Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > focus-ms > 03 > 081040.html (Request Expert securityfocus.com Support)

RE: DCOM worm is out

From: Drew Weaver <drew.weaver(at)thenap.com>
Date: Tue Aug 12 2003 - 10:19:41 EDT


That's not the worm, that's a script-kiddie using the Kiht2.exe autohacker.

It takes like 10 seconds to use this program.

Literally kiht2.exe ip address, then it installs hackerdefender and gives you a command prompt.. its scary.

-Drew

-----Original Message-----
From: Dominick S. [mailto:dsardina@si.rr.com] Sent: Monday, August 11, 2003 8:48 PM
To: Marc Fossi; Focus-MS
Subject: Re: DCOM worm is out

Thankfully I am patched way before today. But some people arent so lucky.

I have a friend who just let me know..he is infected and he wrote this.

>From what I've seen it launches processes with various names:
 firedamon, dll32, msblast, runserv48, runserv16, runserv, runserv2, etc.

Do you need help?X

Just a FYI.

Stay Safe!

DS-
http://www.infosecnyc.com

  • Original Message ----- From: "Marc Fossi" <mfossi@securityfocus.com> To: "Focus-MS" <focus-ms@securityfocus.com> Sent: Monday, August 11, 2003 4:32 PM Subject: DCOM worm is out

> FYI
>
> http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
-
> Your network firewall and IDS products do not prevent Web application
> attacks - the most common form of online exploitation- resulting in Web
> defacement, data theft, sabotage and fraud.
> KaVaDo is the only company that provides a complete suite of Web
> application security products.
> Download a FREE whitepaper on "Security Policy Automation for Web
> Applications":http://www.securityfocus.com/Kavado-focus-ms
> --------------------------------------------------------------------------
-
>


Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products.
Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms

Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products.
Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms
Received on Tue Aug 12 11:52:37 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:35 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library