General discussion


Sasser and Linux firewalls

By Steve S. ·
We run Windows 2k and XP on most our internal desktops and servers. All of our firewalls and perimeter computers are all Linux/Unix. Can our internal segmant still be infected with the Sasser virus?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by sgt_shultz In reply to Sasser and Linux firewall ...

sasser and its variants do not infect linux or win9x is my understanding. the worm attacks TCP Port 445 which most firewall products (including the built-in firewall in XP) block this port by default.
so to answer your question i think your internal segment is probably safe but nobody can tell but you. if it were my network they would all be getting windows critical updates automatically and i would be spending my time helping my users disinfect their home computers.
this is great opportunity to educate users about social engineering, malicious links spoofed sites etc as so much news coverage...
you need to become at least passingly familiar with how/what worm does in order to be sure you are protected. you can't get by with not understanding imho. subscribe to or symantec or somebody's security alerts and allocate some time to this from here on out...stop by microsoft website daily to see what is up

Collapse -

by YetAnotherAdmin In reply to Sasser and Linux firewall ...

If your firewalls are configured correctly you shouldn't have a problem.... unless you have laptops! Be safe, patch all 2k, Xp boxes and to be safer run the Microsoft removal tool on all. (remember to delete any spaces from url) This only removes Sasser though.

Related Discussions

Related Forums