WARNING ALL | PUNT ROAD END | Richmond Tigers Forum
  • IMPORTANT // Please look after your loved ones, yourself and be kind to others. If you are feeling that the world is too hard to handle there is always help - I implore you not to hesitate in contacting one of these wonderful organisations Lifeline and Beyond Blue ... and I'm sure reaching out to our PRE community we will find a way to help. T.

WARNING ALL

gustiger12

gustiger12

Its Tiger Time
Jan 22, 2003
9,933
2
www.thaigerpics.com
In the last two days while using this site, my personal firewall has warned me that there have been 7 attempt to intrusion onto my computer.

I am not computer literate enough to understand all of this but it would appear that someone has tried to access my computer whilst I have been scolling PRE.

Most seem to be from the same IP address so we may need to take care.

Last night this site kept shutting down after the first attempted intrusion.

Apologies Rosy if this is not under the most appropriate forum, but thought it important our members are aware of this for their own protection.
 
nwonash

nwonash

Tiger Champion
Aug 10, 2003
3,918
0
Melbourne
Don't be too worried.

Some sites use Cookies.

The site may be looking for the cookies to see if you are a new user or not or just to see whom you are.
 
Rosy

Rosy

Tiger Legend
Mar 27, 2003
54,348
31
I don't know the first thing about this kind of stuff. I know when I bought this computer the guy told me not to bother with security stuff or I'd end up paranoid with the messages you get from it.

I don't quite understand Gus.

Do you think it's a user from this site?
How do you know if the access has occurred through a particular site, rather than someone just trying to access your computer in general?

I'm interested to know how that kind of thing works really.
 
gustiger12

gustiger12

Its Tiger Time
Jan 22, 2003
9,933
2
www.thaigerpics.com
Hey Rosy

I'm with you.

I have no idea whether it was from this site or what. All I know was that whilst on the site I got a message that the firewall had blocked an intrusion and the site shut down and I could reopen it without restarting my computer.

I can't really answer any of you questions Rosy, I was more hoping that some of the more computer literate on this site might be able to help or provide advice.

I simply installed the software as I was getting a lot of strange happenings on my computer recently.
 
Laff

Laff

September showers
Dec 19, 2002
1,282
2
I have heard about that one diggler it infects football clubs and over about 4 years destroys them and brings them to their knees............
 
iLoVeNeWmAn

iLoVeNeWmAn

RFC - can't live with 'em, can't live without 'em
Apr 15, 2003
2,133
24
www.abcsports.com.au
apparantly there is an antidote for that worm, but you need a brain and balls to administer it which the RFC don't have..........
 
Harry

Harry

Tiger Legend
Mar 2, 2003
24,591
12,186
............apparently the only way you can get rid of it is to dismantle the RFC hardrive and get rid of the Caseyufool bug.
 
F

Fireman_Sam

A 'non-sexual' example of the 69 position
Feb 26, 2003
109
0
Wales
Hey Julz, you're not running some shareware like Kazaa, Morpheus, et al.. That's why you may have used up your Megs (usage).
 
julzqld

julzqld

Do or do not - there is no try!
Dec 17, 2002
937
0
Palm Beach, Queensland
Yeah I was but have since disenabled it. But it was all the downloads that they reckon we did which we disputed as we supposedly did 680mb in one day as compared to our usual 25. And we don't even know how to download movies. Anyway after disputing it with Telstra, they concluded that we'd been hacked into. Not happy Jan.
 
T

tiga

New RFC fitness regime under Wallace
Apr 28, 2003
1,440
0
Blue Mountains NSW
Make way... I am a network engineer... 8)

Rosy, is the company that hosts this site aware of the W32.Blaster worm?? It started it's massive spread last week (which may explain Gus' intrusion attempts) and hit any windows computers that did not have the latest security patches.

Here is some info from Symantec

How it works
-------------------
The worm attacks Windows computers via a hole in the operating system, an issue Microsoft had warned about on July 16. Nine days after the software giant announced the flaw, hackers from the Chinese X Focus security group posted a program to several security lists designed to allow an intruder to break into Windows computers.

Once the worm is resident on a machine, it immediately begins scanning the Internet for other vulnerable targets.
--------------------------------------

If you have a firewall and TCP port 4444 is blocked in both directions everything should be cool.

Julz.....If you give me a little more info about your problem, I might be able to give you some tips to prevent it from happening again or maybe even find out exactly what happened in the first place....Free of course! ;)
 
S

shawry

Tiger Legend
Apr 14, 2003
5,630
431
Adelaide, Australia
MsBlast affected my machine last Monday night after chat and took me a while to ffigure out how to beat it. Basically printed off gear from Microsoft before the virus set in adn then set up a firewall which easily stopped it. Was a pain in the arse though and had me worried for a while though but was easy to fix. Now it cant access my net priviledges but would be interestedi n learning how to remove it though.
 
T

tiga

New RFC fitness regime under Wallace
Apr 28, 2003
1,440
0
Blue Mountains NSW
Shawry, there is a removal tool at symantec.com

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
 
gustiger12

gustiger12

Its Tiger Time
Jan 22, 2003
9,933
2
www.thaigerpics.com
Thanks for the advice Tiga.

I have since found out that my ISP has been infected with the worm so that may explain the intrusion attempts.

I already had the patch downloaded and Norton has not indicated any detection of he Virus on my system thankfully, although a lot of people here using the same Internet provider have been infected.

I am still getting these attempted intrusions so who knows
 
T

tiga

New RFC fitness regime under Wallace
Apr 28, 2003
1,440
0
Blue Mountains NSW
Gus, a lot of these intrusion attempts are from random spammers out there going through ip addresses and seeing who's vulnerable. You may also want to check your system for "ad bots" a great utility for this is free and it's called "adaware". Another great utility is "sam spade" with this you can track down who owns the IP address that's spamming you, but as usual it's probably spoofed.
 
Rosy

Rosy

Tiger Legend
Mar 27, 2003
54,348
31
tiga said:
Make way... I am a network engineer... 8)

Rosy, is the company that hosts this site aware of the W32.Blaster worm?? It started it's massive spread last week (which may explain Gus' intrusion attempts) and hit any windows computers that did not have the latest security patches.

Here is some info from Symantec

How it works
-------------------
The worm attacks Windows computers via a hole in the operating system, an issue Microsoft had warned about on July 16. Nine days after the software giant announced the flaw, hackers from the Chinese X Focus security group posted a program to several security lists designed to allow an intruder to break into Windows computers.

Once the worm is resident on a machine, it immediately begins scanning the Internet for other vulnerable targets.
Click to expand...

I don't know if Netfirms are aware of the worm tiga, but I assume they would be. I haven't received any notification of it.

Is there any reason for me to contact them and ask them? I will if anyone has genuine reason to believe that this site puts them at a security risk.

Is this the same worm I was contacted about by my anti virus program last week that only affects windows 2000 and XP?

I don't know the first thing about that sort of stuff, I am a computer ignoramus, but I'd be very upset if what I started as a hobby is putting peoples computers at risk.

Scarey stuff. :'(
 
You must log in or register to reply here.
< F.I.N.A.L.S. | An Idea >
Official PRE merch now on Redbubble!
Top Bottom