On Wed, 27 Jun 2001, [EMAIL PROTECTED] spewed into the ether:
> Lately my network has been swamped!! Cut off our internet connection. Then
> after probing our network it turns out some computers had TONS of CMD.exe and
> PING.exe running!!! These boxes were PINGing like crazy killing the network.
cmd.exe? Sounds like ye old IIS Unicode exploit thats been floating
around for months now. I think this was referenced on the incidents
list at securityfocus also.
> Has anyone encountered this or can point me to how we got it and how
> to rectify it?
Rebuild your machines, then apply all relevant patches. Use the
securityfocus hardening scripts.
Devdas Bhagat
--
poverty, n.:
An unfortunate state that persists as long
as anyone lacks anything he would like to have.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
