Full Disclosure mailing list archives
RE: Learn from history?
From: "Stuart Fox (DSL AK)" <StuartF () datacom co nz>
Date: Thu, 6 May 2004 11:05:37 +1200
3. If it is a port-related threat, find out if such portsare in use,and if not, make sure they are closed. (Of course there wouldOnce the virus is on the LAN it can do whatever it wants.
Not quite. Anyone here using IPSEC filter group policies to block the ports that Sasser uses to propagate? Obviously you can't block 445 without causing significant issues, but you can block the ports Sasser uses to transfer itself (5554 & 9996). Anyone here using IPSEC Filter Group Policies at all? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Learn from history? Lennart Damm (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- Re: Learn from history? Valdis . Kletnieks (May 05)
- <Possible follow-ups>
- RE: Learn from history? Serge van Ginderachter (svgn) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? full-disclosure (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- Re: Learn from history? Ondrej Krajicek (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Ferris, Robin (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Steve Bremer (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? full-disclosure (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
(Thread continues...)