WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
February 18, 2004
Intruder Alert 3.6 W32_Netsky_B_Worm Policy

This policy detects the propagation of the W32.Netsky.B Worm.

Download ITA W32_Netsky_B_Worm Policy

NOTE: The "Netsky_B_File_Detected" rule only works if the instructions for configuration for Filewatch monitoring have been implemented. These instructions are outlined below.

Affected Platforms

Windows NT/2000/2003/XP

Description

This policy detects the propagation of the W32.Netsky.B Worm.

Policy Rules include:

  • Netsky_B_Worm_Activity
    This rule detects the changes in the registry associated with the W32.Netsky.B Worm.

  • Netsky_B_File_Detected
    This rule detects the creation of files associated with infection of the W32.Netsky.B worm.

ITA Filewatch Configuration Instructions

  1. Browse to the system folder where the ITA agent is installed.

  2. Locate the ntcrit_S.lst file.

  3. Insert the following file to be monitored:

    #windir\services.exe


Last modified on: Thursday, 19-Feb-04 05:39:48
Site Map · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2008 Symantec Corporation