From isc.sans.org, this story has been around a couple of days now - if your Windows boxes are not patched it is time to get up to date.

FrSIRT has published exploit code for the recent flaw in Microsoft Server Message Block (SMB). The advisory and patch related to this vulnerability were released on February 8th, 2005.

If you still have not patched, you are further urged to do so in light of the release of exploit code.

Spike in 445?

There has been much media attention in the past two days to the report by Gartner that there has been a massive spike in scanning for TCP port 445.

www.eweek.com/article2/0,1759,1830698,00.asp www.vnunet.com/vnunet/news/2138515/mass-hack-attacks-targets-port

There was a spike around the 13th of May, but nothing out of the ordinary is showing on the Dshield data.

isc.sans.org/port_details.php?port=445&repax=1&tarax=2&srcax=2&percent=N&days=70&Redraw=Submit

If you have noticed a recent spike in activity, please report it to the ISC.

Related Posts: