Keep yourself safe! (up to date)

[spoimala]

Today I had the most irritating moments with my PC in the time I've been part of the Internet.
I was using my computer like any other day and accidentally I got a popup that said something like (don't remember the exact words)
"You computer is about to shutdown. Save all your work and exit all programs.
RPC terminated due to ...something.
This shutdown was ...asked by... SYSTEM/NT AUthority...."
or something like that.
In addition ,there was a counter counting from 0:59 to 0:00 and then my machine rebooted! And this happened thrice in half an hour!
Scary, that these kind of things are possible
Scary, that somebody cares to do these things

Anyway, immediately I went to windows update, and installed all hotfixes (it took a few tries, as my PC rebooted again...) and then it stopped. I don't know if these prevented this kind of attacks or did he stop trying but... at least I feel more secure now.
Also, I digged zone alarm from ashes again and installed it...tried to avoid it, but it is here now. I just hope my PC is now as stable as bedrock

[astroman]

the only thing that scares me is that people call that crap 'industry standard'
the problem isn't the hacker, but the maker of the OS - tooo sad they can't be sued for their inability or for the attempt to control you without notice
well, it was one of the big advantages of the classic MacOS (until v9) that there weren't any such backdoors, no chance for these tricks.
Before you start 'oh no, not again...' since Apple jumped on the unix train we're on par again

couldn't resist, Tom

ps: keeping my fingers crossed for you, Spoimala, that the fortress holds

[darkrezin]

You seem to have had the MSblast.exe worm, which has apparently been doing the rounds since Monday. Here's a random news link I pulled off google :

http://www.crn.com/sections/BreakingNew ... leID=43865

Incidentally, a firewall won't harm performance on any well set up system. However, you should probably know that Zone Alarm isn't the best firewall around.. take a look at Tiny Personal Firewall or Kerio, which are infinitely better.

peace


<font size=-1>[ This Message was edited by: dArKr3zIn on 2003-08-11 19:22 ]</font>

[darkrezin]

As for why people do these things, the graphic in the following link may shed some light :

http://www.europe.f-secure.com/v-descs/msblast.shtml

I'm not defending actions like this, but if it were not for this kind of thing, MS would not even bother to patch their lousy flaw-ridden OS. While you may say "well, if no-one wrote viruses/trojans then what is the problem?"... well.. those security holes would still be there, ready for anyone with any purpose to invade your computer.

So I think the overall advice is :

1. run a *good* firewall

2. make sure you know about security updates and act on them accordingly (the fix for this one has been around for weeks if not months)

peace

[spoimala]

What's wrong with Zone Alarm? At least it stopped this exact msblast.exe from connecting to itnernet.

[darkrezin]

I can't remember the exact stuff (I'm not a network pro) but a network geek I respect a lot simply laughs at Zone Alarm. I'm inclined to believe him personally.

Anyway, since Kerio is free, you owe it to yourself to try it out.

peace

[krizrox]

I can't remember now if it was Zone Alarm or Black Ice Defender, but last year, as I was trying desperately to cure a strange fizzing noise I was experiencing with Pulsar/tripleDAT I noted that removing the firewall program greatly reduced the problem.

I was convinced then, and am still convinced, that you should not run such stuff on an audio PC. At very least, partition your drives with Partition Magic and use their BootMagic application which will allow you to run a full OS install for your internet needs and a separate leaner OS for audio. You'll thank me

[at0m]

Spoimala, ZA failed cos the worm was installed on your machine. ZA -if properly configured- should have blocked that port. I block, amongst others, port 135, so the worm could never get to my machine in the first place.
You might want to read on http://www.microsoft.com/technet/treevi ... 03-026.asp concerning this vulnerability issue.

Recently I've set up a home network and I've been reading a lot on XP vulnerability and online security. Have to learn a lot, and afaik my machine is quite secure.

Many collegues don't have a firewall or anti-virus scanner since it annoys them, or they just don't care. They say they'll reinstall when the pc stops working. Go figure. :z

Then again, afaik, if someone wants to get in your machine, they will. A firewall's like a lock on your front door. Burglars don't care for your locks. Amateurs will try to find open doors, pro's just slam your door or smash a window.

[Nestor]

Urggggg how bad! There we come to the conclusion as Garyb and Spirit told me a few times, to get a second machine, a chipy one to do all the internet stuff and then live your DAW alone... But you need a second system... which it´s not alwyas posible.

[spoimala]

at0mic, no, ZA did not fail, as it was not installed when the worm came in. If you read carefully, you'll see I installed it because of this attack

Kerio is free? Really, maybe I'll have to take another glance. But at http://www.kerio.com/kwf_price.html there's a price for it?

I once tried having two machines, one for internet and one for audio but it didn't work for me. I spare too much time in the net... and my music making is too collaborative with online friends, so it makes things too difficult.

[darkrezin]

http://www.kerio.com/kpf_home.html