Zotob worm

westredd · Aug 17, 2005

Hi,

I have been away from IT for a year and read about this worm that has been doing the rounds with some of the big companines. Having read from Symantec how it distributes itself, I was baffled how this worm has breached these big companies as it tries to connecty to open ports on Win 2000 PCs. How would it be bypassing company firewalls which surely prevent inbound access?

The only thing I can think if is a laptop user connecting to the internet at home without any firewall protection and then bringing it into the office. Any other thoughts?

ta

West

sleipnir214 · Aug 17, 2005

Zotob-C uses email as a vector.

Want the best answers? Ask the best questions!

TANSTAAFL!!

westredd · Aug 17, 2005

ah ok, didnt know that, but even so, how can they allow pif, scr, exe, cmd, or bat file extensions to be run from emails on their networks?

erikhertzel · Aug 17, 2005

Westredd,

Here is a description of how the virus actually works I will post a url here that way I don't have to make a long post out of this:

http://reviews-zdnet.com.com/4520-6600_16-6300397-1.html?tag=nl.e589

Hope that helps your understanding,

Erik

westredd · Aug 17, 2005

thanks v much

BadBigBen · Aug 17, 2005

Don't think that only Big Companies are at risk...

something similiar happened to me, before Aug 14...

http://www.tek-tips.com/viewthread.cfm?qid=1103954&page=1

my conclusion was that it must have been an early variant of the ZOTOB, but alas I can't say for sure...

Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Zotob worm

westredd

MIS

sleipnir214

Programmer

westredd

MIS

erikhertzel

MIS

westredd

MIS

BadBigBen

MIS

Similar threads

Part and Inventory Search

Sponsor