Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how do I set kerio personal firewall to block the netsky worm

Status
Not open for further replies.
annestahl

annestahl

Technical User
Dec 6, 2002
56
0
0
US
Hi all,
I'm stuck with over 20 infected e-mails a day (not to mention the 100s in spams that yahoo mail eliminats). I do have a firewall and read that one should set the firewall to only allow e-mails from one's own mail server. But how do I do that??? I know how to start a rule, but what setting do I use?
any help would be greatly appreciated,
thanks a mill
Anne
 
Sort by date Sort by votes
firewalls don't block incoming email messages virus infected or not. That's the job of anti virus software.

The allowing emails from your own server is only if you are using the SMTP server in Winroute and is to stop 'spammers' using your connection to route their garbage through.



Chris.

Indifference will be the downfall of mankind, but who cares?
 
Upvote 0 Downvote
Hi Chris,
thank you so much for taking the time to answer, but I'm still a bit confused. The info I read (from symantek) said that the netsky virus actually uses it's own mail smtp server, and they suggest that one sets the firewall to only accept e-mails from the right server.
I don't have Winroute, perhaps it works differently than Kerio personal firewall. I can go into administration and set all the rules I want. I just don'e know what it needs to say...
Or do you think it's not relevant?
Thanks again,
Anne
 
Upvote 0 Downvote
many recent virii do have their own SMTP server and the rule to apply would be to block outgoing messages with a destination of port 25 that is not your ISPs mail server.

As I use WR not KFW I'm not 100% how you would apply that, probably it would have to be applied using two rules,

one to block all destination port 25 traffic (TCP) and one to allow port 25 to the mail server IP (TCP)

However the thing is, this will only reduce the effects (on the internet) of your machine after becoming infected, it does not help with the incoming messages.




Chris.

Indifference will be the downfall of mankind, but who cares?
 
Upvote 0 Downvote
The best solution to this is to make sure all your pc's on the internal network are VIRUS-FREE....
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
148
Sameer258
Sameer258
salanje87
  • Locked
  • Question
Block Broadcast storming.
Replies
3
Views
120
hairlessupportmonkey
hairlessupportmonkey
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
150
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
125
nnaarrnn
nnaarrnn
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
126
XLNTech1
XLNTech1

Part and Inventory Search

Sponsor

Back
Top