Nice little tool for Windows XP and Vista that will show RF interference for your WiFi.
http://www.metageek.net/products/inssider
And it's free.
Thursday, September 17, 2009
Tuesday, September 1, 2009
TrendMicro
TrendMicro OfficeScan 8.0sp1 with latest engine and pattern can not detect this nasty worm:
http://www.threatexpert.com/report.aspx?md5=13c36740aae01c7417d7a55d23156075
Ticket has been raised at TM, but it may take some time before we get a cure... Housecall also does not detect it. Sad story.
Check if your FW detects calls home to 88.247.183.228 on port 8882
We are using AVG and other tools to clean up PCs.
http://www.threatexpert.com/report.aspx?md5=13c36740aae01c7417d7a55d23156075
Ticket has been raised at TM, but it may take some time before we get a cure... Housecall also does not detect it. Sad story.
Check if your FW detects calls home to 88.247.183.228 on port 8882
We are using AVG and other tools to clean up PCs.
Checkpoint fw monitor
a command line to capture packets in Checkpoint:
fw monitor -m i -e "accept [20:2,b]=445 or [22:2,b]=445;" -o monitor.cap -ci 10 -co 10
will save 10 packets on port 445 in the file monitor.cap.
You can upload it using tftp from Checkpoint to another server and analyse it with wireshark.
However my preference is to set switch monitoring of the port to another port and use Microsoft Network monitor 3.3 to capture packets.
fw monitor -m i -e "accept [20:2,b]=445 or [22:2,b]=445;" -o monitor.cap -ci 10 -co 10
will save 10 packets on port 445 in the file monitor.cap.
You can upload it using tftp from Checkpoint to another server and analyse it with wireshark.
However my preference is to set switch monitoring of the port to another port and use Microsoft Network monitor 3.3 to capture packets.
Subscribe to:
Posts (Atom)