Most Read Technology Reporter For More Than Two Decades

Maureen O'Gara

Subscribe to Maureen O'Gara: eMailAlertsEmail Alerts
Get Maureen O'Gara: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Article

Is Your TCP Port 3127 Open? Then Watch Out for "MyDoom.C"

Is Your TCP Port 3127 Open? Then Watch Out for "MyDoom.C"

Reuters is reporting that

"a new worm dubbed 'Doomjuice' targeting Microsoft's Web site emerged on the Internet on Monday, which security experts said slowed parts of the software maker's home page"

Viewed by some as MyDoom.C, in other words a variant of the earlier MyDoom worm, 'Doomjuice' spreads via e-mail systems already infected by the earlier worm - between already infected computers directly, not by e-mail.

Doomjuice uses the "backdoor" program installed by Mydoom.A that allows a hacker to gain access to an infected computer. To locate machines with the backdoor open, it scans random IP addresses and if the TCP Port 3127 is open, the worm sends itself in a specially crafted package that makes the Mydoom.A infected machine execute the file, thus infecting it with Doomjuice too.

Doomjuice triggers a denial of service attack against www.microsoft.com by trying to overload the site with information requests. Microsoft's Web site is reported to have been was slower - and was intermittently unavailable - over the weekend.

 

 

 

More Stories By Java News Desk

JDJ News Desk monitors the world of Java to present IT professionals with updates on technology advances, business trends, new products and standards in the Java and i-technology space.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.