CompTIA
Exam Vouchers
Save money on CompTIA exams
| Question of the day
Sign up to receive
interactive practice questions
for MCSE, CompTIA
Cisco and other exams
| TestKing
Get MCSE, MCSD, CCNA, CCNP,A+, N+ and many more | * ExamSheets *
Guide for Success!
Actual Questions & Answers
MCSE, MCSD, A+ ,CCNA, CCNP
Oracle 8i, Oracle 9i Online practice tests
Certification sites Online university Online college Online education Distance learning Software forum Server administration forum Programming resources
|
|  |
nero64
Senior Member
Registered: Sep 2002
Location:
Country: Australia
State:
Certifications: CCNA, MCSE, CNA, MCSA, Linux+, N+, A+
Working on: Self Improvement
Total Posts: 377
|
|
 Virus alert
There is some nasty viruses circulating at the moment and thanks to my ISP i have one.
Turns out my ISP’s RAS server has a virus so each time I log on I get it and weird stuff starts to happen. When I reboot memory is erased so everything is fine- well it seems fine. I remember a time when the only way a virus was spread was via a floppy and you could surf the internet without worry. Now a days it’s so easy to get a virus.
Serves myself right for going with a cheap ISP who knows jack about security.
Anybody know off a good virus program for W2K server.
Report this post to a moderator
|
|
 08-13-03 04:34 AM
|
|
nero64
Senior Member
Registered: Sep 2002
Location:
Country: Australia
State:
Certifications: CCNA, MCSE, CNA, MCSA, Linux+, N+, A+
Working on: Self Improvement
Total Posts: 377
|
|
|
I'm talking about the W32.Blaster worm. Check your system32 folder and look for msblast.exe file. There is a patch for it at the MS site. If you already have it MS say reformat and rebuild your PC...hah you can't be serious!
Report this post to a moderator
|
|
|
08-13-03 05:00 AM
|
|
karlisi
Senior Member
M
Registered: May 2003
Location:
Country: Latvia
State:
Certifications: ECDL, MCSA (Windows 2000)
Working on: MCSA (Windows 2003); MCDST
Total Posts: 110
|
|
|
There are many of them in Latvia since Monday evening. I have not seen infected PC yet but in forums there are a lot of people who have this virus. Its no problem for big companies with properly closed NetBIOS ports on firewalls but small companies and home users are in trouble.
Report this post to a moderator
|
|
|
08-13-03 07:07 AM
|
|
nero64
Senior Member
Registered: Sep 2002
Location:
Country: Australia
State:
Certifications: CCNA, MCSE, CNA, MCSA, Linux+, N+, A+
Working on: Self Improvement
Total Posts: 377
|
|
|
I just got rid of it then. It was in system memory and even installing the MS patch and turning off the PC did nothing. I just deleted the msblast.vxe file from system32 and i think i got rid of it. My virus scanner can't detect it anymore. I also had some sort of virtual trojan virus as well.
Ms gives a whole listing of ports to close. I might try these for practise.
Report this post to a moderator
|
|
|
08-13-03 09:13 AM
|
|
karlisi
Senior Member
M
Registered: May 2003
Location:
Country: Latvia
State:
Certifications: ECDL, MCSA (Windows 2000)
Working on: MCSA (Windows 2003); MCDST
Total Posts: 110
|
|
|
There are free tools from Symantec and McAfee for detecting and removal of this worm. I used McAfee's tool called 'Stinger' before for other worms and it worked nice. Just search Google for 'stinger.exe'. And of course - patching, patching...
Report this post to a moderator
|
|
|
08-13-03 12:15 PM
|
|
jeff_j_black
that's what "THEY" said..
Registered: Jan 2002
Location:
Country: United States
State:
Certifications:
Working on:
Total Posts: 2723
|
|
|
|
08-13-03 11:08 PM
|
|
Tarzanboy
Senior Member
Registered: Mar 2002
Location:
Country: United States
State:
Certifications: A+, N+, Sec+, MCP, MCSA2k, MCSE2k
Working on: 70-214, 70-292
Total Posts: 1013
|
|
|
As a secondary precaution, in addition to patching your systems, if you are not using DCOM, disable it. By default Win2k/XP/2k3 all have it on and 99% of the public does not need it.
As always, verify whether you have a need for DCOM and test in a lab environment prior to implementing it into a production environment.
In Windows 2000:
1. Click Start, Run, and type: dcomcnfg
2. Press ok or the enter key
3. Click Default Properties and uncheck Enable Distributed COM on this computer.
4. Click OK.
In Windows XP/Windows Server 2003:
1. Click Start, Run, and type: dcomcnfg
2. Press ok or the enter key
3. Double Click Component Services, double click Computers, right click your computer and select Properties.
4. Click Default Properties and uncheck Enable Distributed COM on this computer.
5. Click OK.
Cheers,
TB
Report this post to a moderator
|
|
|
08-16-03 09:49 PM
|
|
|
Click here for list of 70-216
study guides
MCSE exam notes
70-216 exam details
Forum Rules:
Who Can Read The Forum? Any registered user or guest.
Who Can Post New Topics? Any registered user.
Who Can Post Replies? Any registered user.
Changes: Messages can be edited by their author.
Posts: HTML code is OFF. Smilies are ON. vB code is ON. [IMG] code is ON. |
|
ExamNotes forum archive
|
