[Dshield] Curious outbound firewall log entry
dalejsampson at ameritech.net
Sat Mar 15 01:12:34 GMT 2003
Linksys firewall log showed the following outbound entry today:
Simovits ID's this port usage as a number of worm / Trojan.
Doing a search for the .exe & .dll associated (based on simovits list)
doesn't find anything, nor does norton AV or ad-aware.
I was using Outlook XP around this time - I was clearing my "Spam" email
account (long story - don't ask!).
Question: Could this outbound have been initiated by a html email link?
Thanks - curious in cleveland :~)
Dale Sampson, RN
More information about the list