|
21-03-2004, 10:47
| #1 (permalink) | ||
| Registered User Join Date: Jan 2002 Location: Bucuresti | problema ciudata cu placa de retea
De cateva zile mi se intampla o chestie foarte ciudata : - am activitate de upload in retea cu 1.12 MB/s vizibila in DU Meter / switch - astazi am reinstalat windows, se intampla acelasi lucru - nu este detectata nici o conexiune cu comanda 'netstat' Ce poate fi ? | ||
|
|
21-03-2004, 16:47
| #4 (permalink) | ||
| Registered User  Join Date: Dec 1999 Location: A nearby parallel Universe... |
Esti cu update-urile la zi? S-ar putea sa fie un virus (Welchia de exemplu, sau un Slammer daca rulezi un SQL Server ne-patch-uit).
__________________ a.k.a. windmaster... Antec SX 1040BII system enclosure; Intel Pentium III 550E @ 645MHz; MSI 6163 BXMaster; 1.0GB SDRAM PC133; Quantum Fireball CX13.0A+Western Digital Caviar WD800JB+Western Digital Caviar WD400JB; Plextor PX-W4824A+Plextor PX-716A+Toshiba DVD-Rom SD-M1612; Genius SP-G16+Tesla Sound System on Sound Blaster Live! Player 1024; Philips Brilliance 107P20 on Gigabyte Ati Radeon 7000E 32MB DDR; Microsoft Wireless Laser Desktop 6000. | ||
|
|
21-03-2004, 17:05
| #6 (permalink) | ||
| Registered User Join Date: Jan 2002 Location: Bucuresti |
Era un worm care folosea un exploit in firewall : http://xforce.iss.net/xforce/alerts/id/167 BlackICE Witty Worm Propagation Synopsis: ISS X-Force has learned of a worm that is spreading via the ICQ parsing vulnerability in ISS products that was announced on March 18th. The worm targets unpatched versions of the BlackICE PC Protection product. If a vulnerable system is infected, the Witty worm attempts to propagate by scanning random IP addresses. The Witty worm progressively writes junk data to physical hard drives after transmitting 20,000 packets, causing data damage. Impact: The Witty worm uses hard-coded addresses and only has the ability to infect certain builds of the Protocol Analysis Module (PAM). The Witty worm is destructive to the target system, and overwrites key hard disk sectors after sending out its payload. The junk data written to disk may impact system stability and cause a "blue screen" to occur upon reboot. The Witty worm only infects specific builds of PAM listed below, and can only infect Win32 systems. Affected Versions: BlackICE™ Agent for Server 3.6 ebz, ecd, ece, ecf BlackICE PC Protection 3.6 cbz, ccd, ccf BlackICE Server Protection 3.6 cbz, ccd, ccf RealSecure® Network 7.0, XPU 22.4 and 22.10 RealSecure Server Sensor 7.0 XPU 22.4 and 22.10 RealSecure Desktop 7.0 ebf, ebj, ebk, ebl RealSecure Desktop 3.6 ebz, ecd, ece, ecf RealSecure Guard 3.6 ebz, ecd, ece, ecf RealSecure Sentry 3.6 ebz, ecd, ece, ecf http://securityresponse.symantec.com...itty.worm.html | ||
|
 |
|
| Thread Tools | |
| |
de fiecare data.
