WARNING ALL | PUNT ROAD END | Richmond Tigers Forum
  • IMPORTANT // Please look after your loved ones, yourself and be kind to others. If you are feeling that the world is too hard to handle there is always help - I implore you not to hesitate in contacting one of these wonderful organisations Lifeline and Beyond Blue ... and I'm sure reaching out to our PRE community we will find a way to help. T.

WARNING ALL

tiga said:
Make way... I am a network engineer... 8)

Rosy, is the company that hosts this site aware of the W32.Blaster worm?? It started it's massive spread last week (which may explain Gus' intrusion attempts) and hit any windows computers that did not have the latest security patches.

Here is some info from Symantec

How it works
-------------------
The worm attacks Windows computers via a hole in the operating system, an issue Microsoft had warned about on July 16. Nine days after the software giant announced the flaw, hackers from the Chinese X Focus security group posted a program to several security lists designed to allow an intruder to break into Windows computers.

Once the worm is resident on a machine, it immediately begins scanning the Internet for other vulnerable targets.
--------------------------------------

If you have a firewall and TCP port 4444 is blocked in both directions everything should be cool.

Julz.....If you give me a little more info about your problem, I might be able to give you some tips to prevent it from happening again or maybe even find out exactly what happened in the first place....Free of course! ;)

Would I have got this worm via e-mail Tiga??

My anti virus thingo has picked up a few things this week and I think that w32 thing might be what it was. I have been receiving it via e-mail up to 10 times a day
 
Hi guys,

just in relation to all of this stuff, i have had no probs with virus' at this stage(touch wood). i have vet and am constantly updating which is highly recommended.

But i have had cable for about 6 mths and in my 3rd month after about 4 days all of my usage had gone. I rang them and inquired and didnt get much help at all. One of my friends who is into computers gave me a website www.zonealarm.com you can download a free version of there firewall and it will stop all atempts for anyone to come into your computer.

I havent had any problems with anyone hacking into my computer and using my download limit.

I strongly suggest people get, it is free after all.

Regards

Bulluss
 
DF,
It's not an email virus. You can get it just by browsing a site that's infected or even via chat as Shawry found out. the other W32 virus you might be getting via email might be Klez or one of the other space junk viruses floating around out there catching unsuspecting people who haven't updated their virus definitions in the past 6 months. Basically you're nortons is doing it's job and if you have liveupdate running you're pretty safe. But as Bulluss suggested, I would look at getting some sort of firewall protection or updating to XP.

Rosy,
I think it would be a good idea to check that netfirms are free of this virus for peace of mind. If they have done their homework, then everything will be okay. As far as I can tell, most of Gus' problems seem to have come from his ISP who wasn't up to date and I haven't copped anything from PRE as yet.

And yes, you would have been notified about it and it only affected 2000 and XP, not 98 or ME. But the beautiful thing about XP is that it has a firewall built in to it to stop little nasties like Blaster that like to use TCP ports to break into your computer and start their own Rave Party.
 
Thanks for the offer Tiga. I too use XP but wasn't aware that it had a firewall (I'm a bit dumb when it comes to computers).

My problem began several days after I first started using Broadband. For example, on the Friday we downloaded 19.47mb and uploaded 13.12mb, Saturday we downloaded 25.85mb and uploaded 6.88mb and on the day in question it said we downloaded 680.71mb and uploaded 507.84mb. Even though we have Kazaa (which I have since disenabled from sharing - I hope) it seemed ridiculous that for 10 hours straight all 10 of the songs I had to share would be uploaded every one of those hours. Also the amounts of downloads was unbelievable, especially as there were times in that 10 hours when no-one was on the computer at all. Telstra said it looked like we were hacked into and recommended disconnecting the modem every time we aren't using Broadband and getting a firewall. Should I get the one Bulluss mentioned?
 
Julz, the firewall in XP is good enough to protect you from intrusion from your average hacker. if you wanted better protection I would suggest purchasing a hardware firewall.

The uploads would have been without doubt attributed to your peer to peer programs like Kazaa. They also put a lot of spyware and adware on your system so I would recommend you remove them completely. There is an alternative that I use called WinMX which has none of the crap that the others have.

What is interesting is the ammount of downloads you were hit with. Do you have ADSL?? If so, I would change your username and password immediately if you haven't already done so. If you have no eveidence on your computer of these huge downloads then I would say someone else has been using your account from somewhere else. The other possible cause could be that you have a trojan and its is downloading a heap of useless little crap files and maxing your account out. But If you are certain that you were not using your computer and it wasn't on when these downloads occured, then I woud definately say someone has your account details.

Hope that helps.
 
Thanks tiga. I did change my password immediately. When Telstra asked me if I had a firewall, I had no idea (duh ::). I've noticed that since this has happened, changing passwords, disenabling Kazaa and disconnecting the modem when not in Broadband that my downloads and uploads have been at a far more acceptable rate.
 
No probs Julz. I have found it easier helping you guys out than trying do do a parody to "Bring me to life" as you requested. I think it's beaten me as it has a very tricky tempo and no rhyming pattern. do you have any other requests for a parody??
 
I was pretty worried that anyone thought there was a possibility of this site putting their computers at risk so I contacted Netfirms and this is their reply.

Thank you for your e-mail.

We are free of the new virus attacking windows as we only run on unix servers.
Your site would not be affected by the new worm, only your computer potentially.

 
That's great news Rosy,

Just a note, A great place for all of you to check on the latest virus is here...
http://securityresponse.symantec.com/
 
Truly a talented little Tiga.

Thanks for the advice it is much appreciate by us Computer Gurus.

I am running windows XP, but Vietnam is a particularly bad environment for nastly that float around in cyberspace hence the added protection.