Created on 10-18-2007 12:00 AM
Description | Blocking Storm Worm from getting updates. |
Components | All FortiGate units. |
Steps or Commands | The Storm Worm has been spreading wildly since the beginning of 2007 and turned many computers into spam spreading and DDoS zombies. The worm mutates very quickly - every 30 minutes. FortiGuard is catching the worm as it mutates, however, with mutations happening so quickly it is hard for the AV signatures to catch up. The worm uses the P2P eDonkey protocol to communicate with its Command and Control servers to get updates to be able to mutate. Therefore, if any of the PCs in your network is affected by this worm, you can use a FortiGate protection profile and firewall policy to block the eDonkey application and allow the AV signatures to catch up and eliminate the worm. To block eDonkey
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.