Windows RPC Probes
Tags: General

We've seen a lot of Windows RPC traffic recently, probably as a result of exploit code published on the net to attack the vulnerability.

This graph shows the inbound traffic for Windows RPC protocols as recorded at our network border (the main campus PacketShaper) for the last week:

Scanning has increased radically over the last day. All of these connections were dropped or ignored; as of this morning, the PacketShapers are configured to block all inbound and outbound Windows RPC protocols.

The latest Vexira virus definitions should detect viruses that search for this vulnerability.

Posted by Rowan Littell at August 12, 2003 08:58 AM