No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

Detailed Meaning of Antivirus ACLs

Publication Date:  2012-07-27  |   Views:  99  |   Downloads:  0  |   Author:  g54917  |   Document ID:  EKB0000345385

Contents

Issue Description

 What is the detailed meaning of antivirus ACLs? 

Alarm Information

Null

Handling Process

rule 42 deny tcp destination-port eq 135
//////// (Worm.Win32.Autorooter)
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 43 deny tcp destination-port eq 137
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 44 deny tcp destination-port eq 138
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 45 deny tcp destination-port eq 139
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 46 deny tcp destination-port eq 593
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 47 deny tcp destination-port eq 445
/////// (Worm.Sasser)
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 48 deny tcp destination-port eq 4444
//////// (Worm.Win32.Autorooter)
rule 49 deny udp destination-port eq netbios-ns
rule 50 deny udp destination-port eq 445
/////// (Worm.Sasser)
///////Windows RPC DCOM interface stack buffer overflow vulnerability
rule 51 deny udp destination-port eq 1434
/////// (Microsoft SQL Server 2000 resolution distant stack buffer overflow vulnerability)
rule 52 deny udp destination-port eq 4444
////// (Worm.Win32.Autorooter)
rule 53 deny tcp destination-port eq 1022
////// (Worm.Sasser)
rule 54 deny tcp destination-port eq 1023
////// (Worm.Sasser)
rule 55 deny tcp destination-port eq 5554
////// (Worm.Sasser)
rule 57 deny tcp destination-port eq 9996
////// (Worm.Sasser) 
 

Root Cause

Null

Suggestions

Null