Results 1 to 10 of 10

Thread: Worm Attacks.

  1. #1
    wovaki Guest

    Default Worm Attacks.

    Hello!
    I'm currently using Kaspersky's Internet Suite, but my license expires really soon, and I have been getting alot of worm attacks from "Helkern" (also known as "Slammer" or "Sapphire&quot http://www.viruslist.com/en/news?id=59188 for more information on it...

    And I was wondering, does ZoneAlarm block this worm attack? because once my Kaspersky expires I will be vulnerable to it, please help me out!

    Thanks!

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: Worm Attacks.

    Hi!yes, KIS inbound firewall will inform you about this, sometimes is just internet noise.. don't worry.ZA firewall has obviously inbound protection and will protect you from this silently (rejecting unsolicited calls).Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    wovaki Guest

    Default Re: Worm Attacks.

    So just to make sure, ZoneAlarm WILL stop this worm from invading my computer?
    P.S. I'm talking about the FREE ZoneAlarm Firewall.

    Thanks!

    Message Edited by wovaki on 06-10-2008 01:51 PM

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Worm Attacks.

    The actual firewalling security and safety of the ZA Free is exactly the same as compared to the paid versions of the ZA. Both are identical. Only the paid versions offer advanced networking settings and features. But the same driver and files and the very same level of high security is offered in both freeware and paid versions.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    wovaki Guest

    Default Re: Worm Attacks.

    Alright, thats good to know...
    But can someone tell me for sure if ZoneAlarm will block this worm?

    Thank You!

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Worm Attacks.

    All of the 65,535 ports of the windows are always kept in a closed and stealth state by the ZA default settings.
    The worm cannot enter a closed port.

    Just do not allow any Internet Servers rights for any program. Only internet server will open a port(s) to the internet or the web.
    Trusted server is okay, as this only opens ports to the trusted external addresses such as the dhcp and the dns and the trusyed internal addresses such as the loopback (internal address of the windows).
    Trusted server rights do not have have any security risks from internet worms, as the trusted server does not include any internet addresses.

    Oldsod.

    Message Edited by Oldsod on 06-10-2008 09:31 PM
    Best regards.
    oldsod

  7. #7
    wovaki Guest

    Default Re: Worm Attacks.

    Alright sounds good...but does this mean I can't use programs that need to act as servers?

    For example I use FTP programs alot, to upload things to my server so does this mean that I cannot use these programs or the worm will slip in?
    Also, say it did get through a port would ZoneAlarm still block it, and would I be notified?

    Also this worm is supposedly only able to infect computers with SQL Server 2000, un-patched... Is there anyway that I can find out if I have this program, or if its patched? Just for some info tho, this is a fairly new computer, about 1 or 2 years old and it runs Windows Vista.

    Thanks!

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Worm Attacks.

    I see you are worried about a bulnerabiliy in a windows server operating system.
    I do suspect you do not run a windows server operating system on your PC, just windows XP or vista. In this case the vulnerability does not apply to you, just only to computers using the window server operating systems (is anybody sill using 2000 server instead of the newer anyways).


    The ZA will only allow the needed ports to be opened for your FTP and not other.
    This is part of the firewalling feature of the ZA. Only the correct ports and remote IPs are allowed and nothing else.
    Thus allowing the internet server for the FTP is okay and safe.
    Any unwanted IP attempting to enter the ports opened by the FTP will be immediately rejected and not allowed enterance. Unwanted IPs will include worms, snoops and hackers and even troyans.
    Only the allowed sites will be able to enter. All intruders will be not allowed enterance to your PC.

    Once the FTP is finished, the ZA will set the ports used by the FTP as closed and fully stealthed as usual.
    Thus a worm cannot enter and use another application or infect another application or infect the windows, while the FTP program is actively being used.
    This is what software firewalls do and what the ZA does for you too.
    And the ZA does this firewalling exceptionally well, I might add.

    Best regards.
    Oldsod.

    Message Edited by Oldsod on 06-10-2008 10:31 PM
    Best regards.
    oldsod

  9. #9
    wovaki Guest

    Default Re: Worm Attacks.

    Thank you lots for your help!

    Sorry about worrying so much, but I don't know much about this stuff. So I'm assuming that I wouldn't be running a "Windows Server Operating System" on my computer since I don't know about it. As far as I know only Vista is installed on my computer.

    Although I went to Disk Cleanup and checked installed programs I found 2 objects called:
    1. Microsoft SQL Server Compact 3.5 Design Tools ENU
    2. Microsoft SQL Server Compact 3.5 ENU

    So I was just wondering what these would be? And also is there anyway to check if I have Windows Server OS installed on my computer?

    Thanks!

  10. #10
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Worm Attacks.

    Yes stop worrying.

    Those two files are tools for writing special files using the Visual Studio basic script specifically for the use or creation of certain applications on a SQL Server 2005. Not for Vista.
    Microsoft in it's thoughtfulness, decided to give some you free tools if you ever decided to write files or applications for your internet server's Microsoft software.
    Maybe these now come by default with Vista instead of downloading these manually...

    http://www.microsoft.com/downloads/d...displaylang=en

    just in case you need to do creative work or make stuff for you server's operating system from your own desktop.
    Come to think of it, you probably could write somethign in any visual studio basic and use those new scripts without these tools for you own special internet server's operating system.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •