Blocking w32.blaster.worm?

• From: "Matthew Bunce" <isa.mailinglist@xxxxxxxxxxxx>
• To: isalist@xxxxxxxxxxxxx
• Date: Tue, 12 Aug 2003 07:10:38 -0600

I have done all I can to secure my internal network, patching everything
that even looks like a computer (believe me the toaster did not like
having a CD with the patch on it inserted!)

VPN has been suspended until futher notice while we make sure that all our
partners are secured and patched and all laptops are being checked in a
sandbox enviroment until we are sure they are clean.

What ports on our external ISA can I block to stop incoming/outgoing
activity by this worm if for any reason we have an infection? Will failed
connections to RPC on the ISA cause any DoS? Is there anything I can do to
limit the damage of an infection coming in via VPN? Are there port filters
I can apply to VPN traffic?

Many thanks.

Matthew Bunce
Kluster (UK) Limited

Other related posts:

• » Blocking w32.blaster.worm?
• » RE: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?
• » Re: Blocking w32.blaster.worm?

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---