blaster worm

blondie · 04.02.2006., 13:56

možete mi reći čemu služi win xp zakrpa blaster worm

domy_os · 04.02.2006., 14:06

Po seljački: krpa rupu u Windowsima kroz koju se može provuć crv Blaster i naredit isključivanje kompa čim se spojiš na net.

blondie · 04.02.2006., 17:24

a po stručno......

zippo · 04.02.2006., 18:31

I ovako po seljacki je dobro receno. Vise od toga nije vrijedno pisanja, ako nemas instaliranu zakrpu pozuri jer vrag nikad ne spava....

AC Thunder · 09.02.2006., 09:15

Ovo radi crv Blaster:

Distributed Denial of Service Attack

Once it secures an Internet connection, this worm checks for the current system date. On the following system dates, it launches a thread that performs a Distributed Denial Of Service attack against windowsupdate.com:

* On the 16th to the 31st day of the following months:

o January
o February
o March
o April
o May
o June
o July
o August

* Any day in the month of September to December.

When performing the DDoS attack, this worm constructs a specially crafted packet around 40 Bytes in size, and continuously sends it as a SYN packet request to http://www.windowsupdate.com every 20 milliseconds.

The packet does not contain any data except for its TCP/IP header. It is constructed such that this worm can spoof the sender’s IP address.

Also, if this worm fails to resolve the Web site, http://www.windowsupdate.com, it uses 255.255.255.255 as destination address instead for the DDoS attack.

As of this writing, Microsoft had already disabled the redirection of http://www.windowsupdate.com to the real Windows Update site, http://microsoft.windowsupdate.com. This prevents the Windows Update site from being attacked by the worm’s DDoS payload.

Exploiting the RPC DCOM Buffer Overflow

This worm exploits the RPC DCOM BUFFER OVERFLOW, a vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface, to infect remote machines. The vulnerability allows an attacker to gain full access and execute any code on a target machine, leaving it compromised.
(TrendMicro)

Ukratko Blaster zajebava Microsoft update zatrpavajuci ih paketima velicine 40 Bytes sa zarazenog kompa dok je spojen na internet. Jednostavno, ak apliciras zakrpu Blaster to vise nece moci raditi, a komp se nece odspajati sa interneta.

P.S. Blastera dobijes sasvim slucajno dok si na internetu (a nemas instaliranu zakrpu) jer on stalno skenira IP adrese sistemom slucanosti i provjerava da li je port 135 nezasticen, kad nanjusi otvorena vrata upada i zabava pocinje.

04.02.2006., 13:56	#1
blondie Premium Moj komp Datum registracije: Dec 2005 Lokacija: split Postovi: 198	blaster worm možete mi reći čemu služi win xp zakrpa blaster worm __________________

04.02.2006., 14:06	#2
domy_os EMP moderator Datum registracije: Apr 2005 Lokacija: Osijek Postovi: 18,821	Po seljački: krpa rupu u Windowsima kroz koju se može provuć crv Blaster i naredit isključivanje kompa čim se spojiš na net. __________________ "Kako su krojači novog svjetskog poretka uspjeli u tako kratko vrijeme slomiti intelektualne sposobnosti društva, uništiti kritičku svijest i ljudima nametnuti izvrnutu logiku?"

04.02.2006., 17:24	#3
blondie Premium Moj komp Datum registracije: Dec 2005 Lokacija: split Postovi: 198	a po stručno...... __________________

04.02.2006., 18:31	#4
zippo herr Flick Moj komp Datum registracije: Oct 2005 Lokacija: Umag Postovi: 2,085	I ovako po seljacki je dobro receno. Vise od toga nije vrijedno pisanja, ako nemas instaliranu zakrpu pozuri jer vrag nikad ne spava.... __________________ .:S:T:A:L:K:E:R:.. :2 u ocekivanju nema vise zippacha ......

09.02.2006., 09:15	#5
AC Thunder Premium Moj komp Datum registracije: Dec 2005 Lokacija: InTheAir Postovi: 206	Ovo radi crv Blaster: Distributed Denial of Service Attack Once it secures an Internet connection, this worm checks for the current system date. On the following system dates, it launches a thread that performs a Distributed Denial Of Service attack against windowsupdate.com: * On the 16th to the 31st day of the following months: o January o February o March o April o May o June o July o August * Any day in the month of September to December. When performing the DDoS attack, this worm constructs a specially crafted packet around 40 Bytes in size, and continuously sends it as a SYN packet request to http://www.windowsupdate.com every 20 milliseconds. The packet does not contain any data except for its TCP/IP header. It is constructed such that this worm can spoof the sender’s IP address. Also, if this worm fails to resolve the Web site, http://www.windowsupdate.com, it uses 255.255.255.255 as destination address instead for the DDoS attack. As of this writing, Microsoft had already disabled the redirection of http://www.windowsupdate.com to the real Windows Update site, http://microsoft.windowsupdate.com. This prevents the Windows Update site from being attacked by the worm’s DDoS payload. Exploiting the RPC DCOM Buffer Overflow This worm exploits the RPC DCOM BUFFER OVERFLOW, a vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface, to infect remote machines. The vulnerability allows an attacker to gain full access and execute any code on a target machine, leaving it compromised. (TrendMicro) Ukratko Blaster zajebava Microsoft update zatrpavajuci ih paketima velicine 40 Bytes sa zarazenog kompa dok je spojen na internet. Jednostavno, ak apliciras zakrpu Blaster to vise nece moci raditi, a komp se nece odspajati sa interneta. P.S. Blastera dobijes sasvim slucajno dok si na internetu (a nemas instaliranu zakrpu) jer on stalno skenira IP adrese sistemom slucanosti i provjerava da li je port 135 nezasticen, kad nanjusi otvorena vrata upada i zabava pocinje.

Oglasni prostor
PC Ekspert Forum Oglas

Oglasni prostor
PC Ekspert Forum Oglas