May 2, 2004

DeepNines Technologies Prevents Sasser Worm from Entering Networks

DALLAS, TEXAS - May 4, 2004 - DeepNines Technologies, the only security software company offering router protection, provides an integrated security platform that prevents network intrusion before it strikes down a network, has announced their product prevents Sasser Worm from spreading its infection into the network. The exploit code affects port 445, which is the new 'Netbios-less' SMB from Microsoft.

The W32/Sasser vulnerability scans random IP addresses on port 445 for vulnerable systems. When a vulnerable system is found and exploited, Sasser retrieves the full worm code from an FTP server on the attacker's port 5554. The worm code executes and the propagation cycle continues. Sleuth9®, which runs on the DeepNines Security Platform, is configured out-of-the-box to block access to port 445. This port should never be exposed to an un-trusted network. Port 445 is the Microsoft replacement port for historical ports 137 thru 139 and serves as the aggregated port for all of the Microsoft file and print sharing services.

DeepNines started to monitor the code on Thursday when the announcement was made by Microsoft urging their customers to immediately install the patch. Over the weekend the worm has spread and created heightened exposure to Port 445. DeepNines has alerted their customers and are proving to protect their network vulnerabilities from the worm without any degradation to their networks and without impacting their ability to conduct business.

"The Sasser worm proves the critical decision to deploy a security solution which sits invisibly in front of the router. DeepNines made a strategic decision over four years ago to approach security in a preventive manner primarily because networking products have vulnerable flaws, they were never originally designed to function as a comprehensive or intelligent security device," said Dan Jackson, COO and President for DeepNines. "These types of worms should have never entered a network. Our message to our customers will continue to focus on a layered security approach and hardening the network. We do this by assessing vulnerabilities, deploying a security policy, executing front of the router protection, and ultimately monitoring this approach with decision analysis capabilities."

About Deep Nines Inc. DeepNines offers a scalable security platform for Global 2000 companies with a vertical market focus in education, government, telecommunications, energy and financial services. The DeepNines Security Edge PlatformT integrates intelligent firewall, intrusion prevention, best-of-breed secure content management, forensics and reporting. It operates outside the network infrastructure, improving organizations' security "deep into the nines." DeepNines' Security Edge Platform, the company's patent-pending security system, is a fully automated signature and behavior-based, intrusion prevention and traffic management system preventing known and unknown attacks from entering an organization's network. The Security Edge Platform runs on Solaris and Linux platforms from Sun Microsystems. To learn more about Deep Nines visit www.deepnines.com.