why is Sasser trying to infect a patched system?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

we have a unusual situtation. We have a properely patched server (2000), but for some reason sasser keeps trying to lay down a file on it, which is then quantined. This has happened twice in the last 5 days on this server. Any ideas would be welcome.
 
Do you have a firewall protecting your network from the Internet at the
perimeter, with no unneeded/dangerous ports open?
Are all workstations patched with Windows Update successfully, with all
critical patches?
Are you running centrally-managed desktop antivirus software, kept updated
regularly & automatically?
 
yes we are under a firewall which is under the control of and unit. The only unquie thing is that the server in question is a Web Cast.
 
Don't know what you mean by web cast....can you answer the rest of my
questions?
 
Are all workstations patched with Windows Update successfully, with al
critical patches? yes they are
Are you running centrally-managed desktop antivirus software, kept update
regularly & automatically. yes we are

A web cast is a server that deals in video tele conferenceing
 
I know what a webcast is (it's not the server, it's what the server does,
more specifically), just didn't understand what you meant. Gotcha now.

Where are you seeing the file/activity on your server? What ports are open
from the Internet to this server or your network in general?
 
Jim-GSK said:
we have a unusual situtation. We have a properely patched server
(2000), but for some reason sasser keeps trying to lay down a file
on it, which is then quantined. This has happened twice in the
last 5 days on this server. Any ideas would be welcome.
Hi

What is the version number on the file %windir%\System32\Lsasrv.dll ?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top