The inability of critical control data to be exchanged quickly across the grid could have hampered the operators' ability to prevent the cascading effect of the blackout, he said. Seifert stressed, however, that no one is certain at this point what caused the blackout. A former Bush administration adviser who has consulted with the U. Department of Homeland Security on the power grid issue said the Blaster worm also hampered the ability of utilities in the New York region to restore power in a more timely manner because some of those companies were running Windows-based control systems with Port open - the port through which the worm attacked systems.
Utilities that responded to requests for comment for this article said they weren't adversely affected. Carol Murphy, vice president of government affairs at the New York Independent System Operator, acknowledged that Blaster affected the utility but said the problem was handled quickly, with no impact on power restoration operations.
The control systems referred to by Seifert, also known as supervisory control and data acquisition SCADA systems, are used to manage large industrial operations, such as the natural gas and electric power grids.
They're often based on Windows or XP operating systems and rely on commercial data links, including the Internet and wireless systems, for exchanging information. Right-click the connection where you want to turn on Internet Connection Firewall, and then click Properties. Click the Advanced tab, and then click to select the Protect my computer or network by limiting or preventing access to this computer from the Internet check box.
Note Some dial-up connections may not appear in the Network Connection folders. In some cases, you can use the following steps to turn on ICF for a connection that does not appear in the Network Connection folder. On the Tools menu, click Internet Options. Click the Connections tab, click the dial-up connection that you use to connect to the Internet, and then click Settings. Basic Firewall is a component of Routing and Remote Access that you can enable for any public interface on a computer that is running both Routing and Remote Access and a member of the Windows Server family.
This worm uses a previously announced vulnerability as part of its infection method. Because of this, you must make sure that you have installed the security patch on all your computers to address the vulnerability that is identified in Microsoft Security Bulletin MS Note that the security patch replaces the security patch. Microsoft recommends that you install the security patch that also includes fixes for the issues that are addressed in Microsoft Security Bulletin MS For more information about the security patch, click the following article number to view the article in the Microsoft Knowledge Base:.
Use the latest virus-detection signature from your antivirus vendor to detect new viruses and their variants. Best practices for security suggest that you perform a complete "clean" installation on a previously compromised computer to remove any undiscovered exploits that can lead to a future compromise. For additional information, visit the following Cert Advisory Web site:.
To download the removal tool from your antivirus vendor, use the following procedures depending on your operating system. To turn on ICF, follow these steps:. If your computer shuts down or restarts repeatedly when you try to follow these steps, disconnect from the Internet before you turn on your firewall.
If you connect to the Internet over a broadband connection, locate the cable that runs from your external DSL or cable modem, and then unplug that cable either from the modem or from the telephone jack. If you use a dial-up connection, locate the telephone cable that runs from the modem inside your computer to your telephone jack, and then unplug that cable either from the telephone jack or from your computer.
If you cannot disconnect from the Internet, type the following line at the command prompt to configure RPCSS not to restart your computer when the service fails:.
If you have more than one computer sharing an Internet connection, use a firewall only on the computer that is directly connected to the Internet.
Do not use a firewall on the other computers that share the Internet connection. Using a firewall should not affect your e-mail service or Web browsing, but a firewall can disable some Internet software, services, or features. If this behavior occurs, you may have to open some ports on your firewall for some Internet feature to work. See the documentation that is included with the Internet service that is not working to determine which ports you must open.
See the documentation that is included with your firewall to determine how to open these ports. For more information, click the following article number to view the article in the Microsoft Knowledge Base:. In some cases, you can use the following steps to turn on ICF for a connection that does not appear in the Network Connections folder. Basic Firewall is a component of Routing and Remote Access that you can enable for any public interface on a computer that is running Routing and Remote Access and is a member of the Windows Server family.
Download the security patch, and then install it on all your computers to address the vulnerability that is identified in Microsoft Security Bulletins MS and MS Microsoft recommends that you install the security patch that also includes fixes for the issues addressed in Microsoft Security Bulletin MS For more information about the security patch, click the following article number to view the article in the Microsoft Knowledge Base:.
If you are using a Dial-up connection to connect to the Internet, you should enable a firewall. To do this, use the procedure for your operating system. Windows This worm uses a previously announced vulnerability as part of its infection method. Because of this, you must make sure that you have installed the security patch on all your computers to address the vulnerability that is identified in Microsoft Security Bulletin MS The security patch replaces the security patch.
Microsoft recommends that you install the security patch that also includes fixes for the issues that are addressed in Microsoft Security Bulletin MS Use the latest virus-detection signature from your antivirus vendor to detect new viruses and their variants.
Best practices for security suggest that you perform a complete "clean" installation on a previously compromised computer to remove any undiscovered exploits that can lead to a future compromise.
For additional information, visit the following Cert Advisory Web site:. However, many antivirus companies have written tools to remove the known exploit that is associated with this particular worm. To download the removal tool from your antivirus vendor, use the following procedures depending on your operating system. If your computer shuts down or restarts repeatedly when you try to follow these steps, disconnect from the Internet before you turn on your firewall. If you connect to the Internet over a broadband connection, locate the cable that runs from your external DSL or cable modem, and then unplug that cable either from the modem or from the telephone jack.
If you use a dial-up connection, locate the telephone cable that runs from the modem inside your computer to your telephone jack, and then unplug that cable either from the telephone jack or from your computer. If you have more than one computer sharing an Internet connection, use a firewall only on the computer that is directly connected to the Internet. Do not use a firewall on the other computers that share the Internet connection. Using a firewall should not affect your e-mail service or Web browsing, but a firewall can disable some Internet software, services, or features.
If this behavior occurs, you may have to open some ports on your firewall for some Internet feature to work. See the documentation that is included with the Internet service that is not working to determine which ports you must open. See the documentation that is included with your firewall to determine how to open these ports.
In some cases, you can use the following steps to turn on ICF for a connection that does not appear in the Network Connections folder. Basic Firewall is a component of Routing and Remote Access that you can enable for any public interface on a computer that is running Routing and Remote Access and is a member of the Windows Server family.
Download the security patch, and then install it on all your computers to address the vulnerability that is identified in Microsoft Security Bulletins MS and MS That the security patch replaces the security patch. Microsoft recommends that you install the security patch that also includes fixes for the issues addressed in Microsoft Security Bulletin MS If you are using a Dial-up connection to connect to the Internet, you should enable a firewall.
Right-click the interface that you use to access the Internet, and then click Properties. For additional technical details about the Blaster worm from antivirus software vendors who are participating in the Microsoft Virus Information Alliance VIA , visit any of the following third-party Web sites:. Network Associates. Trend Micro. Computer Associates.
If you do not have to use TCP filtering, you may want to disable TCP filtering after you apply the fix that is described in this article and you have verified that you have successfully removed the worm. For additional technical details about known variants of the Blaster worm, visit the following Symantec Web sites:.
Symantec Security Center.
0コメント