H C wrote: > > I did some testing...and after reading this thread and > seeing the DirectAdvertisers.com site, I decided to > right up some code and see what happened (the code is > below). I tested this on a network...and it worked > just fine. I think some of the stuff is coming in on the MS-RPC port - 135. We have all netbios over tcp ports blocked and we still see the spam. Here is a good write-up that also contains a link to good info about RPC and windows services: http://www.mynetwatchman.com/kb/security/articles/popupspam/ http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Oct 15 2002 - 10:21:29 PDT