Re: Windows servers dropping like flies!!

ZnU wrote: 
In article <VvadnZj-sO7S0ZneUSdV9g@xxxxxxx>,
 Flint <agent1@xxxxxxxxxxxxx> wrote:


Elijah Baley wrote:

It's now 16:45 CDT. Tune to CNN News cable channel. CNN's network guru is speaking from his situation room. The new worm that all the wintrolls dismissed is wreaking havoc all over the world. CNN, Ny Times, ABC News are hosed. Now they're announcing that Caterpillar is reporting it's Windows servers are hosed. CNN is advising that if you are running Windows 2000 you should immediately shut down your computer and wait for further instructions.

I'm sitting here, watching this, and LAUGHING MY ASS OFF. I simply can't wait to read the spin Edwin, Elam, Mayor, Nashton, etc. will put on this debacle.

To repeat, CNN's network situation room is currently advising anyone running Windows 2000 to SHUT DOWN their machines!!!!!

This is absolutely priceless.

By the way, this is the ZOTOB virus that Elam and Naston dismissed just yesterday in a previous thread.

Wow, Wolf Blitzer just recommended that ANYONE using ANY version of WIndows shut down their computer and take a break until this is thing is sorted out.

And just when did Wolf Blitzer become an internet security expert? Obviously since this affects W2K systems only, it seems to me Wolf "Chicken Little" Blitzer knows not of what he speaks.

This worm affects only W2K systems where port 445 (reserved for UP&P) is not blocked, and the affected W2K system did not have a UP&P security patch installed, and corporate network admins were a little lax on port blocking in their routers/gateways.


No admin is nuts enough to leave UP&P open to the Internet. Probably the worm got on the inside of these networks from laptops that people had connected to less secure networks at home or on the road.


That would be my guess as well. The port *was* reserved for UP&P. I believe this is no longer the case with XP (as of SP2 I think).

Anyway, I *still* see admins leaving port 135 open, wand ith alerter and messenger services running, along with other sloppy practices, so this exploit doesn't surprise me.


On top of this, malware authors these days, are taking their *cue* from Microsoft's tech bulletin releases, and are in a race to to take advantage of various announced exploits before their window of opportunity vanishes, and a patch/fix is released. again, this just reaffirms what I've said previously about OS X's 'security by obscurity'. The hackers, for the most part, just aren't interested in Macs...


Yes, but the Mac's smaller market share doesn't explain all of that. It also seems likely that a certain amount of worm writing is a result of simple resentment against Windows.

Well, I suppose that might be one reason, although I wouldn't hazard a guess as to how significant of a percentage of malware authors are motivated purely by this.

That sort of thing doesn't really exist on the Mac, because very few people perceive that they are required to use the Mac.

Again, I don't see it simply as a marketshare thing, but the degree of penetration into critical mission applications with high security profiles. Macs in those applications have an even smaller percentage of marketshare, and consequently, are a statistically lower profile target.
Again, it's the old 'security by obscurity' thing. A lot of Maccies take offense to this phrase, even though it's a simple fact, and isn't really something to be offended over. The fact is, no one really knows for sure just how secure OS X really is. At best, it can only be said it hasn't been compromised yet ... for the *moment*. But put a lot of Macs and Xservers into huge networks sitting on a lot of sensitive data as in say, >Citibank<, or some other high profile target, and give it some time, and who really knows? A lot of these so called security breaches are not just due to inherent flaws in Windows, but sloppy admin priactices as well, and the last I heard, "To err is human, but to really foul things up requires a computer", and my understanding is this is a problem not unique to WinNuts.


-Rick
.

Relevant Pages
Loading