08-12-2003 02:36 PM - edited 03-09-2019 04:24 AM
Have the CSA developers tested the out-of-the-box CSA
configuration for protection against blaster?
Solved! Go to Solution.
08-12-2003 06:12 PM
An official release will be posted to www.cisco.com shortly, but in short (this is unofficial until it's been posted cause it may change):
- The default CSA 4.0 server and desktop policies stop successful execution of this attack
- On servers, the default server policy prevents the SVCHOST from attempting to execute CMD.exe. This prevents the exploit shell code from running.
- On desktop systems the default desktop policy prevents the SVCHOST from accepting a connection on port 4444. Additional protection is provided by the default policy's prevention of any application from executing CMD.exe
08-12-2003 06:12 PM
An official release will be posted to www.cisco.com shortly, but in short (this is unofficial until it's been posted cause it may change):
- The default CSA 4.0 server and desktop policies stop successful execution of this attack
- On servers, the default server policy prevents the SVCHOST from attempting to execute CMD.exe. This prevents the exploit shell code from running.
- On desktop systems the default desktop policy prevents the SVCHOST from accepting a connection on port 4444. Additional protection is provided by the default policy's prevention of any application from executing CMD.exe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide