Introduction
BlastBack is an application designed to let other PC users know that their computer is infected with the MSBlast worm when it scans your PC looking for a vulnerable system to infiltrate. BlastBack also supports the detection (both on the harddrive and running/in memory) and removal of the MSBlast worm on the local PC.

BlastBack works by sitting in the background and waiting for connection attempts to be made to a specified port. Upon contact, it obtains the IP address of the infected remote machine and then closes the port. Finally, it dispatches a message (via the Messenger service in Windows) to the IP it obtained letting the computer user know that their PC is infected with the MSBlast worm and gives them a website URL to visit for further information.

• Allows BlastBack to listen on an ordinarily "unlistenable" port, due to it being in-use by Windows.
• Keeps your system safe from the infiltration attempts of the MSBlast worm by redirecting the port it requires connection to to another harmless port.

The Windows' Messenger service also needs to be enable (which it is by default) in-order for BlastBack to reply to the infected machines. Your PC must be able to send Messenger notices out of your local area network and onto the internet. You can test this by typing NET SEND [ip] [message] via the command prompt, replacing the IP with the IP address of a friend that is capable of receiving Messenger notices.

Once the hardware side of things has been set up, you are ready to go. Run BlastBack.exe and you should start getting attempted connections; this depends on how "infested" your "surrounding area" of the internet is. Logically, the amount of connection attempts should diminish over time. EG. This application should not be required in the next year or two.

For the detection and removal of the MSBlast worm, please go into the Detect section of the software; everything is fully explained within that section of the software itself. There are also a couple of settings relating to the detection available in the Settings section.

The background scanner is feature of BlastBack that scans the system's process list for detection of the worm. If it is found, you are warned and advised to immediately cleanse your system via the Detect tab.

Other Uses
A "side-effect" of BlastBack, is that you can get it to listen on any port; this allows you to have it send a message to anyone that attempts to connect to a well-known vulnerable/trojan port on your PC. If the specified port isn't in-use on your system (no other application is currently using the port), then you do not require the use of a hardware router.

BlastBack's primary MSBlast use requires a router so it is able to listen on port 135 simutaneously with Windows itself, although technically it isn't listening on port 135, but having port 135 attempts forwarded to port 10000. This also keeps your PC safe as no port 135 connection attempts will ever make it to port 135 on your PC.

Please Note: BlastBack was originally called MasterBlaster, but has since had its named changed.

15/08/2003, v1.10
Added the detection (on HD/in memory) and removal of the MSBlast worm.
Added a Donation button in About section.

14/08/2003, v1.00
First Public Release.

Credits
Programming, Design: Joseph Cox - www.TNK-BootBlock.co.uk.
Original Idea: Dick - www.bl0g.co.uk.