Monday, November 29, 2004

Believe it or not

Just checking up a little on the snort finding its amazing.

The most no. of attacks around 100 in the past some hrs for a IP block for which ping is also blocked.

This is for MS SQL security hole in which the virus or the worm targets port 1434 but it is a UDP port. But this a Redhat Linux server so no worries :D.

You can find the bug here at nessus[cve][icat][bugtraq][snort] MS-SQL version overflow attempt .

I have picked up all these links from the snort logs and what nessus says is to close UDP port 1434 so thats what i am gonna do to the ACL on the router.

Just will wait a little more time to see how soon does this worm attack die down. I am on Linux as i said before so no worries and once this goes successful will be setting up nessus on one of the machines. Planning to start my own security consultancy and also give my CCISP exaam finally.

Working Smart
The alternative to working hard!


Post a Comment

<< Home