What WinNT list(s) were talking about this? I'd like to get a little more info. I was hit by it and I *KNOW* that the NetBIOS ports were (and still are) closed tight. I'm really interested in how they (the spammers) did what they did...and it seems no one really has any answers.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On > Behalf Of Mike Leone > Sent: Friday, October 11, 2002 4:19 PM > To: [EMAIL PROTECTED] > Subject: Re: [SAtalk] Spammer > > > * McClung, Darren W. ([EMAIL PROTECTED]) wrote this on 10 > 11, 02 at 09:34: > > This is OT, but pretty important. If these messenger spams are > > getting through, your NetBIOS ports are open to the > outside, which is > > VERY BAD. > > Saw the same reports on the WinNT list, and one of the people > there definitely had NetBIOS ports closed. I know; I nmapped him. :-) > > Doesn't seem like a NetBIOS exloit, at least not through a > firewall. Perhaps someone made a connection to the Internet > not through the firewall (i.e, local dialing), and got > compromised that way. > > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
