K
Knack
My laptop is on a dialup connection with dynamic IP addressing. I had the
Internet Firewall of WinXPH(SP1) enabled, and 10 days ago I did that *huge*
Microsoft patch, which was urgently advised. But yesterday I still got the
Lovsan worm. McAfee discovered this worm only yesterday. My system has since
been repaired.
There is a description of this worm and a link to a freely distributed
standalone AV program to repair your computer at
http://vil.nai.com/vil/content/v_100547.htm
Notice that the worm does not spread thru e-mail, but via scanning a random
IP range to look for vulnerable systems on TCP port 135. The worm attempts
to exploit the DCOM RPC vulnerability on the found systems to create a
remote shell on TCP port 4444. A good firewall should prevent that
intrusion, but obviously the standard one included with WinXPH is
inadequate.
Internet Firewall of WinXPH(SP1) enabled, and 10 days ago I did that *huge*
Microsoft patch, which was urgently advised. But yesterday I still got the
Lovsan worm. McAfee discovered this worm only yesterday. My system has since
been repaired.
There is a description of this worm and a link to a freely distributed
standalone AV program to repair your computer at
http://vil.nai.com/vil/content/v_100547.htm
Notice that the worm does not spread thru e-mail, but via scanning a random
IP range to look for vulnerable systems on TCP port 135. The worm attempts
to exploit the DCOM RPC vulnerability on the found systems to create a
remote shell on TCP port 4444. A good firewall should prevent that
intrusion, but obviously the standard one included with WinXPH is
inadequate.