"The obvious thing is to apply patch MS05-051 on at least your Win2k systems. We do know the port 3372 scanning started in full force, likely in order to acquire target lists. If you can't patch, at least make sure port 3372 is closed."
Friday, October 14, 2005
Close Port 3372
Johannes Ulrich, of SANS Internet Storm Center, makes an important pre-weekend recommendation: