LSASS Exploit attack

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I keep getting this message that 'A LSASS Exploit attack has been detected'.
The network virus has been blocked and I was advised to do a manual scan and
to halt my internet connection which I did. No virus has been found after the
scan but when I resume my Internet connection I still get that very annoying
message.
I already updated my anti-virus software (Trend Micro PC-cillin) and my
Windows XP OS as well.

Any ideas?
 
Doods said:
I keep getting this message that 'A LSASS Exploit attack has been
detected'. The network virus has been blocked and I was advised to do
a manual scan and to halt my internet connection which I did. No
virus has been found after the scan but when I resume my Internet
connection I still get that very annoying message.
I already updated my anti-virus software (Trend Micro PC-cillin) and
my Windows XP OS as well.

Any ideas?
Click to expand...

Install this
Sygate Personal Firewall (Free and up)
http://smb.sygate.com/free/spf_download.php
 
Since one cannot prevent or stop an attack, make sure your firewall
is always enabled, virus definitions current, and the latest Windows XP
critical updates installed.

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

-------------------------------------------------------------------------------------------

:

| I keep getting this message that 'A LSASS Exploit attack has been detected'.
| The network virus has been blocked and I was advised to do a manual scan and
| to halt my internet connection which I did. No virus has been found after the
| scan but when I resume my Internet connection I still get that very annoying
| message.
| I already updated my anti-virus software (Trend Micro PC-cillin) and my
| Windows XP OS as well.
|
| Any ideas?
 
If you already have a firewall you can lower it reporting sensitivity, since
it is obviously doing its job.
 
Doods said:
I keep getting this message that 'A LSASS Exploit attack has been
detected'.
The network virus has been blocked and I was advised to do a manual scan
and
to halt my internet connection which I did. No virus has been found after
the
scan but when I resume my Internet connection I still get that very
annoying
message.
I already updated my anti-virus software (Trend Micro PC-cillin) and my
Windows XP OS as well.

Any ideas?
Click to expand...

Since your are being targeted, it means that you must have some ports open
and visible to the outside world. I would check my router with a ort
sniffer, and either close or forward the open ports.

Bobby
 
From: "Doods" <[email protected]>

| I keep getting this message that 'A LSASS Exploit attack has been detected'.
| The network virus has been blocked and I was advised to do a manual scan and
| to halt my internet connection which I did. No virus has been found after the
| scan but when I resume my Internet connection I still get that very annoying
| message.
| I already updated my anti-virus software (Trend Micro PC-cillin) and my
| Windows XP OS as well.
|
| Any ideas?

If you are connected to Broadband Internet then I suggest getting a Cable/DSL Router such as
the Linksys BEFSR41. It will act as a a simplistic FireWall and block LSASS Expoits which
use TCP port 445.

To make the Router even more effective, I suggest blocking both TCP and UDP ports 135 ~ 139
and 445 on *any* SOHO Router.
 
From: "NoNoBadDog!" <no_@spam_verizon.net>


|
| Since your are being targeted, it means that you must have some ports open
| and visible to the outside world. I would check my router with a ort
| sniffer, and either close or forward the open ports.
|
| Bobby
|

By default, Win2K, WinXP and Win2003 do have TCP port 445 open which is the protocol that is
used in LSASS Exploitations.
 
NoNoBadDog! said:
Since your are being targeted, it means that you must have some ports open
and visible to the outside world. I would check my router with a ort
sniffer, and either close or forward the open ports.

Bobby
Click to expand...

an "ort sniffer" -- wasn't that something Mork used ?? (or was that
before your time?).

mikey (who's mind has wandered off somewhere today)
 
Hi, sorry for my uggly english, i'm latin.

In first place, you must to download the AVAST ANTIVIRUS (in google i.e.) that software provide a wide range of weapons for avoid an atack, too return the IP of the hacker or worm resident. it evoid ALL ATACKS!

If you encounter that error within the AVAST, collect the hacker's IP and visit http://www.ipligence.com/geolocation/
in the field put the ip and click into send link and wait to be returned a detailed owner location name and an image or modis of the satellite.

For a side, you got an excellent Antivirus and/or firewall complement..
for other side, you caught the hacker!!!

Only in a few of words: I'm the hacker's nightmare and if you have any question about how kicking a hacker's ass, no lost time... question me!...
 
Last edited:
hey hacker`s nightmare can you help me with this attack ,i wanna know how to attack back, or the basics to know how to prevents thos annoying attacks ,thx in advanced ,best regards reachal ;)


bw :i tryed to p.m. but you disable it for some reasons anyway feel free to p.m. me :)
 
Back
Top