[unisog] windows networking and udp 1026

Peter Moody peter at ucsc.edu
Wed Dec 3 19:51:21 GMT 2003


> The traffic seems to have been related to a malware species that sends 
> pop-up spam inviting folks to download a free pop-up spam blocker. The 
> blocker is likely a Trojan horse that causes the victim's computer to begin 
> sending pop-up spam.

I'm aware of what *this* popup scam did, but what I'm wondering about is
future attacks.  Is udp/1026 another vector for blaster like viruses? 
Is this another proto/port pair that needs to be blocked like tcp/135 or
tcp/445?

-Peter

-- 
Peter Moody                             <peter at ucsc.edu>
Information Security Administrator      831/459.5409
Communications and Technology Services. UC, Santa Cruz.
http://security.ucsc.edu/pgp/peter.moody.pub
:wq
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/unisog/attachments/20031203/656b9d17/attachment-0003.bin


More information about the unisog mailing list