For our University customers this is a pretty busy time of year for them, after spending the summer rolling out new network infrastructure and now welcoming back students for the new semester. Students normally come back with laptops and other mobile devices which are populated with photos from the summer but they will also have picked up a variety of malware. Most University network teams are over stretched and also have to deal with two problems which are some what unique to them

The NetFort Security NOC have identified some systems on our customer networks that are infected with the Morto worm. The worm targets systems that are running Remote Desktop Protocol. You might think your systems are immune from infection from the Morto worm due to the fact that they are fully patched, however you would be wrong in making this assumption. Historically, malicious worms have targeted systems running software that contained some flaw in the system logic (for example, a buffer overflow). The Morto worm is different in that it targets systems that are vulnerable due to a poor configuration (a weak password).

Monitoring network traffic to and from an application can often provide the crucial insight you need to troubleshoot intermittent performance problems.