Running W2K with ZoneAlarm and AVG installed and running. I don't
accept any email with attachments. I'm on DSL. During a boot, before
Windows loads, I get an AVG message that I have mblast.exe......
Ran AVG and it finds "worm/lovsan.a"
How am I getting this stuff with ZoneAlarm and no email attachments
opened?
Any help appreciated.
elfa
I don't how you're exactly getting the worm. But I'll tell you that ZA is
only going to stop a worm coming in on a port, if it's unsolicited
traffic that's trying to reach the machine on a port. That is no program
on your machine solicited for the traffic from the IP/machine that's
trying to reach your machine. In this case, the FW on the machine should
reject unsolicited inbound traffic to the machine.
If two machines are communicating by IP(s) on a WAN or LAN with valid
solicited communications between the two machines and they both have host
based FW on them, and one of them is infected with a self populating
worm, then the FW is not going to stop the worm from coming in on the
traffic.
The only element in a host based FW solution that can stop a worm coming
in on the traffic between two machines is a FW that has an IDS component
that will instruct the FW to close the port to an IP, if it determines
that a worm is coming in the traffic from an IP/machine.
Duane