Go Back   Forums @ The Digital Fix > Gadgets and Gizmos > Computing Forum

Reply
 
Thread Tools Display Modes
Old 16-06-2004, 13:46   #1
SteveC
Trusted User
 
Join Date: Oct 2000
Location: Rayleigh, Essex
Posts: 5,050
Thanks: 47
Thanked 76 Times in 50 Posts
Virus/DDoS attacks!

Hi all,

anyone seeing any major virus problems on their networks at the moment? Our London office's network seems to be running at breaking point with ICMP traffic attacking one IP address of some hosting company. Our poor routers are flat on their back, knocking out part of our VOIP phone system.

All AV is currently saying nope - nothing found. Sent a sample file to Network Associates and they say it's possibly a virus, but with no payload and they will investigate...
SteveC is offline   Reply With Quote
Old 16-06-2004, 15:33   #2
Guest 27300
Bear with me, I'm slow
 
Join Date: Mar 2001
Posts: 4,107
Thanks: 11
Thanked 24 Times in 21 Posts
Re: Virus/DDoS attacks!

Quote:
Originally posted by SteveC
Our London office's network seems to be running at breaking point with ICMP traffic attacking one IP address of some hosting company.
I don't really get the thrust of this... are you the hosting company suffering a DDoS, or is this traffic on your network going *out* and hosing someone else's site?

If it's the former, nothing you can do about it except install some upstream filtering to drop the crud that's coming in. If the latter, then you need to get some AV/ASpyware checking done pronto - maybe even disconnecting the source machines until they're clean?
Guest 27300 is offline   Reply With Quote
Old 16-06-2004, 16:18   #3
SteveC
Trusted User
 
Join Date: Oct 2000
Location: Rayleigh, Essex
Posts: 5,050
Thanks: 47
Thanked 76 Times in 50 Posts
It was the latter - we ended up taking down the whole network and piecing it back together floor by floor and found the culprit. The traffic was so bad we couldn't even put a filter on our router

All alright now tho!
SteveC is offline   Reply With Quote
Old 18-06-2004, 08:48   #4
SteveC
Trusted User
 
Join Date: Oct 2000
Location: Rayleigh, Essex
Posts: 5,050
Thanks: 47
Thanked 76 Times in 50 Posts
Finally McAfee get their backside in gear - http://vil.nai.com/vil/content/v_126341.htm
SteveC is offline   Reply With Quote
Old 18-06-2004, 09:39   #5
Coolhand
Idiot detector
 
Coolhand's Avatar
 
Join Date: Sep 2000
Location: On the grass.
Posts: 1,990
Thanks: 7
Thanked 62 Times in 35 Posts
Symantec sent out a warning about Korgo on the 2nd June.

It's exploiting MS04-011, which is so well publicised after the sasser outbreak I'm stunned you hadn't made sure you were patched against it.

Last edited by Coolhand; 18-06-2004 at 09:40.
Coolhand is offline   Reply With Quote
Old 18-06-2004, 09:41   #6
SteveC
Trusted User
 
Join Date: Oct 2000
Location: Rayleigh, Essex
Posts: 5,050
Thanks: 47
Thanked 76 Times in 50 Posts
Tell me about it - it's not our central office, but the support guys there will be getting severely told off...
SteveC is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

All times are GMT. The time now is 22:50.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2021, vBulletin Solutions, Inc.qq
Copyright ©2000 - 2021 Network N Ltd.