[rescue] Fair Warning RPC Worm
Mike Hebel
nimitz at nimitzbrood.com
Tue Aug 12 11:21:03 CDT 2003
On Tuesday, August 12, 2003, at 11:02 AM, Michael A. Turner wrote:
> Lcukly I was able to convience people around here that patch was
> important. I put it on all the servers the day after it came out.
> After the
> reaming we took from code red, Nimda, and the SQL slammer worm even my
> boss
> found it a good idea to install that patch.
> Today I am chasing the users who disregarded the E-mail that told
> them to install the patch. Sigh, no way to enforce it and now they are
> whining we should have done more to protect them. Damned if you do,
> Damned
> if you don't.
Funny thing is. If you just do proper firewall security this worm
isn't an issue. do you r best case and use the "Shields Up" port probe
stuff at www.grc.com (Gibson Research) and you'll know immediately if
there's a problem.
I haven't been touched by it here except in an increase in log traffic.
Now my in-law who is unprotected on DSL is another matter. I spent
about an hour explaining the problem and the solution to him because he
got hit by it earlier this week.
All-in-all for my money most people will be sane enough to install the
security updates. This does not include suits obviously.
If they don't want to then pitch it as "Evil Hackers" or worse yet
"Evil Terrorists that could use your computer to shut down government
computers." and most of the die-hards will roll over and get
updated/patched somehow. ;-)
I hate to resort to such things but if it keep virii/worms off of any
networks I'm involved with then so much the better. Now if I could
only convince my "inner anarchist" of that...
Mike Hebel
--
Medieval Combat anyone? http://www.kingsofchaos.com/page.php?id=694655
More information about the rescue
mailing list