I am running xp and was prompted to dl and install 2 security patches on thurs, which I did. Then this worm thing hit, and I am seeing on the news it was this morning/last night, but I still cannot get into my hotmail account. I was just wondering if anyone else is still having a problem getting into their email. Also, I saw UUNET got hit pretty hard, and for some reason I think Esignal runs off UUNET. Any chance this would effect Esignal come monday? If I am wrong in thinking this then obviously not.
I got hit with it.... I am running SQL Server 2000 SP2. SP3 (which blocks these worms) was announced a week ago apparently, but did not show up in the Microsoft Universal Subscriptions Download area (of which I am a member and I check daily), so I was unaware of it. Nor did it show up in the Windows Update alert (not that I would have expected it to). To the person saying it is my fault for not applying the patch: I can see your point, but it is naive to say such things. I am running Windows 2000 Advanced Server and applied all suggested patches about 10 days ago. There are nine more patches and updates suggested now, not including the SQL Server one mentioned above. It would be a full time job to keep up with them all.
A similar thing happened to me last Monday night. I was on the web and all of a sudden my mouse started working slow when I clicked it, then a funny noise started coming from the tower and the modem and everything died. I tried banging on the top of the tower like you did, but it did nothing. I worked on it the rest of the night but I couldn't get it fixed. To make the long story short, I had to take it in for repairs Tuesday and now it's Saturday; I still don't have it back, and they're telling me they're having to install a new mother board and a modem. I don't know if this is related to the worm attack, since it happened six days ago, but is it possible something could have gotten through to my system from the internet connection? Anyway, I'm just thankful it's still under warranty.
No, it is not due to a worm. It could be a virus which would have attacked your bios and create some kind of fatal overclocking and push up the voltage from the motherboard to the proc but again it's doubtful.
Personally, I see no reason why a backend server (like database, appserver, etc) should be open to the internet. They should be behind quite a few firewalls. Nobody should ever have to leave their MS SQL port open to the internet unless it is a very specific situation.
I normally reserve the baseball bat for bad trades. The alarrm type sound I was hearing was not the usual beeps that you get. I've heard them before when putting in wrong memory etc.. This was more of a screaching, as if something was stuck and at the same time the gauge when the BIOS was loading was jumping at the one place. I'm running NT4 on a 2 1/2 year old Dell Workstation. Everything has been ok since so I'll let this drop unless it happens again. Thanks everyone for the help/advice.
This is completely untrue. The people who are capable of discovering serious vulnerabilities are either "black hats" or "white hats". Neither go to media first. The "black hats" would never go to media because they use their discoveries to do their business which is hacking into someone else's system. They are neither interested in public awareness nor in vendors patching holes. The "white hats" notify vendor first. Otherwise, they would look irresponsible and damage their "white" image. Such people usually work for IT security companies or are independent IT security consultants. The younger people are mostly interested in gaining peers' respect while more mature ones are mostly interested in receiving positive publicity to attract more business. Going to the media first would achieve opposite result and that's why it is not happening. They get their share of fame then vendor releases patch to vulnerability they have discovered. Then they go to the media. And, BTW, I do not recall any serious vulnerability that vendor would ignore.
http://www.zonelabs.com/store/content/home.jsp Zone Alarm is free software that asks your permission every time anyone tries to access your computer. If you're on the net without zone alarm running, it's like banging a filthy toothless crack whore without a condom. Don't do it! Get Zone Alarm, thank me later.