| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: sasser worm (new) |
From: "Robert Comer"
>How does
> blocking 5554 stop spreading
That's the port that transfer the virus payload -- I blocked it immediately too.
Sasser A, B and C uses 9996 too
Sasser D uses 9995 too
- Bob Comer
"Mike N." wrote in message
news:1lhh90tqvoc7vb46jb0mmucho20ue8dr93{at}4ax.com...
> On Tue, 4 May 2004 22:03:02 -0400, "Geo."
wrote:
>
> >We blocked 5554 this time, doesn't stop the exploit but does stop
spreading
> >of the worm and doesn't break anything in the process.
>
> I did a double take at who wrote the message. You BLOCKED something?
> What about requests from port > 1024 which happens to be 5554? How does
> blocking 5554 stop spreading - no Microsoft services use that port?
> Shouldn't you be blocking 445 instead?
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)SEEN-BY: 633/267 270 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.