Security Incidents mailing list archives
RE: New MSN Messenger Worm
From: "Michael Fredericks" <mfredericks () infosol com>
Date: Thu, 14 Feb 2002 09:04:41 -0700
Hi All, Thanks for the warning on MSN Messenger. I have restricted access to the service from my network and suggest that it might be a good idea for others to do the same. I found that MSN Messenger uses TCP port 1863 but it also seems to fallback to an HTTP connection to various hosts on the "messenger.hotmail.com" domain. Therefore I found that I had to restrict the TCP port as well as any http connection attempts to this domain. Thanks, Michael Fredericks Manager - Networks and Telecommunications InfoSol, Inc. mfredericks () infosol com http://www.infosol.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New MSN Messenger Worm Drew Smith (Feb 13)
- RE: New MSN Messenger Worm Rocky Stefano (Feb 13)
- Re: New MSN Messenger Worm Nathan Einwechter (Feb 13)
- Re: New MSN Messenger Worm Nick FitzGerald (Feb 14)
- <Possible follow-ups>
- Re: New MSN Messenger Worm Bill Schalck (Feb 13)
- Re: New MSN Messenger Worm dreamwvr () dreamwvr com (Feb 14)
- RE: New MSN Messenger Worm Michael Fredericks (Feb 14)