
Exploit???
--
Come To Florida, We Need Voter's that
actually KNOW how to cast a Ballot....
-=ô;ö=-