Security Incidents mailing list archives
Re: suspicious firewall rules in WinXP firewall
From: Valdis.Kletnieks () vt edu
Date: Tue, 04 Jul 2006 10:39:04 -0400
On Mon, 03 Jul 2006 15:16:23 PDT, Bob Madore said:
The first problem of course is the firewall or internet security suite --- remove that and all should be OK again.
You mean "all should *look* OK again".
A spyware and virus have the ability to perform this same problem.
And if the corruption of the firewall is due to spyware or a virus, fixing the firewall doesn't remove the actual malware, and as a result, things are most certainly *NOT* OK. You have gotten rid of the patient's fever, but the bacteria is still present. Nuke it from orbit and reinstall. It's the only way to be sure.
Attachment:
_bin
Description:
Current thread:
- suspicious firewall rules in WinXP firewall belka (Jul 03)
- Re: suspicious firewall rules in WinXP firewall killy (Jul 03)
- Re: suspicious firewall rules in WinXP firewall Harry Hoffman (Jul 03)
- RE: suspicious firewall rules in WinXP firewall David Gillett (Jul 03)
- Re: suspicious firewall rules in WinXP firewall kent crispin (Jul 03)
- Re: suspicious firewall rules in WinXP firewall Bob Madore (Jul 03)
- Re: suspicious firewall rules in WinXP firewall Valdis . Kletnieks (Jul 04)
- Re: suspicious firewall rules in WinXP firewall Thor (Hammer of God) (Jul 04)
- Re: suspicious firewall rules in WinXP firewall Bob Madore (Jul 03)
- Re: suspicious firewall rules in WinXP firewall Jamie Riden (Jul 03)
- <Possible follow-ups>
- RE: suspicious firewall rules in WinXP firewall Darren Clarke (Jul 03)
- Re: suspicious firewall rules in WinXP firewall jimm22222 (Jul 03)
- Re: Re: suspicious firewall rules in WinXP firewall shenba_rake (Jul 04)