Re: How do I stop the mydoom virus?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Mohammed Alli (MAlli_at_computerrents.com)
Date: 03/25/04 

Date: Thu, 25 Mar 2004 12:27:36 -0500

So if I block 3127-3198, then I should be ok?

"Phil McNeill" <philm@NOSPAMhydroottawa.com> wrote in message
news:uhn2ygoEEHA.1368@TK2MSFTNGP11.phx.gbl...
> Don't know if you manage your own firewall, but we track down machines
that
> are infected by blocking outbound ports they exploit, logging outbound
> access attempts to those ports, and then checking the log. That gives us
an
> IP address of the infected machine and it can then be traced back via DHCP
> admin as to who has that address. There are a lot of available network
> tools that will automate a lot of this for you as well.
>
> Mydoom bangs away at ports 3127-3198, so those are the ones you would
wants
> to check for outbound access attempts.
>
> "Mohammed Alli" <MAlli@computerrents.com> wrote in message
> news:uVC%231MoEEHA.2628@TK2MSFTNGP11.phx.gbl...
> > I keep getting emails saying that there's a new security update from
> > Microsoft. I'm getting a lot of these types of emails lately and I was
> > wondering if there's a way to stop this? I know that I have an instance
> or
> > instances of the mydoom virus, on a workstation or possibly a server, in
> my
> > building. Is there a way to trace this where it is or where the emails
> are
> > coming from?
> >
> >
>
>

Relevant Pages

  • Re: Outbound ports
    ... >> public web server sitting in my DMZ. ... Destination Port 80 outbound ... >> blocking outbound on all but those ports could prevent traffic from ... >> infecting other machines on the internet. ...
    (comp.security.firewalls)
  • Re: How do I stop the mydoom virus?
    ... Don't know if you manage your own firewall, but we track down machines that ... are infected by blocking outbound ports they exploit, ... access attempts to those ports, ... I'm getting a lot of these types of emails lately and I was ...
    (microsoft.public.exchange.admin)
  • Re: Outbound ports
    ... Destination Port 80 outbound ... > blocking outbound on all but those ports could prevent traffic from ... > infecting other machines on the internet. ... > about your machines pinging them either. ...
    (comp.security.firewalls)
  • Re: Mainpine IQ Express: PCI-Express multi-port fax board for the free Microsoft Fax Server
    ... The IQ Express does support it. ... except that testing from one set of ports back to another ... I like the results with Brother MFC machines. ... the Microsoft Fax Service that is included with Windows XP/2003 SBS/ ...
    (microsoft.public.windows.server.sbs)
  • Re: slow login problems at branch office
    ... Download PortQryUI and from the client side check to see if the ports are ... 389/TCP/UDP LDAP ... 53/TCP/UDP DNS ... SP4 machines and based in the main site. ...
    (microsoft.public.win2000.active_directory)