Make sure you block port 80 as well, the dreaded [EMAIL PROTECTED] virus uses this port. If you see any traffic on there, then chances are you have it.
----- Original Message ----- From: "Billy B. Bilano" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 08, 2004 8:00 PM Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! > Oliver! Hello! > > SSL is the same port as HTTPS ? OMFG then we have a bigger problem than I > ever imagined!! HOLY SMOKES! I am going to block port 443 right now and I > urge ALL of you to do the same before this gets out of control! > > Also, Oliver, I am sure I am telling you something you don't know, but you > have a bunch of crypto code that is more then likely a virus at the end of > your message! In fact, you are so infected, that it seems the crypto code is > longer then the entire message you sent! This is probably how it spreads! I > saw a couple of other people on this thing already that had this same > symptom. > > Good luck, everybody! I hope we can cleanse our systems of this 443 virus! > > -------- > Mr. Billy B. Bilano, MSCE, CCNA > <http://www.bilano.biz/> > Expert Sysadmin Since 2003! > 'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS > > > > ----- Original Message ----- > From: "Oliver Welter" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Cc: "Billy B. Bilano" <[EMAIL PROTECTED]> > Sent: Tuesday, June 08, 2004 12:43 PM > Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely > Discovered! > > > > hi Guys, > > > > I'm new to the list, so hello first ;) > > I really dont know if you are just kidding or if I missunderstod your > > post... > > Port 443 is the SecureHTTP protocol (https) - so it is correct that it > > is bound to a webserver process and it is correct that SSL-encryptet > > traffic goes in and out - so whats the matter ? > > > > Oliver > > -- > > Diese Nachricht wurde digital unterschrieben > > oliwel's public key: http://www.oliwel.de/oliwel.crt > > Basiszertifikat: http://www.ldv.ei.tum.de/page72 > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
