It appears that in addition to the usual MS-Exchange traffic, there is a worm using port 443.
Cert reports: Increased Activity Targeting Windows Shares updated March 13 | portions added March 13, March 10 The CERT/CC has received reports of propagation of a worm known as W32.Deloder as well as other malicious code which exploit network shares with null or weak Administrator passwords on Windows 2000/XP systems. This malicious code propagates via port 445/tcp and often installs backdoor applications on compromised systems. Additional details can be found in CERT Advisory CA-2003-08 - http://www.cert.org/advisories/CA-2003-08.html. Thanks, Danny H. Cox Yield Dynamics, Inc. (408) 764-9822 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[EMAIL PROTECTED]
