[Dshield] Curious outbound firewall log entry

Dale Sampson dalejsampson at ameritech.net
Sat Mar 15 01:12:34 GMT 2003

Linksys firewall log showed the following outbound entry today:

3/14/2003 11:10:16.936

Simovits ID's this  port usage as a number of worm / Trojan.

Doing a search for the .exe & .dll associated (based on simovits list)
doesn't find anything, nor does norton AV or ad-aware.

I was using Outlook XP around this time - I was clearing my "Spam" email
account (long story - don't ask!).

Question: Could this outbound have been initiated by a html email link?

Thanks - curious in cleveland :~)

Dale Sampson, RN

More information about the list mailing list