tag:blogger.com,1999:blog-15433321.post-52716166899695135462007-12-10T20:02:00.000+08:002007-12-10T20:18:30.768+08:002007-12-10T20:18:30.768+08:00Block Several IP at Firewall | 在防火牆上檔掉一些IPReceived letters from the ICST, ask all units block the relay station's IP, is because some unknown malicious mail will be bogus ICST name of those relay stations to send. If received, do not open. Its characteristics are as follows:<br /><p style="color: rgb(255, 0, 0);">寄件者:<a href="mailto:service@icst.org.tw" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">service@icst.org.tw</a> </p> <p style="color: rgb(255, 0, 0);"> </p><p style="color: rgb(255, 0, 0);">主旨:USB 2.0外接式硬碟安全刪除方案 </p><p style="color: rgb(255, 0, 0);"> </p><p><span style="color: rgb(255, 0, 0);">附件名稱:外接式硬碟安全刪除.doc</span><br /></p> This malicious code of the relevant information are as follows:<br /> <br />Path:<br />C: \ Documents and Settings \ <user> \ Local Settings \ Temp \ 2.tmp (file name may change)<br /><br />Registry:<br />HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run<br /> <br />Value:<br />Data: C: \ Documents and Settings \ <user> \ Local Settings \ Temp \ 2.tmp<br /> <br />Proposed units monitor and stop following relay station IP :<br /> <br />202.177.19.62<br /> <br />211.21.187.20<br /> <br />211.20.70.75<br /> <br />211.20.80.190<br /> <br />211.20.80.100<br />------------<br />日前收到國家資通中心來信,希望各單位擋掉一些中繼站IP,是因為有些不明的惡意郵件會冒充國家資通中心的名義以那些中繼站來發送,如有收到請勿開啟,特徵如下:<span><br /><p style="color: rgb(255, 0, 0);">寄件者:<a href="mailto:service@icst.org.tw" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">service@icst.org.tw</a> </p><p style="color: rgb(255, 0, 0);"> </p><p style="color: rgb(255, 0, 0);">主旨:USB 2.0外接式硬碟安全刪除方案 </p><p style="color: rgb(255, 0, 0);"> </p><p><span style="color: rgb(255, 0, 0);">附件名稱:外接式硬碟安全刪除.doc </span><br /></p><p>此惡意程式的相關資訊如下:</p><p><span><p style="color: rgb(51, 102, 255);">路徑:<br />C:\Documents and Settings\<user>\Local Settings\Temp\2.tmp ( 檔名可能會改變 ) </p><p style="color: rgb(51, 102, 255);"> </p><p style="color: rgb(51, 102, 255);">Registry:<br />HKEY_CURRENT_USER\Software<wbr>\Microsoft\Windows\CurrentVersi<wbr>on\Run </p><p>Value:<br /><span style="color: rgb(51, 102, 255);">Data: C:\Documents and Settings\<user>\Local Settings\Temp\2.tmp</span></p><p>建議有關單位監控並阻擋以下中繼站IP</p><p><span><p><a href="http://202.177.19.62/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">202.177.19.62</a> </p><p><a href="http://211.21.187.20/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">211.21.187.20</a> </p><p><a href="http://211.20.70.75/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">211.20.70.75</a> </p><p><a href="http://211.20.80.190/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">211.20.80.190</a> </p><p><a href="http://211.20.80.100/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">211.20.80.100</a></p></span></p></span></p></span>Arthurhttp://www.blogger.com/profile/10179457400979128063noreply@blogger.com1