About 'Conficker Detection' By The Firewall

Discussion in 'ESET Smart Security' started by stimulator32, May 22, 2009.

Thread Status:
Not open for further replies.
  1. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    Hello,

    as long as the worm is detected by the 'Web Access Protection' module -it disconnects the connection before the worm access PC-, why that detection was added to the personal firewall?

    Many Thanks ..
     
    stimulator32, May 22, 2009
    #1
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    Some malware, such as the Win32/Conficker worm, spread themselves by using specially-crafted packets designed to attack vulnerabilities in an operating system, service or application bound to an open port. Because these attacks can be identified on a per-packet basis (as opposed to looking at the data stream from a file transfer--the attack can be blocked by IDS functionality in the firewall.

    Regards,

    Aryeh Goretsky
     
    agoretsky, May 22, 2009
    #2
  3. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    Many thanks Aryeh ..
     
    stimulator32, May 22, 2009
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...