:: 26-Oct-2000 03:10 (Thursday) ::

The Following Clients have been placed/updated for pre-release:

– Windows 95/98/NT [x86/Zipped] v2.8011.464c 2000-10-26

The Pre-Release Page can be found at:

http://www.distributed.net/download/prerelease.html

Please remember to report bugs at http://www.distributed.net/bugs/

Enjoy!

:: 26-Oct-2000 01:18 (Thursday) ::

As I’m sure some have noticed, OGR stats are off by a day. They will be
up-to-date very soon after tonight’s RC5 run. Sorry for any confusion.

:: 25-Oct-2000 03:21 (Wednesday) ::

The Following Clients have been placed/updated for pre-release:

– Windows 95/98/NT [x86/Zipped] v2.8011.464 2000-10-25

– AmigaOS [m68k] v2.8011.464 2000-10-25

– AmigaOS [PPC/PowerUp] v2.8011.464 2000-10-25

– AmigaOS [PPC/WarpOS] v2.8011.464 2000-10-25

The Pre-Release Page can be found at:

http://www.distributed.net/download/prerelease.html

Please remember to report bugs at http://www.distributed.net/bugs/

Enjoy!

:: 24-Oct-2000 02:40 (Tuesday) ::

It’s not been a good day in stats-land. For some reason, the bcp process
started failing silently some time after the first log for yesterday was
processed. I’ve fixed the problem by deleting the table that date gets
bcp’d into and re-creating it, but now I have to re-run OGR for yesterday.
In order to make this happen at a reasonable clip, I’ve got web access
shut off again. I’ll turn it back on as soon as I can.

Sorry again for the inconvenience. }:8(

:: 23-Oct-2000 21:06 (Monday) ::

The maintenance I’m running is taking a lot longer than I expected. It’s
not really impacting http on the box, but the web access is slowing the
maintenance down by quite a bit, and we can’t do OGR statsruns until it’s
done. So, I’ve turned web access off again for now, to give things a chance
to finish up. I’ll get the web turned back on as soon as possible.

Sorry for the inconvenience.

:: 23-Oct-2000 15:12 (Monday) ::

I wanted everyone to know that the latest in our worm saga has arrived.
Our friendly worm writer has included my personal email address as the
configured ID in dnetc.ini (gentleps@muohio.edu.) I would like to take
this time to assure everyone that I did not produce this worm.

This worm is spread via open c shares to c:\windows\system and
c:\WINDOWS\Start Menu\Programs\StartUp\. You should be able to use bovine’s
wormfree (http://www1.distributed.net/~bovine/wormfree.zip) program to
clean your machine. You can read more about his application and what it
does at http://n0cgi.distributed.net/cgi/dnet-finger.cgi?user=bovine. If
this does not work contact us and we will work to update the program.

We will be correcting my stats within the next day or so, but until then
please understand that they will be corrected soon.

Please feel free to email email abuse@distributed.net or
help@distributed.net if you have any questions about this or any other
worms.

Thank you for your understanding. Paul

:: 23-Oct-2000 10:28 (Monday) ::

OGR stats are running right now. I’m also running some maintenance on the
database, which will take an hour or two. Until it’s done, expect tally
to be *SLOW*.

:: 23-Oct-2000 03:09 (Monday) ::

Something went slightly amiss with the OGR run tonight, so OGR stats will
run after RC5 stats are done. They should be done by about 0900 GMT (4AM
CDT).

:: 17-Oct-2000 10:22 (Tuesday) ::

I’d also like to recommend that all paranoid users consider using a virus
scanning utility and ensuring that their systems are not infected with
any other viruses or worms. My wormfree utility only attempts to remove
the several worm variants that have been known to deploy our dnetc client.
However, there have been countless other worms and viruses in the past
that all replicate through similar techniques, so if you might have been
vulnerable to them (and potentially infected) as well. A pretty good free
resident virus scanner is Computer Associates’ InoculateIT product, which
is available for free download from http://antivirus.cai.com/

Additionally, it should be noted that there are indeed several new worm
variants that illegally deploy the distributed.net client and include
email addresses different than the bymer@inec.kiev.ua that I mentioned in
my original post. Some of these others include the email bymer@ukrpost.net
or ogr@gala.net. There is a more comprehensive list about the known
variants at http://www.distributed.net/trojans.html

:: 17-Oct-2000 10:00 (Tuesday) ::

I’ve updated my wormfree utility again to fix a number of other minor
issues. Previously it required a Win98+ or Win95 with IE4 desktop update
installed (now it should run on all Win95, Win98, Win98 SE, and WinME
systems). Additionally, there were rare cases where wormfree would perform
an access violation. It now also attempts to clean a few other no-impact
registry key locations. If you have used previous versions of my wormfree
utility and are really paranoid, you can try re-running this new one.
You can download this new version from:
http://www1.distributed.net/~bovine/wormfree.zip

A related issue is a recent security vulnerability that has been found in
all Win9x systems that would enable another user to access your file
shares, even if you have assigned a very complex password to it. Although
there are currently no worms that utilize this vulnerability, this reason
alone is sufficient to warrant not arbitrarily sharing potentially
vulnerable directories that contain things that get executed. Minimally
this means that you should not share any drive or directory that includes
your WINDOWS directory or your “Program Files”. If you really must use
file-sharing for collaboration, you should create a special folder someplace
on your hard drive, and share ONLY that folder itself (and possibly include
a password, with the understanding that no password or key is truly secure).
You can read about the Microsoft Security Bulletin at the following
location: http://www.microsoft.com/technet/security/bulletin/MS00-072.asp