Re: Help - a possible bot
From: Nick FitzGerald (nick@virus-l.demon.co.uk)
Date: 11/16/02
- Previous message: Dan Perez: "RE: Help - a possible bot"
- In reply to: Moshe Aelion: "Help - a possible bot"
- Next in thread: Jon Nelson: "Re: Help - a possible bot"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 17 Nov 2002 11:34:46 +1300 From: Nick FitzGerald <nick@virus-l.demon.co.uk> To: incidents@securityfocus.com
"Moshe Aelion" <ma0934@hotmail.com> wrote:
> Two weeks ago, the NAT/ICMP computer on our LAN got compromised; the hacked
> installed DameWare and was trying to work on the computer. It was discovered
> within about 10 minutes. I then installed ZoneAlarm Pro.
<<big snip>>
I think there are some misconceptions here.
Although ZoneAlarm should be "protecting" you, you clearly have a lot
of stuff configured for a machine that should be on a LAN, itself
protected from the real world, rather than directly on the Internet.
You may find the following detailed discussion of locking down
service bindings helpful:
http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html
Regards,
Nick FitzGerald
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Next message: Jon Nelson: "Re: Help - a possible bot"
- Previous message: Dan Perez: "RE: Help - a possible bot"
- In reply to: Moshe Aelion: "Help - a possible bot"
- Next in thread: Jon Nelson: "Re: Help - a possible bot"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
