Another question about W32.blaster.worm

  • Thread starter Thread starter Babe Ruthless
  • Start date Start date
B

Babe Ruthless

Forgive me if this question has been answered already BUT... how,
exactly does this worm infect a system? Does one have to visit an
infected site? Can it be sent via email? Or is just being unpatched
and online enough to render a system vulnerable to attack?

My home pc is behind a firewall AND is protected by Black Ice, and
plus I'm patched and covered by updated Virus software but I'm still
curious about how its "transmitted". Oh yeah, and I have 80+ pc's
that are behind a firewall but I still wonder if they are vulnerable
because wouldn't that suck immensely.

Do you have to be logged in with admin rights to be infected or can a
user/power user be attacked...

thanking you humbly in advance :-)
 
See this:

Essentially, a system gets infected. It then scans a random block of IPs to
see if the relevant port is open. If so, it copies itself over there, calls
for the rest of the files, and the process starts over again. It's a very
user-friendly worm - no intervention is needed by anyone for it to
spread....

Just being unpatched and online (without a firewall) is enough.

Those 80+ systems should have the relevant update applied. Being behind a
firewall is a good thing, though...

--
If you have to ask if your copy of XP is 32 or 64 bit, it's 32.
Getting Messenger popups? Turn on your firewall!
Patch from Microsoft:
http://tinyurl.com/h84v
More info from MS:
www.microsoft.com/security/incident/blast.asp

(Stolen with pride from Gary Thorn... thanks!)
 
Thank you for all your prompt and helpful replies! I still think we
are REASONABLY safe behind our firewall but I am have downloaded the
patch to our network and am in the process of patching all of our
Win2K pc's. The xp boxes done gone yesterday before the Microsoft
Update Site became flooded with requests. :-)
 
Back
Top