Paul,
Did you have the persistent sniffer.exe running when this log was generated?
Groet, (regards)
--
ing. Michiel Prins bsc [EMAIL PROTECTED]
SOS Small Office Solutions / Reject /
Wannepad 27 - 1066 HW -Amsterdam
t.+31(0)20-4082627 -
At 08:08 PM 3/17/2004, you wrote:
What is the number after Polled waited:
That is the number of milliseconds the persistent server waited to poll the
working directory for more jobs. This number will increase each time no
jobs are found. When a job is found the persistent server will not wait
We have just added a rule for the Bagle.Q worm derived from data at the
following link:
http://www.auscert.org.au/render.html?it=3957
The rule should be present in your next update.
A full rule-base compile is under way.
Thanks!
_M
This E-Mail came from the Message Sniffer mailing list. For
Ok, I think I did it. Only took a minute (thanks Bill). Here are some
more precise directions, but consider them to be "beta" directions
(please correct them if you find a problem):
1) Install the Windows 2000 Resource Kit, or download
and install the INSTSRV.exe and SRVANY.exe files in a
Pete,
Although inconclusive, some screen caps of Task Manager seems to show a
dramatic reduction in many of the peaks with the service turned on.
It's hard to tell the exact impact due to the virus scanners not always
being called, and SKIPIFWEIGHT settings disabling a mountain of custom