Using IPSec Policies as a Firewall to Block SASSER Infection

re: Using IPSec Policies to Block SASSER Infection

Tristan K — Tue, 04 May 2004 08:05:00 GMT

Token of Reality — Mon, 03 May 2004 19:32:00 GMT

Got Sasser?

Jonathan Hardwick — Mon, 03 May 2004 19:53:00 GMT

Sasser Worm is in the wild

MicroApplications, Inc. Web Log — Tue, 04 May 2004 02:15:00 GMT

re: Using IPSec Policies to Block SASSER Infection

stefan demetz — Tue, 04 May 2004 17:20:00 GMT

shame that IPSEC is so underrated ...
IPSEC links
http://dotnetjunkies.com/WebLog/stefandemetz/archive/2004/01/27/6156.aspx

re: Using IPSec Policies to Block SASSER Infection

Tristan K — Wed, 05 May 2004 22:03:00 GMT

Sasser.D uses a different remote shell port, TCP 9995 rather than 9996 (as used by SASSER, SASSER.B and SASSER.C). If you're using the policy linked above, you can add this port using the same settings as the original set in the policy.

'Sasser' does not affect Win2003 and WXP SP2

Sergey Simakov blog — Wed, 05 May 2004 11:43:00 GMT

More on Sasser, IPSec Firewalls, and SMB

Extra Bits That Didn't Fit — Thu, 06 May 2004 08:48:00 GMT

re: Using IPSec Policies as a Firewall to Block SASSER Infection

bstman — Tue, 25 May 2004 08:59:00 GMT

awesome

IPSEC - No Joke

tonyso — Tue, 31 May 2005 18:32:53 GMT

So this guy goes into the doctor's office and says " Doctor, IPSec..." &lt;sound of phonograph needle...