Re: Question

From: Miha Pihler [MVP] (
Date: 02/24/05

Date: Thu, 24 Feb 2005 00:02:24 +0100

It is possible (and very likely) that they are coming in over TCP port 80
(or UDP 53 -- used for DNS resolution).

Viruses will use ports that are likely to be opened (as mentioned TCP 80,
TCP 443, UDP 53, TCP 25, ...).

When I setup servers for my customers, I usually try to define rules on the
firewall that would prevent complete access to the internet from the servers
(but not the other way -- access from the internet to the server so that
visitors are able to access public websites). This way, I can prevent
administrators surfing the internet from the server and getting infected
from web sites (protects from viruses, spyware etc).
This doesn't prevent infection that would come from inside (e.g. internal

Microsoft MVP - Windows Security
"KC" <> wrote in message 
> Hello All:
> For the past several days, our virus software has found and deleted a
> backdoor trojan which was destined for our webserver. This came from the
> outside, not in since no other clients on the network show any signs of
> infections.
> My question is this. How are these files being sent to the server. Is it
> possible that they are coming in on port 80?
> If not, how?
> Thanks
> KC

Relevant Pages

  • RE: RRAS Port configuration
    ... it conencts to the internet via PPPoE and does not get issued an IP ... The server obviously gives it one of those random 169 addresses. ... I am not quite sure about your word "open port 40010". ... SBS clients or server need to access port 40010 on the internet? ...
  • RE: VBscript Error on SBS2k3
    ... DHCP Server turned of SonicWALL with VPN Pass through request for IP to ... the problem should be caused by the 4125 port. ... > | Accessories and Communications and Remote Desktop Connection? ... > | 2.In Internet Explorer on the workstation you are connecting from, ...
  • Re: Public Static IP Routing
    ... Right-click on your external / internet nic & select Properties. ... Surveillance), set the incoming port to 1024, the private address to ... Chad A. Gross - SBS MVP ... >> Surveillance server is already being used by something else on your ...
  • RE: Remote Web Workplace
    ... 825763 How to configure Internet access in Windows Small Business Server ... Port 21 enable external and internal file transfer ... Port 80 enables all nonsecure browser access, ...
  • RE: RRAS Port configuration
    ... I am not quite sure about your word "open port 40010". ... SBS clients or server need to access port 40010 on the internet? ...