ForeScout Announces ActiveScout Stopped The "Slapper Worm"

Events
- JupiterEvents
- internet.com/webcasts
Jobs
Partners
Solutions
- eBooks
- Video
Shop

News
Trends
Tutorials
Stats
Hardware
Reviews
Unix Roundup
Hot Topics
Forum
Product Watch
Glossary

Web
Mail
Real-Time Communication
Application
FTP
Proxy
Collaboration
List
Telnet
Operating System
Server Attic

Sitemap
Contact Us
Home
Technology Jobs

More SSH-Targeted Attacks, This Time for Debian et al

Charter Officially Speaks on NebuAd

Shorter Charter: We'd Rather You Just Not Read the Privacy Advisory in the First Place

More Open Networks Today

Become a Marketplace Partner

Remote Data Backup - Fast Flexible Easy

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Partner With Us
Promotional Gifts
Home Improvement
Online Education
Corporate Gifts
Holiday Gift Ideas
Auto Insurance Quote
Compare Prices
Promote Your Website
Promos and Premiums
Memory Upgrades
Desktop Computers
Condos For Sale
Laptop Batteries
Logo Design Custom

Install What You Need with Windows Server 2008
Windows Server 2008 is Microsoft's most full-featured server operating system yet, so it's ironic that one of its most exciting new features is an install option that cuts out most of the other features. Paul Rubens explores why a Server Core installation makes a great deal of sense in many instances. »

Identify Hardware and Software That Meet Microsoft Standards
The "Certified for Windows. Server 2008" logo identifies hardware and software solutions that meet Microsoft standards for compatibility and best practices with the Windows Server 2008 operating system. »

Windows Server Catalog: Certified Hardware Devices
Search the Windows Server 2008 catalog to find solutions to deploy with confidence. »

Windows Server Catalog: Certfied Servers
Search the Windows Server 2008 catalog to find servers you can deploy with confidence. »

Download the Windows Server 2008 Trial
With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. »

Trend Micro InterScan Trial: It requires no hardware or software to install. It maintains & helps you reclaim IT staff time, end-user productivity, bandwidth, mail server storage & CPU capacity.

ServerWatch > News

September 23, 2002
ForeScout Announces ActiveScout Stopped The "Slapper Worm"
By Wayne Kawamoto

ForeScout Technologies, announced its ActiveScout intrusion prevention system stopped and protected customers from the "Slapper Worm" attack -- even though those customers were neither aware of the attack in advance nor had taken any specific action to protect themselves.

According to some reports, the worm has infected more than 10,000 Apache Web servers to date.

The security community began issuing warnings late last week about the Slapper Worm, but only after thousands of machines had been infected. According to ForeScout, its ActiveScout-protected networks resisted the Slapper Worm attack automatically, before this worm became known to the security community at large. And no advance modification or update to the ActiveScout software was required to achieve this protection.

The company says that on networks where ActiveScout is installed, worms trying to attack the network will see a multitude of HTTP servers. These are virtual servers, presented by the Scout as a mark. The worm starts connecting to HTTP servers at port 80. At this early stage, ActiveScout identifies this as a probing (reconnaissance) activity and offers virtual resources to connect to.

According to the company, when the worm finds an open HTTP server, it connects to it. Shortly thereafter, it connects to port 443 on the same server. To the Scout, this is a bite event ("Port Bite" type). The system is designed to latch the auto-blocking mode, and engage dynamic firewall reconfiguration (if enabled) to block all traffic from the scanning host, which should prevent the worm from infecting machines on the protected network.

"We have surveyed some of our customers, and not a single one has suffered any damage from the Slapper Worm," said Doron Shikmoni, co-founder of ForeScout Technologies, "ActiveResponse technology worked according to design, automatically stopping the worm without our customers knowing the threat existed, or how the threat specifically operates to compromise vulnerable systems."

Tools:

Add serverwatch.com to your favorites

Add serverwatch.com to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x

News Archives

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions

Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape? Microsoft Article: 7.0, Microsoft's Lucky Version? Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008 Avaya Article: How to Feed Data into the Avaya Event Processor Microsoft Article: Install What You Need with Windows Server 2008 HP eBook: Putting the Green into IT Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1		Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency Avaya Article: Setting Up a SIP A/S Development Environment IBM Article: How Cool Is Your Data Center? Microsoft Article: Managing Virtual Machines with Microsoft System Center HP eBook: Storage Networking , Part 1 Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007 MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts
Intel Video: Are Multi-core Processors Here to Stay? On-Demand Webcast: Five Virtualization Trends to Watch HP Video: Page Cost Calculator Intel Video: APIs for Parallel Programming		HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2 MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits
Sun Download: Solaris 8 Migration Assistant Sybase Download: SQL Anywhere Developer Edition Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook		Red Gate Download: SQL Compare Pro 6 Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors IBM Article: Collaborating in the High-Performance Workplace HP Demo: StorageWorks EVA4400		Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class Microsoft How-to Article: Get Going with Silverlight and Windows Live MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES