On Wed, 13 Aug 2003 09:06:34 -0400, Greg Reese wrote: >you have got MCSE, MCP+I etc after you name and you trusted the built in >Microsoft firewall?? > >Could another locally infected computer have gotten you? I've heard a lot about the built-in firewall not being any good for anything. Why is it then available?? How did Microsoft figure this one out? >-----Original Message----- >From: Joe Mulhall [mailto:Joe.Mulhall@xxxxxxxxxxxxx] >Sent: Wednesday, August 13, 2003 6:35 AM >To: windows2000@xxxxxxxxxxxxx >Subject: [windows2000] Conundrum: ICF and MSBlast > > >Hi there, > >I was infected by MSBlast the other day and hit again while repairing >it yet I was running Internet Connection Firewall (default config >including logging and no services enabled) > >As Microsoft points out in MS03-026, "If you are using the Internet >Connection Firewall in Windows XP or Windows Server 2003 to protect your >Internet connection, it will by default block inbound RPC traffic from >the Internet." > >Okay I should have patched anyway but the firewall should have >protected me. I checked the settings while I was patching and was hit >again... > >Logs show nothing at all. > >How was I infected? > >Regards, > >Joe Mulhall >MCSE, MCP+I, CCSA > >Network Engineer BW, Sorin # Sorin Srbu, Systems Engineer Web: http://www.farmfak.uu.se/organisk/ # Dept of Medicinal Chemistry, Phone: +46 (0)18-4714482 >> 5 signals >> GSM # Div of Org Pharm Chem, Mobile Phone: +46 (0)701-718023 # BMC, Box 574, Uppsala University Fax: +46 (0)18-4714474 # SE-751 23 Uppsala, Sweden Visit: BMC, Husargatan 3, D5:512b # # Public PGP key available on request. # # () ascii ribbon campaign - against html e-mail # /\ ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148 ********************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm