Full Disclosure mailing list archives
Re: Question
From: Rodrigo Barbosa <rodrigob () suespammers org>
Date: Fri, 21 Oct 2005 18:36:06 -0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Oct 21, 2005 at 03:01:31PM -0500, Randall M wrote:
We have been dealing with an IRC/Mirc invation being installed on our network. Looking for info on the possible ways it gets in to a network, spreads and what ports to block beside IRC. Only real info was found here:http://www.avira.com/ en/threats/DR_IRCFlooder_3_details.html. I found a handful of posts where people have had it hit them. Anyone have other info on this.
The IRC protocol is very easy to identify. I would suggest blocking the protocol itself, regardless of the port. []s - -- Rodrigo Barbosa <rodrigob () suespammers org> "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDWVE2pdyWzQ5b5ckRAoupAKCe87w+FV7RGw42R//VS6kvCkXHcQCfZtel j7jzg6VKcvSlTyjyK8+g0pg= =wRUS -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Question Randall M (Oct 21)
- Re: Question Nick FitzGerald (Oct 21)
- Re: Question Rodrigo Barbosa (Oct 21)
- Re: Question Frank Knobbe (Oct 21)
- Re: Question Rodrigo Barbosa (Oct 21)
- Re: Question Frank Knobbe (Oct 21)