Canadian Mac Forums at ehMac banner

1 - 17 of 17 Posts

·
Canadian By Choice
Joined
·
5,141 Posts
Discussion Starter · #1 ·
Our entire hospital research network has been down today thanks to the MSBlast worm. We've over 1000 desktops and I can't even print, let alone connect to the internet. I find it unbelievable that such havoc can be wreaked. We've firewalls, filters, a professional IT dept, etc. The only thing that works is my modem.....

This past week has been a real eye-opener. Big systems and homogeneous networks are vulnerable - stay small and independent.... PC's are littering the superhighway and slowing the rest of us down. Get off the road....
 

·
Mac Guru
Joined
·
14,627 Posts
*cough* Macs *cough* ;)
 

·
Canadian By Choice
Joined
·
5,141 Posts
Discussion Starter · #3 ·
All I use are Macs, but the darn PCs on the network are choking the pipes preventing *any* TCP traffic (we're banned from using AppleTalk). It's like living with a bunch of virus magnets.

Someone should ship the PCs to Michigan - they're done.
 

·
Registered
Joined
·
57 Posts
"A new variant of the Blaster worm, known as 'Nachi', has been discovered on August 18, 2003. Instead of crashing infected machines, the latest variant deletes other forms of Blaster found on a vulnerable machine and tries to install a security patch on the system. However, this 'good worm' remains problematic - it stays on an infected system until January 1, 2004, and continues to scan for other vulnerable machines, thereby affecting the computer's processing power and Internet connection speed. Security experts have long debated the merits of 'good worms', especially in cases where serious vulnerabilities could endanger national security. Nonetheless, most experts believe that even such worms access systems without authorization and are illegal."

From the Washington Post Aug 18

:D
 

·
Premium Member
Joined
·
1,115 Posts
My mothers friend, and my bro, and my father in law were all victims as well. What did they expect from Windows? That is another reason I switched to mac almost two years ago.
 

·
Registered
Joined
·
141 Posts
The spammers are all over the power outage & the worm too. I recieved a really great piece of spam at work yesterday....

It had a giant headline reading "The Real Reason The Lights Went out" and then quotes from various sources about the Blaster worm being 'the most widespread worm ever' etc etc. Beneath all that? A big 'ol add for Symantic Virus protection... :rolleyes:

Sadly, I'm sure some people will belive that the worm did cut off the power, and that there's some conspiracy covering it up...
 

·
Registered
Joined
·
503 Posts
I work for a company of just under 1000. None of us can access e-mail because the I.T. folks are trying to rid the system of this worm. Luckily I have internet access but it's very, very slow.

Once again it's my chance to quip "Too bad we don't use Macs." :D
 

·
Canadian By Choice
Joined
·
5,141 Posts
Discussion Starter · #9 ·
Turns out it wasn't MSBlast but was W32.Welchia.Worm Whaddya know, multiple viruses.....

This was a total bugger in that the whole network was brought down (I couldn't even telnet....) by it's infection of PC's (pieces of crap).

If you're a sysadmin and see this nasty pile of code, shut down all of your PCs!
 

·
Registered
Joined
·
220 Posts
It's fine and dandy to laugh at PC users because our Macs are rarely affected by virii, and to urge PC users to Switch, but won't that lead to a larger market share for Macs, and thus lead to Macs being targetted by virii?

Macs will be directly immune from virii as long as we stay the minority. There's no point in shutting down the PCs and keep the Macs on your network alive, since this will only lead to the evolution of Mac-attacking virii. Or am I wrong?
 

·
Canadian By Choice
Joined
·
5,141 Posts
Discussion Starter · #11 ·
Our network is still slow as molasses and this morning I received 40 odd emails with virus attachments (from all over). My email address had also been used to send viruses to others (as I have a Mac, I assume the address was culled from the server somehow, or maybe from someones address book).

Two days of no network services. If I was in IT, I'd dump the PCs now!

(edit in reply to phat bastard) I am not suggesting convert the whole world! I sincerely doubt that converting our 1000 odd PCs to Macs would have any dent on marketshare but it would effectively isolate us from the plagues of virii swimming around. Sorry if that sounds selfish but I'm sick and tired of the disruption and the seemingly incessant problems caused by these things. In practical terms, the ROI from switching to Macs to avoid the down time has got to be pretty good. We just don't want everyone to switch (like that is going to happen....)
 

·
Registered
Joined
·
220 Posts
It is frustrating that virii are always attacking Microsoft software, maybe it's MS we should be mad at, not PC's in general. But if MS or PCs "go away", whatever that might mean, that would just open up the door to another big company that hackers would attack.

I've thought about this a lot lately, given the insane amount of damage Ms.BLAST is causing, and I think we'll just have to learn to live with things like this...there will always be a hacker that can make a virus to exploit any operating system/application.

btw jwoodget: I'm a student at OCI, I'm in Gil Prive's lab (coincidence)..I'm away from OCI right now but I hear the network is brutally slow/infected/uncooperative over there, that's harsh!
 

·
Premium Member
Joined
·
7,069 Posts
One thing I'm wondering is that most viruses use Microsoft built-in features to propogate itself and do damage. On Mac OS X, how could one do such damage? In order to affect anything critical, you have to put in your administrative password at minimum. And have other version of UNIX suffered from Virii? I'm in the dark on that issue.
 

·
Registered
Joined
·
57 Posts
Why be mad at Microsoft? All we have to do is fix society so people dont try to harm others for fun - which might be a simpler task than completely debugging windows ;)
 

·
Registered
Joined
·
2,198 Posts
Chealion,

There have been a few Mac OS X security updates that have fixed privilege escalation holes, so it's entirely possible that a Mac OS X virus could take advantage of one of these holes and gain complete control of the computer without the user having to enter a password.
 

·
Registered
Joined
·
44 Posts
We got hit by the Nachi/Welchia worm yesterday at lunch. It completly flattened the network here with the 300 Win2K PC's we have. Everything was hit. Me and 2 of the other IT guys were here until 3AM last night fixing computers. Then we fixed the rest when we came back in at 8am. Just now we got the last ones done and everything is kind of normal now. I find it rediculous to have a worm that can install and propigate without any user intervention. If it was on and plugged into the network it got infected in a few minutes. Arg. Glad I use a Mac at home.
 

·
Canadian By Choice
Joined
·
5,141 Posts
Discussion Starter · #17 ·
Part of the problem we have is that people don't have admin access so they can't fix the problem - they have to wait for the IT guys. It can't be done centrally.

Apparently Microsofts solution (apart from buying an anti-virus company) is to force-run updates to security patches - taking away any user intervention for applying patches. Does anyone think that might just create a bigger mess?

Phat bastard - good job you are out of town. It's hopeless here at the moment. The viruses/worms have won for two days - both research and hospital networks. Our IT department is blaming it on laptops. Hello? The hospital network is supposedly completely secure. No users have admin access. Except there are three PCs in the microarray lab that are outside the firewall (so that we can collaborate with the outside world). As far as I know, these are the only machines that are on a useable network.

I'm sure the reaction will be even more restrictions.... Heck, let's dump the Macs so we can spend more time fixing the PCs. I think people running PCs with W2K or XP should be paying a lot more for support than people running Macs. Why should I subsidize those machines?
 
1 - 17 of 17 Posts
Top