Hosting Provided By

Re: What the heck is this msblast.exe

From: asebba <asebba(at)secrel.com.br>
Date: Tue Aug 12 2003 - 16:13:53 EDT

Hi, I'm new in this list and I'm from Brazil, so, please forgive my bad english.

Btw, the prompt shutdown really only exists in Resource Kit, but theres a freeware application that can help you:

http://www.sysinternals.com/ntw2k/freeware/psshutdown.shtml

usage:
-a Aborts a shutdown (only possible while a countdown is in progress)

There are some cool prompt tools in this site.

Good Luck

Original Message ----- From: <grosland@ece.cmu.edu> To: <dolan@cc.admin.unt.edu>; "James Montgomery" <jmont007@earmyu.com> Cc: <focus-ms@securityfocus.com> Sent: Tuesday, August 12, 2003 3:38 PM Subject: Re: What the heck is this msblast.exe

> If I'm not mistaken, Win2k doesn't have shutdown.exe by default...I think
has
> crashed. Every time I've tried installing the patch when RPC has crashed
prompt
> > that will abort the shut down process. I haven't tried it myself but
> > it's reported to do the trick.
> >
> >
> > On Tuesday 12 August 2003 12:10 pm, James Montgomery wrote:
> >> I have noticed that there has been a problem with end users and their
> >> ability to "snuff" the worm. Many of my remote users cannot stay
> >> connected to the internet long enough to download the patch or the
> >> msblast.exe fix. Approximate up time is 2 minutes once connected to the
> >> internet. Users receive "System is shutting down because of remote
> >> procedure service termination unexpected"
> >>
> >> Has anyone else had this problem? And if so is their an alternative to
> >> physically making a disk to distribute to end users?
> >>
> >> I suspect this will be a problem for many, as most of us are just
> >> worried about our key systems and servers.
> >>
> >> Thank you,
> >> James
> >>
> >
> >> ----------------------------------------------------------------------
> >
> > --
> > Patrick Dolan
> > UNT Information Security
> >
> > PGP ID: E5571154
> > Primary key fingerprint: 5681 25E4 6BE6 298E 9CF0 6F8D B13B 2456 E557
> > 1154
-
> Your network firewall and IDS products do not prevent Web application
-
>
>

Your network firewall and IDS products do not prevent Web application attacks - the most common form of online exploitation- resulting in Web defacement, data theft, sabotage and fraud. KaVaDo is the only company that provides a complete suite of Web application security products.
Download a FREE whitepaper on "Security Policy Automation for Web Applications":http://www.securityfocus.com/Kavado-focus-ms

Received on Tue Aug 12 16:18:33 2003

Do you need help?

This message: [ Message body ]
Next message: Geoff Shively: "3 Comprehensive links in combat with MSBlaster Worm"
Previous message: Jon Metzger: "Re: msblast and IIS"
In reply to grosland(at)ece.cmu.edu: "Re: What the heck is this msblast.exe"
Next in thread: RMcKay: "Re: What the heck is this msblast.exe"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:35 EDT