[unisog] Windows 2000 break-ins
r.fulton at auckland.ac.nz
Thu Sep 5 23:48:51 GMT 2002
On Fri, 2002-09-06 at 11:22, Anderson Johnston wrote:
> Check for TFTP traffic to off-campus IPs, as well. That's usually how the
> initial hackware gets downloaded.
If you can get away with it I recomend blocking TFTP at the border, if
you can't they watching for it as Anderson suggests is a good idea.
Russell Fulton, Computer and Network Security Officer
The University of Auckland, New Zealand
"It aint necessarily so" - Gershwin
More information about the unisog