BlackIce Firewall and remote trojans
Results 1 to 2 of 2

Thread: BlackIce Firewall and remote trojans

  1. #1

    Angry BlackIce Firewall and remote trojans

    Recently I installed the Blackice firewall and updated it to its newest version. I noted multiple attacks of two different events on was:
    "HTTP_JRUN_DOUBLE_Slash"
    This has something to do with macromedia jrun exploits, but i did not find the virus/trojan/worm on my computer with norton, symantec online, mcafee online, or ant-trojan?
    Any ideas what this damn thing is?
    And Black Ice says the intruder is me.

    And there is a different event:
    "SQL_SSRP_Stackbo"
    with the ip address:217.36.116.226

    This deals with the slammer worm, and again i find no virus/worm/trojan on my computer.

    Anyone here have an ide?

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    And there is a different event:
    "SQL_SSRP_Stackbo"
    with the ip address:217.36.116.226
    This would probably mean that someone who is infected with slammer is attempting to connect to your machine.

    As for the other issue, Black Ice's website has a comment on it here: http://www.iss.net/security_center/static/9450.php . What it means, I believe, is that your machine might be in need of a security update from Microsoft (I'm assuming you are running MS) or from Macromedia, assuming you are running Macromedia JRun (you may have it as part of another app and not realize it).

    Perhaps doing a netstat -a to see what ports you are "serving" might help.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •