The Lotte Group conglomerate was forced to shut down for a day due to Sasser. Japan, Thailand, China, and India reported few incidents of the worm, partly because of a Buddhist holiday. The worm is known to have difficulty exploiting the lsass. Delta Airlines delayed and canceled some flights after their computers were infected with Sasser. Credit card giant American Express also had problems with the worm.
Anderson Cancer Center were infected with the worm. The Associated Press and investment bank Goldman Sachs also reported infections. RailCorp in Australia was infected with the worm. Some stations were shut down and only 20 trains were kept running for some time. The Westpac bank had to resort to pen and paper for a short while after being infected with the worm. The Sasser worm was created by an year-old German student named Sven Jaschan, who was also behind the original Netsky worm.
Jaschan was convicted and sentenced to a 21 month suspended sentence and 30 hours of community service. Takayoshi Nakayama, Fergal Ladley. Sindri Bjarnason. Jan Libbenga. Associated Press. Gregg Keizer. Baek Kang-nyoung. Bob Sullivan. Jump to: navigation , search. Sasser Sasser. Hidden category: Pages with broken file links. Navigation menu Personal tools Log in. Namespaces Page Discussion. Views Read View source View history. Navigation Main page Recent changes Random page. This page was last edited on 21 July , at Sasser launches threads to scan the random IP addresses and listens on successive ports starting with TCP port Microsoft reports that the worms also use TCP port as well.
Ports and are both used by the Windows file-sharing protocol. If the Sasser worm finds a vulnerable machine on a local network or the Internet, the worm sends a specially crafted packet to cause a buffer-overflow in lsass. The overflow contains instructions in a script file, cmd.
The file cmd. Prevention Microsoft has created a special page on how to prevent a Sasser infection. Basically, a desktop firewall should protect vulnerable systems until the Microsoft security patch can be downloaded. If you do not have a personal firewall, you should install one first to limit the effects of the Sasser worm. The Microsoft security patch MS is available here. Removal Most antivirus-software companies have updated their signature files to include this worm.
E, was found to be circulating shortly after the arrest. It was the only variation that attempted to remove other worms from the infected computer, much in the way Netsky does. Jaschan was tried as a minor because the German courts determined that he was 17 when he created the worm, which was actually released on his 18th birthday April 29, Jaschan was found guilty of computer sabotage and illegally altering data. On July 8, , he was handed a 21 month suspended sentence.
This aborts the system shutdown so the user can continue to use the computer. The shutdown. It is available in Windows XP. The shutdown time will move as far into the future as the clock was set back. This article is from the CBROnline archive: some formatting and images may not be present. Join Our Newsletter Want more on technology leadership? Sign up for Tech Monitor's weekly newsletter, Changelog, for the latest insight and analysis delivered straight to your inbox.
White papers Home About us Contact us Newsletter.
0コメント