('binary' encoding is not supported, stored as-is) In-Reply-To: <F7B823B2B5C9544CACAB8B59DD6872B30114B47Fat_private> Although there are many Deloder worms causing port 445 traffic, the new worm, W32.HLLW.Cult.C@mm, may be the real cause of this. Symantec has an analysis from 4/2/2003: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.cult.c@mm. html /Kyle Kyle Lai, CISSP, CISA KLC Consulting, Inc. klaiat_private www.klcconsulting.net >From: Rob Keown <Keownat_private> >To: incidentsat_private >Subject: Increase in Source to Port 445 >Date: Tue, 1 Apr 2003 21:54:58 -0500 >MIME-Version: 1.0 >We are observing an increase in port 445 traffic from a much wider group of >sources than what we have seen over the last few weeks. > >Anyone else observing this? > >Rob Keown > ---------------------------------------------------------------------------- Powerful Anti-Spam Management and More... SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-incidents
This archive was generated by hypermail 2b30 : Thu Apr 03 2003 - 16:53:55 PST