[Dshield] DCOM morning after
ben at robson.ph
Tue Aug 12 16:01:39 GMT 2003
The thing that does it for me is that I can -almost- accept the home
user community falling prey to this, but I am absolutely pole-axed at
the concept that companies, money making organisations who's number one
asset is information, are connecting unpatched systems to the Internet
with out even turning on Microsoft's own IPSec tools, or installing some
cheap -free-, do nothing/know nothing packet filter.
I have been having conversations on this worm in nunmerous forums and
without fail at least half the posts are stating that the author's
organisation fell victim and is in the process of cleaning up. I even
read one posting from someone stating that their employer, "a major
international bank" was infected. I mean you got to be shitting me
right!!!!!!! (pardon the language please).
>No, you're not the only one who's utterly floored by the idea that ANY
>of this stuff would be accessible from outside any business, large or
>small. Even the little SOHO nat-boxes I'd expect to prevent this sort
>of thing by default apparently aren't doing the job.
>Same with 139, 445, 1443 or whatever it was, etc. It's just astounding
>how lame the so-called "internet community" has become. Until they
>turn Redmond into a glass parking lot and start over, nobody is safe.
More information about the list