Escribano -> RE: Sasser Worm - take steps (May 6 2004 8:14:30)
|
It does download something, you don't have to... quote:
W32/Sasser-A attempts to connect to computers through ports TCP/9996 and TCP/445. If the Windows computers are not patched against the LSASS vulnerability, an FTP script is downloaded and executed, which connects to port 5554 and downloads a copy of the worm via FTP (File Transfer Protocol). You don't need to download anything to be attacked. Whilst on the Internet, without appropriate cloaking via a firewall and latest updates, you are always at risk. If you are on dial-up your ISP should be running a firewall of sorts but they don't know what ports you want to open up for gaming, messaging, web cam etc. so you should at least run a software firewall. Windows 2000 is not anything like Windows 98, it is based on Windows NT technology.
|
|
|
|