|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michiel Overtoom (motoom_at_xs4all.nl)
Date: Fri Jan 03 2003 - 12:55:28 CST
Kyle wrote...
>port 445 worm/virus/Trojans are the ones spread via SMB over TCP, port 445,
>using "net use \\[machine]\ipc$. The Trojans include password dictionaries
>for guessing admin ids and passwords.
On my servers I remove these kind of builtin account using a batchfile which
get executed from the startup folder:
echo off
echo Unsharing default shares...
net share ipc$ /delete
net share admin$ /delete
net share c$ /delete
net share d$ /delete
net share e$ /delete
net share f$ /delete
net share g$ /delete
net share h$ /delete
-- Michiel Overtoom - motoom---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]