Okay so if you have a firewall you should only have necessary ports open
for incoming traffic.
You should have been blocking all of the ports listed below if you didn't
then why bother with a firewall?
Also if you're running a Microsoft OS you should be subscribed to the
Microsoft Security Bulletin. I got a notice about this problem over a
month ago, the patch has been available since July 16th.
BTW if you run Linux you should be subscribed to one of the Linux security
bulletins.
Lets all try to practice safe computing and the internet will be a much
better place. ;)
>
> VRMan wrote:
>
>> If you have a firewall up, no problem. If you keep your XP/2K updated,
>> no
>> problem ( i check for updates weekly here at work). If not, update your
>> virus program (i do ours here daily) and it'll find it.
>
> A firewall is a false sense of security. Unless you're blocking those
> ports (135-139, 445 and 4444), it can still get in. I didn't see anyone
> attempting to get into my systems but I know the laptop I had that
> caught it was getting out no problem though my firewall; 8 filters later
> and I'm protected both directions.
>
> I use a Linksys box for my firewall, not software.
>
> Oh, and I got it while VPN'd into the office. So my firewall didn't
> help there at all, and likely wouldn't have even if I had the filters
> set up at that point. So just having one firewall somewhere isn't
> enough. I'm just very lucky that the laptop didn't start attacking
> internal (non-routable) IPs and come after my desktop, also behind the
> firewall. The firewall's useless then.
>
>
-- Solid IT Services Kenneth BerntseneMail - kenneth.berntsen@soliditservices.com Phone - 281/802.0711 Fax - 503/214.6729
This archive was generated by hypermail 2b29 : Fri Feb 06 2004 - 11:46:46 EST