MSBlaster redux

[ibe98765]

I was corresponding with a magazine columnist about this virus and the fact that he got hit by it through a VPN company connection to his network. He now has both a hardware and has added a software firewall on each machine.

I made the mistake of thinking that because I had a well buttoned down hardware firewall, I was OK (actually, I was out of town during the whole Blaster business). But I forgot that VPNs tunnel right through the firewall. In my rush to get ready for vacation, which began with my son’s wedding, I hadn’t installed the Microsoft DCOM patch and, yes, port 135 was wide open inside the firewall. Live and learn.

[Guest LilBambi]

Yes that is recommended by most security experts.*Moved to Security and Networking

[Marsden11]

A trusted machine is the only access through a VPN connection, regardless of the hardware firewall. So he infected himself while away?

[ibe98765]

A trusted machine is the only access through a VPN connection, regardless of the hardware firewall. So he infected himself while away?

Well, his company did. Guess they didn't have the patch on either. To avoid further embarassment, I won't reveal the name of this national business magazine

[Marsden11]

Had he applied the patch when it was first released in July... it would have been a non-event.I suspect at some point MS will just make WU full auto and not trust users to properly take care of their machines.

[ibe98765]

Good story in CNET...----------------------------------DAVID BERLINDA day in the life of a Microsoft security patchIn 17 days, Microsoft turned the discovery of MSBlaster into a patch for that vulnerability. Most corporations wouldn't dream of putting their own 17 day-old (or less) code into production. I decided to find out how Redmond does it. Join me behind the scenes with Microsoft's Security Response Center. http://ct.com.com/click?q=4c-jxi2IZpKiktPk...RcTHv0y5ob30edR

[ibe98765]

Teenage Computer Worm Suspect Indicted in Seattle Sep 17, 8:18 PM (ET) SEATTLE (Reuters) - Jeffrey Lee Parson, the teenager suspected of creating a variant of the destructive Blaster worm, appeared in a Seattle court on Wednesday to face one count of causing damage to a computer.Parson, 18, a burly high school senior from Hopkins, Minnesota, pleaded not guilty to the charge of intentionally causing or attempting to cause damage to a computer. He faces a maximum of 10 years in prison and a $250,000 fine if convicted.According to a complaint filed in the Western District of Washington, Parson had told law enforcement officials that he created a variant of the worm, which exploited a flaw in Microsoft Corp.'s Windows software.Blaster and its variants are self-replicating Internet worms that bore through a Windows security hole, harnessing computers to launch concerted data attacks via the Internet.Parson, flanked by two federal public defenders, appeared in a gray T-shirt, jeans and sneakers. Standing over 6 feet (183 cm) tall and weighing over 300 pounds (136 kg), he sported a bleach-blond Mohawk haircut and occasionally wiped sweat from his forehead.Judge Mary Alice Theiler set the next court date for Nov. 17.Judge Theiler ordered that Parson continue to be held under house arrest, although his attorneys secured an amendment that would allow him to leave home to work in addition to being able to leave to attend school.Parson was banned from using the Internet, surfing the World Wide Web or using messaging services during his trial.