[unisog] Windows 2000 break-ins

Russell Fulton r.fulton at auckland.ac.nz
Thu Sep 5 23:48:51 GMT 2002


On Fri, 2002-09-06 at 11:22, Anderson Johnston wrote:
> 
> Check for TFTP traffic to off-campus IPs, as well.  That's usually how the
> initial hackware gets downloaded.

If you can get away with it I recomend blocking TFTP at the border, if
you can't they watching for it as Anderson suggests is a good idea.

-- 
Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand

"It aint necessarily so"  - Gershwin



More information about the unisog mailing list