> Not quite. Anyone here using IPSEC filter group policies to block the ports > that Sasser uses to propagate? Obviously you can't block 445 without > causing significant issues, but you can block the ports Sasser uses to > transfer itself (5554 & 9996). > > Anyone here using IPSEC Filter Group Policies at all?
Anyone? I'am really curious if someone dares to use this for production-level security. With no logs, you must rely on pen-testing to make sure it works. Beside the burden of hacking of your own _production_ box, as always with group policy, you never know when it stops to work. Just my $0.02... Ondra Krajicek +>>>-----------------------------------------------------------------+ |Ondrej Krajicek (-KO| |Institute of Computer Science, Masaryk University Brno, CR | |http://isildur.ics.muni.cz/~ondra [EMAIL PROTECTED]| +--------------------------------------------------------------------+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
