W32.Sasser is a worm that attempts to send code that exploits the MS04-011 vulnerability. The worm spreads by randomly scanning IP addresses for vulnerable systems. The presence of the following files is an indication of infection: %windows%\avserve.exe
The worm opens FTP port 5554, and randomly scans IP addresses for vulnerable systems.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
no subject
Date: 2004-05-01 05:26 pm (UTC)W32.Sasser is a worm that attempts to send code that exploits the MS04-011 vulnerability.
The worm spreads by randomly scanning IP addresses for vulnerable systems.
The presence of the following files is an indication of infection:
%windows%\avserve.exe
The worm opens FTP port 5554, and randomly scans IP addresses for vulnerable systems.
http://www.sarc.com/avcenter/venc/data/w32.sasser.worm.html
http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx
А вообще-то надо ставить firewall.