|
-
April 9th, 2003, 01:20 AM
#1
Member
 BlackIce Firewall and remote trojans
Recently I installed the Blackice firewall and updated it to its newest version. I noted multiple attacks of two different events on was:
"HTTP_JRUN_DOUBLE_Slash"
This has something to do with macromedia jrun exploits, but i did not find the virus/trojan/worm on my computer with norton, symantec online, mcafee online, or ant-trojan?
Any ideas what this damn thing is?
And Black Ice says the intruder is me.
And there is a different event:
"SQL_SSRP_Stackbo"
with the ip address:217.36.116.226
This deals with the slammer worm, and again i find no virus/worm/trojan on my computer.
Anyone here have an ide?
-
April 9th, 2003, 01:26 AM
#2
And there is a different event:
"SQL_SSRP_Stackbo"
with the ip address:217.36.116.226
This would probably mean that someone who is infected with slammer is attempting to connect to your machine.
As for the other issue, Black Ice's website has a comment on it here: http://www.iss.net/security_center/static/9450.php . What it means, I believe, is that your machine might be in need of a security update from Microsoft (I'm assuming you are running MS) or from Macromedia, assuming you are running Macromedia JRun (you may have it as part of another app and not realize it).
Perhaps doing a netstat -a to see what ports you are "serving" might help.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
