The zombie machines are all aimed at windowsupdate.com, which redirects to windowsupdate.microsoft.com. Microsoft will just change windowsupdate.com to the IP address 127.0.0.1, so the attack will go nowhere.
All I know is that most PC computers in my company (worldwide, not just US) were down a day to a day-and-a-half while the IT guys went around, workstation by workstation, loading the patch.
In my office, the only people who got any work done on computer were the 3 Mac users (me and 2 other designers).
Has windowsupdate.com always been a low-bandwidth text-only page with but a handful of links? I find that hard to believe given the bloated style of most of MS's main pages. Maybe they're hoping to ride it out by brute server strength and small page size.
Has windowsupdate.com always been a low-bandwidth text-only page with but a handful of links? I find that hard to believe given the bloated style of most of MS's main pages. Maybe they're hoping to ride it out by brute server strength and small page size.
There is no way they can ride out that storm of that size, no matter how small the page is.
And I think that the text-only page you see is because it redirects Mac users(I think).
Problem with redirecting a domain to an non-existant (localhost) address is that it will also disable the service. And this virus is supposed to START at midnight on the 16th of August and run CONTINUOUSLY until 11:59pm on the 31st of December.
Was just informed by a co-worker that he was contacted by our MS rep that the virus has a payload being delivered tomorrow (unless, that is just bad info and it is actually the 16th windowsupdate.com ddos attack).
Can't wait to hear the cause of this big blackout. Probably something stupid, but I wonder if virii could infect some of the systems that control the power grids....I think I will do some digging as to how these things actually work.
Comments
And yeah, it was a pretty stupid idea to aim the attack at a domain.
In my office, the only people who got any work done on computer were the 3 Mac users (me and 2 other designers).
8)
Originally posted by Towel
Has windowsupdate.com always been a low-bandwidth text-only page with but a handful of links? I find that hard to believe given the bloated style of most of MS's main pages. Maybe they're hoping to ride it out by brute server strength and small page size.
There is no way they can ride out that storm of that size, no matter how small the page is.
And I think that the text-only page you see is because it redirects Mac users(I think).
Was just informed by a co-worker that he was contacted by our MS rep that the virus has a payload being delivered tomorrow (unless, that is just bad info and it is actually the 16th windowsupdate.com ddos attack).
That way there won't be any computers turned on when Blaster is supposed to do it's work and windowsupdate.microsoft.com won't be attacked.
Expect to have the power back late Saturday.
Originally posted by JLL
Microsoft have now started to hack into power stations to shut them down.
tee hee
Originally posted by gardnerj
Just tried connecting to microsoft.com from work this morning ....nothing ... its still there but timing out operations left right and centre.
tee hee
Isn't the attack supposed to start later today? Is it already happening?
Originally posted by JLL
Isn't the attack supposed to start later today? Is it already happening?
Don't know but i were a hacker i'd be saying yeah we're going to do a big dos attack on blah date and then sneak up and hit them a day early.
Of course it might be more to do with the dns issues i have been reading about caused by the east coast power outage.
Either way there shades of Terminator 3 creeping here ..