help: 'Instrusion.Win.MSSQL.Worm.Helkern'

help: 'Instrusion.Win.MSSQL.Worm.Helkern'
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Anti-Virus Software    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
help: 'Instrusion.Win.MSSQL.Worm.Helkern' Lucas 10-09-2006
Posted by Lucas on October 9, 2006, 8:46 am
If you were  Registered and logged in, you could reply and use other advanced thread options
hallo,
what can be done against this virus, trojan ?
Is this comming via the network card ?

greetz
Lucas


Posted by David H. Lipman on October 9, 2006, 8:51 am
If you were  Registered and logged in, you could reply and use other advanced thread options

| hallo,
| what can be done against this virus, trojan ?
| Is this comming via the network card ?
|
| greetz
| Lucas

AKA; W32/Slammer

Block UDP 1434 at the LAN/WAN interface

Install all critical patches for MySQL, MSDE, etc...

Examples:
http://www.microsoft.com/technet/prodtechnol/sql/2000/downloads/default.mspx

http://www.microsoft.com/technet/security/bulletin/MS02-061.mspx

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Duane Arnold on October 10, 2006, 12:48 am
If you were  Registered and logged in, you could reply and use other advanced thread options

>
> | hallo,
> | what can be done against this virus, trojan ?
> | Is this comming via the network card ?
> |
> | greetz
> | Lucas
>
> AKA; W32/Slammer
>
> Block UDP 1434 at the LAN/WAN interface
>
> Install all critical patches for MySQL, MSDE, etc...
>
> Examples:
> http://www.microsoft.com/technet/prodtechnol/sql/2000/downloads/default.mspx
>
> http://www.microsoft.com/technet/security/bulletin/MS02-061.mspx
>

You got to have MS SQL Server running and listening on port 1434, for
anything to happen and to mean anything. I doubt that this person has SQL
Server running. ;-)

Duane :)



Posted by David H. Lipman on October 10, 2006, 5:32 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


| You got to have MS SQL Server running and listening on port 1434, for
| anything to happen and to mean anything. I doubt that this person has SQL
| Server running. ;-)
|
| Duane :)
|

Yes. But why should assume he doesn't have SQL or MSDE installed.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Duane Arnold on October 10, 2006, 5:54 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

>
>
> | You got to have MS SQL Server running and listening on port 1434, for
> | anything to happen and to mean anything. I doubt that this person has
> SQL
> | Server running. ;-)
> |
> | Duane :)
> |
>
> Yes. But why should assume he doesn't have SQL or MSDE installed.
>

Oh, I don't know. Maybe, the part about *Is it coming from the network
card?*.

But yet again, who can really tell what he or she is doing or think he or
she is doing with a computer.

Duane :)



Similar ThreadsPosted
Intrusion.Win.MSSQL.worm.Helkern March 11, 2006, 4:42 am
RE: Helkern June 1, 2005, 11:19 am
Helkern ? January 16, 2006, 1:01 pm
KAV 6.0--No "Helkern Network attacks"?? August 1, 2006, 5:51 pm
Re: KAV 6.0--No "Helkern Network attacks"?? August 9, 2006, 2:20 pm
Attention new worm ! W32/Rizalof.B.worm March 4, 2006, 4:30 pm
win32/i-worm/stration - E-mail-worm.win32.warezov or? October 13, 2007, 10:41 am
Possible worm on IM December 27, 2008, 2:12 am
The Worm - Zotob August 17, 2005, 12:21 am
Worm removal September 5, 2005, 11:22 am

The site map in XML format XML site map

Contact Us | Privacy Policy