To: hsmomx3
If you have a PC running Windows 2000, Windows NT 4.0, or Windows XP and are connected to the Internet, you may be vulnerable. No action is needed by the user in order to be "infected".
A request from another computer is made to your port 135 as a remote procedure call. If your PC responds, a request is made to copy a file to your PC which is then executed. A change is made to your registry to restart this program on a reboot. This program now takes on the task of finding another victim computer.
If you are using Windows 95 or 98 or Millenium, you will not be infected, since these systems do not support the remote procedure call.
If you are using a hardware or software firewall that blocks port 135, you will not be infected. The Linksys router is an example of such a hardware firewall. Zonealarm is an example of a software firewall.
I noted on my firewall log that there have been many port 135 requests to my network.
12 posted on
08/15/2003 6:21:12 PM PDT by
IpaqMan
To: IpaqMan
I downloaded the scanner from Symantech, and it didn't find anything. I use Windows ME, but I just wanted to check anyway.
17 posted on
08/15/2003 6:22:48 PM PDT by
P.O.E.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson