UMEC Forum Index UMEC
United Mining Exploration Commission: A group of friends playing JumpGate-- "a MMORPG that launched smoothly, breaks from fantasy character setting, emphasizes PvP, and is the first persistent world space simulator that nobody talks about." ~Scorch
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

maddogjt being paranoid, or is this for real?

Post new topic   Reply to topic    UMEC Forum Index -> Website/Forum Discussion
View previous topic :: View next topic  
Author Message

PostPosted: Sun Feb 02, 2003 10:32 pm    Post subject: maddogjt being paranoid, or is this for real? Reply with quote

ND general forum thread
should we be worried about this or is he just being a git? Seems to me i remember tonnes of "OMG VIRUS ALERT!" spam on ICQ.. gah. i hated those idjits. (so is Madji's concerns real for us?)
    maybe i'll get into the computer biz stuff fer real someday, the unknown scares's like hearing a wasp in your room but you can't see it
I do hope that fucker didn't just make this up to cash in on me "owning" PlanetND. that would be something trollish i've come to expect from non-humorous wankers that play JG

ah, nm. looks like Anguish hit the nail on the head...
Anguish wrote:

The originating advice is accurate; secure your servers. Do it. If you're running Microsoft IIS, apply all the patches. A good helper for this is the Microsoft Baseline Security Analysis tool. Get it here. Basically, it checks what you've got, OS, IIS, Exchange, SQL-wise, and lets you know what patches you DON'T have. I offer that it invariably indicates false missing patches, but I've yet to see it do that with IIS. Just core OS patches so far.

If you're running some non-MS web server, again, patch it up.

That being said, the fact that PND is getting probed means NOTHING useful. There are tonnes of script-kiddies out there running tools that probe sequential IPs for vulnerable webservers. I run a pair of almost unknown sites, and it's a rare day I don't get probed, usually by multiple different bastards. There is no real correlation between PNDs site contents and the likely offenders. The log shown resembles more a probe than a virus. Some parts may be Nimda or Codered, but the rest appear to be probing for a server that has already been compromised by the those, in order to let the prober hack the server.

So, go fix your machines. If you've got any sort of web server (personal IIS for instance is included with WinXP) and aren't behind a router (ie. if you're raw exposed on cable, or DSL), disable it.

Back to top

PostPosted: Tue Feb 04, 2003 8:02 am    Post subject: Reply with quote

JumpDemon wrote:
I see that alot at -=MACK=- Station. Weve never been hacked. With a LAMP setup I don't worry too much about the virus' looking for windows servers. But it is always good advice to keep up to date with security patches. Just last week we saw 23,000 MS SQL servers brought to a crawl because they had not updated with the Patch from Microsoft that had been released 6 months prior to prevent that very type of attack.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    UMEC Forum Index -> Website/Forum Discussion All times are GMT
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Space Pilot 3K template by Jakob Persson.
Powered by phpBB © 2001 phpBB Group