Forums | MacLife

oolatec · 2003-01-25 2:34 am

Check your firewall logs everybody... seems there is a new exploit... UDP port 1434... mySQL instead of IIS this time... ouch...

http://www.dslreports.com/forum/remark, … at#5772389

Cynic · 2003-01-25 2:42 am

How do you "check firewall logs" for the built-in OSX firewall, and what should I look for?

cyberwolf · 2003-01-25 4:28 am

Crazy stuff, UUNet seems to be dead. eek

MTM84 · 2003-01-25 4:32 am

Crazy stuff, UUNet seems to be dead.

http://www.internetpulse.net/1/

Freezer mac · 2003-01-25 4:37 am

ouch looks like the dallas connection is dead

http://www.internetpulse.net/1/UUNet_to_UUNet/

MTM84 · 2003-01-25 4:39 am

ouch

http://www.internetpulse.net/1/UUNet_to_UUNet/

freezer, about 10 minutes ago dallas to sanfran was 1000+! Seems most ly the Dallas node that is getting hit the hardest.

Freezer mac · 2003-01-25 4:41 am

yeah.... jeez.. that hit fast, didnt it?

NoExit · 2003-01-25 4:51 am

god damn, i hate this hacking crap!! mad mad mad

Freezer mac · 2003-01-25 4:57 am

god damn, i hate this hacking crap!!

its cracking, not hacking, nox tongue

NoExit · 2003-01-25 5:12 am

yea but hacking sounds better, just like the moive big_smile

ukimalefu · 2003-01-25 7:35 am

are you talking about this?
Internet traffic broadly affected by electronic attack

Chris FOM: Edited to add URL tags

Gary Patterson · 2003-01-25 8:04 am

Interesting...

http://news.bbc.co.uk/1/hi/technology/2693925.stm

http://slashdot.org/articles/03/01/25/1 … ml?tid=109

Some quotes from SlashDot...
"This has effectively disabled 5 of the 13 root nameservers."

"This could have been a lot lot harder to filter out. I expect we'll see ThisWorm v2 soon."

"Microsoft released a patch for this 24th July, 2002."

http://www.boredom.org/~cstone/worm-annotated.txt

"SQL is easy to secure, and the guidelines are well known "

"...this (once again) brings to the fore the problem of admins who don't look after their systems/networks..."

http://www.digitaloffense.net/worms/mssql_udp_worm/

... (and so it goes) ...

Well, it seems we've got another case of useless sysadmins who aren't able to maintain patches to products. They're being caught out fully six months after the patch was released from MS. I'm not a big fan of MS, but they seem to be more or less in the clear on this one (why the hole existed in the first place is an issue for another topic).

Still... it seems to have been harmless enough, so it's a good, timely reminder that patches are put out for a reason. Maybe we'll see the slack sysadmins pick up their game now.

jasontk · 2003-01-25 1:59 pm

should i be worried that the log on my router shows this:
"Unrecognized access from 195.148.254.135:3144 to UDP port 1434"?

ShnickyShnack · 2003-01-25 2:01 pm

PARANOIA!

I tried logging onto MacAddict, couldn't. Tried MacOSRumors, no dice. Macrumors, nothing. What's all this? Was there some super-juicy rumor? Did Steve Jobs have them all shut down? What's going on? What? What? What?

Aha ... check Yahoo! news. Worldwide Internet slowdown. Messiness. Unpleasantness.

Calm ... relax ... deep breaths ... okay, connecting to MacAddict now ... ahh ... the world is once again as it should be ...

IcePenguin · 2003-01-25 2:11 pm

I couldn't logon to the MAF for like 6 hours. It sucked.

ShnickyShnack · 2003-01-25 2:14 pm

It's tough, eh? I had to be sedated.

El Lombardo · 2003-01-25 2:26 pm

Yes i was being sedated too !!!
Otherwise it is just unbearable wink

Mazer Rackham · 2003-01-25 8:16 pm

I couldn't logon to the MAF for like 6 hours. It sucked.

Same here. I had to entertain myself with the second build of A+ for a couple hours smile

Mazer Rackham · 2003-01-25 8:17 pm

How do you "check firewall logs" for the built-in OSX firewall, and what should I look for?

Same question. No one's answered it...

Twisted Guy · 2003-01-25 8:27 pm

I had to be sedated.

[ramones]
20...20...20...24 hours to gooooo, I wanna be sedated.
Nothing to do, nowhere to gooo-ooo-ooo, I wanna be sedated.
[/ramones]

~Coxy · 2003-01-26 8:31 am

I couldn't even get to MAF all yesterday. sad

Forums | MacLife

#1 2003-01-25 2:34 am

Damn, here we go again... Nimda/Code Red pt.2

#2 2003-01-25 2:42 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#3 2003-01-25 4:28 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#4 2003-01-25 4:32 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#5 2003-01-25 4:37 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#6 2003-01-25 4:39 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#7 2003-01-25 4:41 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#8 2003-01-25 4:51 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#9 2003-01-25 4:57 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#10 2003-01-25 5:12 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#11 2003-01-25 7:35 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#12 2003-01-25 8:04 am

Re: Damn, here we go again... Nimda/Code Red pt.2

#13 2003-01-25 1:59 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#14 2003-01-25 2:01 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#15 2003-01-25 2:11 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#16 2003-01-25 2:14 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#17 2003-01-25 2:26 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#18 2003-01-25 8:16 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#19 2003-01-25 8:17 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#20 2003-01-25 8:27 pm

Re: Damn, here we go again... Nimda/Code Red pt.2

#21 2003-01-26 8:31 am

Re: Damn, here we go again... Nimda/Code Red pt.2

Board footer