Nasty new version of a Virus(worm)...
Posted: August 19, 2003, 8:58 pm
VeeshanVault
We Know Drama
https://www.veeshanvault.org/forums/
Nasty new version of a Virus(worm)...
Page 1 of 1
Posted: August 19, 2003, 9:12 pm
Is this a threat if fully updated with XP and IE security patches?
Posted: August 19, 2003, 10:01 pm
This is a nasty new email virus.
Nachi and MSBlaster were the worm and variant that requires patches. MSblaster was the original worm and Nachi was a variant that looks like someone wrote it to try and actually patch windows boxes that were infected. Problem was it does it by by searching for machines that are vulnerable with a flood of icmp packets, debilitating a network. Once it found vulnerable machines it attempted to apply the patch but that was usually screwed up. I've seen routers crashing from the severe flood of icmp traffic for 2 days now.
The newest threat is a variant of an old email virus that seems to be quite virulent and is flooding email systems.
Winnow, you been writing virii again?
Nachi and MSBlaster were the worm and variant that requires patches. MSblaster was the original worm and Nachi was a variant that looks like someone wrote it to try and actually patch windows boxes that were infected. Problem was it does it by by searching for machines that are vulnerable with a flood of icmp packets, debilitating a network. Once it found vulnerable machines it attempted to apply the patch but that was usually screwed up. I've seen routers crashing from the severe flood of icmp traffic for 2 days now.
The newest threat is a variant of an old email virus that seems to be quite virulent and is flooding email systems.
Winnow, you been writing virii again?
Posted: August 19, 2003, 10:13 pm
bah, this is just another wussy worm that you get only if you open an attachment like a .pif or .scr
Posted: August 19, 2003, 10:19 pm
Nonononononononono Zyggy, we didn't ask you to describe yourself. You need some self-esteem training man. Nobody really thinks you're a wussy worm.
Posted: August 19, 2003, 10:21 pm
Damn, I was pwned 
Posted: August 20, 2003, 3:33 am
Watch out for this and Lovgate. Lovgate completely debilitated an entire city network today which took me 8 hours to isolate and fix tonight.
Lovgate apparently gets fed via Kazaa. I checked the virus out on symantec's website, and refused to believe it could be fed over kazaa, but sure enough, the 2 culprit computers on the network were both running kazaa. I am sure they will be fired tomorrow.
This fucker after executed plants more bombs in EVERY network share on any server in the organization. Then it starts mad emailing itself. First it starts off emailing itself using your exchange server, and when it fails it has a failsafe smtp daemon built in and just bypasses that.In 8 hours, the exchange server processed 7.3 million email messages, of which over half had bad addresses or bad headers and the badmail folder exploded to a whopping 4+ million entries (equating to 2 million bad mails). Once the exchange server crashed under the load, the virus went direct to the internet through the core routers, sucking the resources out of each one. After the exchange server failed, then the network basically crumbled under the load. And this isnt some wussy network, I am talking a network run with 2 cisco 3600 series core routers, with a cabletron 6000 layer 3 switch on the lan.
I won't know until tomorrow morning if the exchange message stores were corrupted since I assume its going to take all night just to run the del *.* job thats running in the badmail directory. But that 7001 ID that came up usually means break out the eseutil and hope for the best.
Please, people, be careful of what you open. All the virus protection in the world does no fucking good if you open the attachment anyway.
Im off to bed now. /rant off.
Lovgate apparently gets fed via Kazaa. I checked the virus out on symantec's website, and refused to believe it could be fed over kazaa, but sure enough, the 2 culprit computers on the network were both running kazaa. I am sure they will be fired tomorrow.
This fucker after executed plants more bombs in EVERY network share on any server in the organization. Then it starts mad emailing itself. First it starts off emailing itself using your exchange server, and when it fails it has a failsafe smtp daemon built in and just bypasses that.In 8 hours, the exchange server processed 7.3 million email messages, of which over half had bad addresses or bad headers and the badmail folder exploded to a whopping 4+ million entries (equating to 2 million bad mails). Once the exchange server crashed under the load, the virus went direct to the internet through the core routers, sucking the resources out of each one. After the exchange server failed, then the network basically crumbled under the load. And this isnt some wussy network, I am talking a network run with 2 cisco 3600 series core routers, with a cabletron 6000 layer 3 switch on the lan.
I won't know until tomorrow morning if the exchange message stores were corrupted since I assume its going to take all night just to run the del *.* job thats running in the badmail directory. But that 7001 ID that came up usually means break out the eseutil and hope for the best.
Please, people, be careful of what you open. All the virus protection in the world does no fucking good if you open the attachment anyway.
Im off to bed now. /rant off.
Posted: August 20, 2003, 4:07 am
Sounds like ...fun?
Thats a pretty major network to crumple. And in so short a time. Stupid bitches that D/L stuff at work need to be fired anyways.
Thats a pretty major network to crumple. And in so short a time. Stupid bitches that D/L stuff at work need to be fired anyways.