[wplug] Sasser Worm -- protection
Brandon Kuczenski
brandon at 301south.net
Mon May 3 14:13:36 EDT 2004
Inside my router/firewall (Redhat 9) I am running a windows machine. If I
am concerned about protecting it from possibly infected computers that are
brought INSIDE the firewall (like friends' laptops), is it sufficient for
me to add an iptables rule in the FORWARD chain which DROPs packets sent
to ports 5554, 9996, and 445?
(ref:
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
)
-Brandon
More information about the wplug
mailing list